James,
One more thing on this - It is possible that port 12345 is open for
something you've installed on all of your clients such as Trend's
OfficeScan. There are other programs which may listen on this port as
well. Something else to consider anyway.
_________________
Dave Poskevich, MCSE
Systems Administrator
PRECISION MACHINE AND MANUFACTURING COMPANY
"James Piper"
<admin@meco-inc.c To: <vantage@yahoogroups.com>
om> cc:
Subject: [Vantage] OT - Network Backdoor
02/19/2003 03:20
PM
Please respond to
vantage
I have run a program on my Admin Machine called GFI Languard Network
Scanner. This program scans your network and tells you EVERYTHING about
the systems on your network.
When I gathered information on all the pc's on my network It tells me
that almost all the Windows 2000 boxes on my network have a backdoor on
them
The back door is called Netbus (12345) and has a open port on the
machines of 12345
I have Pest Patrol, Adware, Sybot and Aluria's SpyWare Eliminator I
have run all these programs on a couple of test machines and they do not
find this.
Also
I have searched the internet and found some registry keys to check
But they come up empty as well
I need help with this
Anyone?
James Piper - Systems Administrator
MECO, Inc
2121 S. Main St
Paris, IL 61944
(217) 465-7575 ext 201
Fax (217) 465-5230
Email: <mailto:admin@...> admin@...
[Non-text portions of this message have been removed]
Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This document should only be read by those persons to whom it is
addressed and is not intended to be relied upon by any person without
subsequent written confirmation of its contents. Accordingly, PRECISION
MACHINE AND MANUFACTURING COMPANY disclaims all responsibility and accepts
no liability, including in negligence, for the consequences for any person
acting, or refraining from acting, on such information prior to the receipt
by those persons of subsequent written confirmation.
If you have received this E-mail / Fax message in error, please
notify PRECISION MACHINE AND MANUFACTURING COMPANY immediately by
telephone. Please also destroy and delete the message.
Contact:
By Phone: Systems Administrator at (515)-733-5181
By Email: sysadmin@...
Any form of reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication of this E-mail / Fax message
is strictly prohibited.
One more thing on this - It is possible that port 12345 is open for
something you've installed on all of your clients such as Trend's
OfficeScan. There are other programs which may listen on this port as
well. Something else to consider anyway.
_________________
Dave Poskevich, MCSE
Systems Administrator
PRECISION MACHINE AND MANUFACTURING COMPANY
"James Piper"
<admin@meco-inc.c To: <vantage@yahoogroups.com>
om> cc:
Subject: [Vantage] OT - Network Backdoor
02/19/2003 03:20
PM
Please respond to
vantage
I have run a program on my Admin Machine called GFI Languard Network
Scanner. This program scans your network and tells you EVERYTHING about
the systems on your network.
When I gathered information on all the pc's on my network It tells me
that almost all the Windows 2000 boxes on my network have a backdoor on
them
The back door is called Netbus (12345) and has a open port on the
machines of 12345
I have Pest Patrol, Adware, Sybot and Aluria's SpyWare Eliminator I
have run all these programs on a couple of test machines and they do not
find this.
Also
I have searched the internet and found some registry keys to check
But they come up empty as well
I need help with this
Anyone?
James Piper - Systems Administrator
MECO, Inc
2121 S. Main St
Paris, IL 61944
(217) 465-7575 ext 201
Fax (217) 465-5230
Email: <mailto:admin@...> admin@...
[Non-text portions of this message have been removed]
Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This document should only be read by those persons to whom it is
addressed and is not intended to be relied upon by any person without
subsequent written confirmation of its contents. Accordingly, PRECISION
MACHINE AND MANUFACTURING COMPANY disclaims all responsibility and accepts
no liability, including in negligence, for the consequences for any person
acting, or refraining from acting, on such information prior to the receipt
by those persons of subsequent written confirmation.
If you have received this E-mail / Fax message in error, please
notify PRECISION MACHINE AND MANUFACTURING COMPANY immediately by
telephone. Please also destroy and delete the message.
Contact:
By Phone: Systems Administrator at (515)-733-5181
By Email: sysadmin@...
Any form of reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication of this E-mail / Fax message
is strictly prohibited.