Re: [NEW] bugbear_b.nasl

From: Jason Alexander (jason-alexanderat_private)
Date: Mon Jun 09 2003 - 09:28:46 PDT

Next message: Pavel Kankovsky: "Re: [NEW] bugbear_b.nasl"

Previous message: Renaud Deraison: "Re: [NEW] bugbear_b.nasl"
In reply to: Renaud Deraison: "Re: [NEW] bugbear_b.nasl"
Next in thread: Pavel Kankovsky: "Re: [NEW] bugbear_b.nasl"
Reply: Pavel Kankovsky: "Re: [NEW] bugbear_b.nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 08:59 AM 6/9/2003 -0400, you wrote:
>On Mon, Jun 09, 2003 at 01:12:33PM +0200, Vincent Renardias wrote:
> >
> > A new plugin to test for the presence of Bugbear.B's backdoor.
> > (It's currently untested as I don't currently have access to an infected
> > machine.)
> > port = 81; # Not supposed to be on any other port.
> > if(!get_port_state(port))exit(0);
> >
> >
> > url = string(d, '/%NETHOOD%/');
>  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>  What's that ?

I thought that BugBear.B's backdoor was running on port 1080

http://www.idefense.com/public_release/06.05.2003.html

Jason

***************************************************
Jason Alexander
Senior Security Analyst
CIO Office, The University of Iowa
300-28 University Services Building
jason-alexanderat_private / 319-335-6174
***************************************************

Next message: Pavel Kankovsky: "Re: [NEW] bugbear_b.nasl"
Previous message: Renaud Deraison: "Re: [NEW] bugbear_b.nasl"
In reply to: Renaud Deraison: "Re: [NEW] bugbear_b.nasl"
Next in thread: Pavel Kankovsky: "Re: [NEW] bugbear_b.nasl"
Reply: Pavel Kankovsky: "Re: [NEW] bugbear_b.nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 09 2003 - 09:29:29 PDT