RE: cracking tool named 'nc' ?

Thu, 10 Jul 2003 16:37:15 -0700 

Hi,
the intruder used a widely known tool called "nc" which is short for NetCat
(as in 'cat' in UNIX)...You can use it to run any program of a TCP port on
the computer your runnning in on... Very useful if you want an extra shell
without a login... ;-)

Have a look at
http://www.atstake.com/research/tools/network_utilities/nc110.txt
for more information...

_______________________________________________
Mikael Björn
Freelance Security/Infrastructure Consultant

mail: [EMAIL PROTECTED]
WWW: http://mibj01.dyndns.org
_______________________________________________ 


-----Original Message-----
From: Matt Hunter [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 10, 2003 8:11 PM
To: [EMAIL PROTECTED]
Subject: cracking tool named 'nc' ?



Hi,

    I recently had my linux worstation broken into.  The cracker created 
a directory and placed two executables in it.  One was called 'zap' - 
which I've since found out is used to clean up log files before the 
cracker logs out.  The other one was called 'nc'.  I can't find any 
information on this program.  Does anyone out there know what it's used for?

Thanks :)

-Matt


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Reply via email to