Installing Sub7 On Yourself

[gOm]

If I were to install the sub7 server on myself with a password, wouldn't that keep me secure from it? Or is it relatively easy for someone else to retrieve the server password?


I use a firewall and such, this is just something I've been curious about for a while

[cwk9]

Sub 7 password can be buter forced. If you want to install the server you can do a loop back and connect to 127.0.0.1 with the client. I wouldn't install sub 7 at all unless you disconect from the internet and format the comp when your done. Sub7 is the poster boy for script kiddie tools you might find you time better spent messing around with netcat.

http://www.gotthegeek.com/sub7.shtml

[slarty]

I suppose you could install it on a test machine behind a firewall to test its capabilities...

If subseven is distributed in binary format only, you'd better hope it only does what the authors claim, because if it does anything *else*, then you've only got yourself to blame if it sends all your keylogs to god-knows-who

Subseven is a piece of mal-ware. If it turned out to contain a trojan as well, that would be quite ironic (especially seeing as lots of people incorrectly refer to it as a trojan)

[journy101]

You definately want to limit who can connect to it, you can create rules in your firewall settings to block all but localhost. passwords can be brute forced as mentioned previously, useing strong passwords is recomended. All my passwords are always at least 6 characters long, do not contain any real words, and have at least 2 numbers.

[gOm]

I don't plan on actually doing it, I just thought it would be funny if installing it on yourself would protect you from anybody else trying to give it to ya

[cwk9]

Just for fun you can always run a fake sub 7 server. Just stop by some script kiddie irc channels and see who connects.

http://www.winsite.com/bin/Info?500000019947
http://eng.heldimzelt.de/

[|The|Specialist]

Originally posted here by gOm
I don't plan on actually doing it, I just thought it would be funny if installing it on yourself would protect you from anybody else trying to give it to ya

Hummm.... what the hell. That won't protect you at all infact if you put a sub7 server on your box then you are actually doing half the work for kiddies who want to poke around in your comp. Even if your infected with like 10 of the same backdoors many come with editors to change what ports and regkeys it'll use... or alot of times they can automaticly find and use other ports & reg besides the default so they won't conflict with other existing maleware/normal software. Haveing these things pre-installed won't "protect" you at all, man.

[n01100110]

Heh , well if you want a form of a joke , what you can do is grab yourself a copy of netcat and run the following.
nc -L -v -p 27374 -e whatever.bat
for whatever.bat , all you would have to do is write a batch file containing a nasty message to the kiddies.

[(V)/\><]

especially seeing as lots of people incorrectly refer to it as a trojan)

i'll just make a technical distinction.

a trojan horse is a program that appears to do one thing, but actually is designed to do something else. it could appear to delete everything on your hdd, but secretly it could be adding money to your bank account - still a trojan.

a trap/back door is a piece of software that allows a person or persons, who are aware of its existence, to gain access to a ``system'' in an unconventional way that they are more than likely not authorised to access. and a system doesn't have to be a computer...go figure.

its just happens to be convienent for certain people to combine these two forms of threat into one. a distinction is clearly visible.

[ha-lf]

Does anybody know a scriptkiddie irc channel, I want to try the netcattrick.