Results 1 to 8 of 8

Thread: Smtp

  1. #1


    I am testing a friends gateway. He has a Cisco 3640 VPN/Firewall and behind that a mail server. The Cisco device looks like this with an nmap scan:

    Port State Service
    23/tcp open telnet
    79/tcp open finger
    12345/tcp filtered NetBus
    12346/tcp filtered NetBus

    Any clues as to where to start??

  2. #2
    Join Date
    May 2002
    Im not quite sure but he has probally got the netbus trojen installed. Any one with the client can getinto it so it is very dangerous because there are alot of scanners that scan for that trojen, Iv it really is your friends computer you should tell him to use a virus or trojen scanner to get rid of it.
    If its not broken it can still be inproved.

  3. #3
    Junior Member
    Join Date
    Jun 2002
    trials seems like he's got it but if u connected to this port then he'll most likly need to sort that wall out
    to stop ppl doing that in the first place. one other thing is nmap likes to guess what mite be running on ports like 12345 this could be sub7 netbus or one of 100's more ppl like to set this port it's easy to remember.

  4. #4
    Senior Member
    Join Date
    Nov 2001
    get a trojan cleaner

    turn off finger

    turn off telnet

    unplug all the computers

    find somebody that likes bullshiters

    and learn to dive a tractor-trailer
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Senior Member
    Join Date
    Jul 2001
    Your friend must have one hell of a private network to have a $3,000 router. Personally, I think you are an idiot to ask us to help you hack into a site that you full and well know isn't your friends. If it is, then provide some proof.

    Also, to clarify the other responses that other people made, just because Netbus ports are open on the router doesn't mean that the system behind the firewall has Netbus. And I would venture to say there is an application they are running that is set to listen on port 12345 and that is why they opened up that port on their router. No network admin would be stupid enough to open up a port on a router without a secured service to go along with that open port.

    So in conclusion, don't try to hack computers that don't belong to you, and don't ask stupid questions like, "Can you help me hack this?" Also, this is not a case of Netbus infection, just to let you other posters know, cause the Nmap was done on the network's gateway, not the computer itself, therefore it only shows ports that the administrator has decided to open and forward to internal computers.

    \"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me

  6. #6
    Senior Member
    Join Date
    Jan 2002
    I'm sorry, but this thread sounds a little suspicous if you know what I mean. I seriously doubt someone would have a $4000 router just lying around. And no serious computer users with a Cisco 3640 CPN/Firewall would have the netbus trojan installed.

  7. #7
    Senior Member
    Join Date
    Nov 2001
    exacty, spends big bucks on security then has plain old telnet running then to help everyone find out more about the users on the network includes a finger service. about as believable as a chain letter.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    Senior Member
    Join Date
    Mar 2002
    I agree with both of you. And why would a friend want you to test it? Why would he buy such an expensive router and not know at least how to scan for trojans? I've seen more realistic Fairy Talls...

    -{[ Joe ]}- (Joe@nitesecurity.com)

    [shadow]I\'m Just A Soldier In This War Against Ignorance.[/shadow]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts