Greetings -
I've recently completed development and testing on a new
tool which you can download from our website. It's a lightweight
intrusion/scan detection agent for UNIX and Windows. Specifically,
it's targetted at getting an idea of how much Back Orifice traffic
is out there, and how often people are scanned (answer so far: a lot,
and often) We (law enforcement, me, and a few friends) have already
used it a couple times to bust script-kiddies. It's really useful
as an educational tool for those who think that they're safe or
not a target if they stay dialed-up to the Internet all day.
Source code for a UNIX version is on our web site, along
with a Win-32 executable that has a cool GUI and also detects
port scans and can act as a spoofing server to record Telnet
login attempts, etc. For more information see:
http://www.nfr.net/bof
mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
