[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: [Fwd: INZIDER!]
From: Blue Boar <BlueBoar () THIEVCO ! COM>
Date: 1999-11-20 7:50:10
[Download RAW message or body]
"Joe L. White" wrote:
>
> in the documentation for inzider, it clearly states that the program may need to be \
> run more than once in order to detect all bound ports. i have found mixed results \
> (inconsistent) as to how many processes are detected in each subsequent run of the \
> program.
> original website for tool: http://www.bahnhof.se/~winnt/toolbox/inzider/
> current website: http://ntsecurity.nu/toolbox/inzider/
>
> from the documentation posted at the website:
>
> What is inzider?
>
> This is a very useful tool which lists the current processes in your Windows system \
> and the ports each one listen on. It is written to work on Windows NT and Windows \
> 9x, and I know of no other program which does what inzider does. There have been \
> some stability problems on Windows 9x, which I thought were solved but were still \
> left although not as frequent. In the new version (1.2) I have done a few changes \
> to improve both stability and reliability. I guess there is still much left to wish \
> for, but over all I think inzider is a success, and it's quite popular despite the \
> problems. On Windows NT, inzider is still unable to check processes which are \
> started as services. Yet, it's very useful - for example, check out this page about \
> inzider vs. bo2k (Back Orifice 2000). Keep your eyes open in the future, there will \
> most likely come new improved versions.
> How do I use this tool?
>
> Download the install program file and run it. The install program is created with \
> the freeware (for non commercial use) GkSetup written by Gero Kühn. After \
> installation, run inzider from the Start menu. It will take some seconds and then \
> you will see a list of processes and which ports they listen on. Sometimes all \
> processes aren't listed on the first try. If this happens, close the program and \
> restart it. Repeat this until all processes are shown (which usually takes at most \
> 2-3 tries). To minimize the risks of experiencing problems, please save all unsaved \
> work before running inzider. Also close any valuable documents and similar that you \
> have open. After you finish using inzider, reboot the system to guarantee it's \
> stability.
> also, an faq for the tool is posted here:
>
> http://ntsecurity.nu/toolbox/inzider/faq.shtml
>
> hope this helps,
>
> joe
>
> <<<>>>
>
> Please respond to BlueBoar@THIEVCO.COM@Internet
> To: VULN-DEV@SECURITYFOCUS.COM@Internet
> cc:
> Subject: Re: INZIDER!
>
> Wolfgang Gassner wrote:
> >
> > INZIDER???
> >
> > This prog isnt working good, maybe its a kind of new
> > Trojan or Virus!!!!!
>
> Any reason to suspect that, or is this wild speculation?
>
> > I tested it running Netbus and Back Orifice on it and it doesnt
> > detected it!!
>
> ... Implying that you thought it was a carrier for Netbus or BO??
>
> >
> > It only gives some Information on Port 135, 139 ....
>
> Which is what it's supposed to do, right? Did it miss some ports?
>
> >
> > I believe the best an reliable way to determine which port is open
> > is netstat -an !!!
> >
>
> How about posting a comparison output from the two on your machine?
>
> BB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic