-
May 5th, 2004, 12:39 PM
#1
Junior Member
What's a BackDoor?
Hi all
What is a Backdoor?
How does it work?
How to find out the Backdoor present in the system? Both Unix and Windows.
Stay Tuned
-
May 5th, 2004, 12:39 PM
#2
Junior Member
What's a BackDoor?
Hi all
What is a Backdoor?
How does it work?
How to find out the Backdoor present in the system? Both Unix and Windows.
Stay Tuned
-
May 5th, 2004, 12:48 PM
#3
A backdoor is basically a very generic term for a way for an intruder to get in to another system. It can work in a number of ways, either being left in code, or a trojan, etc. Well, you last question is a little tougher. If the backdoor is a trojan, then chances are it will show up on a virus scan. But if it is embedded in the code of a legitimate app (wasnt there one in redhat a couple years ago, pirhana or something?) then you might have a problem, because it will be a little harder to find. Google it. Sorry, i gotta go to school.
slick
\"Look, Doc, I spent last Tuesday watching fibers on my carpet. And the whole time I was watching my carpet, I was worrying that I, I might vomit. And the whole time, I was thinking, \"I\'m a grown man. I should know what goes on my head.\" And the more I thought about it... the more I realized that I should just blow my brains out and end it all. But then I thought, well, if I thought more about blowing my brains out... I start worrying about what that was going to do to my goddamn carpet. Okay, so, ah-he, that was a GOOD day, Doc. And, and I just want you to give me some pills and let me get on with my life. \" -Roy Waller
-
May 5th, 2004, 12:48 PM
#4
A backdoor is basically a very generic term for a way for an intruder to get in to another system. It can work in a number of ways, either being left in code, or a trojan, etc. Well, you last question is a little tougher. If the backdoor is a trojan, then chances are it will show up on a virus scan. But if it is embedded in the code of a legitimate app (wasnt there one in redhat a couple years ago, pirhana or something?) then you might have a problem, because it will be a little harder to find. Google it. Sorry, i gotta go to school.
slick
\"Look, Doc, I spent last Tuesday watching fibers on my carpet. And the whole time I was watching my carpet, I was worrying that I, I might vomit. And the whole time, I was thinking, \"I\'m a grown man. I should know what goes on my head.\" And the more I thought about it... the more I realized that I should just blow my brains out and end it all. But then I thought, well, if I thought more about blowing my brains out... I start worrying about what that was going to do to my goddamn carpet. Okay, so, ah-he, that was a GOOD day, Doc. And, and I just want you to give me some pills and let me get on with my life. \" -Roy Waller
-
May 5th, 2004, 12:52 PM
#5
It's the same as a house. A house has a front door. This door is usually well protected and locked. The backdoor is sometimes left open.
But seriously it's a small program that listens on a certain port and it gives the bad guys a way to enter your system without being blocked by the normal security measures.
There's a way to find out what port is 'listening'. You can use the same command on *nix and windows:
netstat -an look for ports that have the status LISTEN.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
May 5th, 2004, 12:52 PM
#6
It's the same as a house. A house has a front door. This door is usually well protected and locked. The backdoor is sometimes left open.
But seriously it's a small program that listens on a certain port and it gives the bad guys a way to enter your system without being blocked by the normal security measures.
There's a way to find out what port is 'listening'. You can use the same command on *nix and windows:
netstat -an look for ports that have the status LISTEN.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
May 5th, 2004, 01:42 PM
#7
Senior Member
So, If i see some suspecious ip as LISTENING, how do I stop it ?
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
-
May 5th, 2004, 01:42 PM
#8
Senior Member
So, If i see some suspecious ip as LISTENING, how do I stop it ?
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
-
May 5th, 2004, 01:57 PM
#9
Originally posted here by XNikon
So, If i see some suspecious ip as LISTENING, how do I stop it ?
It depends what is listening. On windows you'll need a utility called fport. On Freebsd (maybe linux too) you can use the command sockstat. Both commands will tell you the process that is listening on that port.
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
These are the states a tcp connection can be in.
http://support.microsoft.com/default...;EN-US;q137984
http://www.faqs.org/docs/iptables/tcpconnections.html
Oliver's Law:
Experience is something you don't get until just after you need it.
-
May 5th, 2004, 01:57 PM
#10
Originally posted here by XNikon
So, If i see some suspecious ip as LISTENING, how do I stop it ?
It depends what is listening. On windows you'll need a utility called fport. On Freebsd (maybe linux too) you can use the command sockstat. Both commands will tell you the process that is listening on that port.
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
These are the states a tcp connection can be in.
http://support.microsoft.com/default...;EN-US;q137984
http://www.faqs.org/docs/iptables/tcpconnections.html
Oliver's Law:
Experience is something you don't get until just after you need it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|