The solution was to filter in our main router the "standard" ports for =
Netbus (12345) and BO (31337) both udp and tcp.
Then the only thing to resolve was our users disturbing between them, =
but this is simpler because we know more or less each user profile and =
we can act based upon that.
Hope this helps.
Fernando M. Kiernan
DILHARD S.A.
fkiernan@dilhard.com.ar
http://www.dilhard.com.ar
-----Original Message-----
From: ntisp-request@iea-software.com
[mailto:ntisp-request@iea-software.com]On Behalf Of MikeK@NetDotCom
Sent: Friday, February 19, 1999 12:14 PM
To: ntisp@iea-software.com; ISP Tech
Subject: [NTISP] Opinion on Netbus/BO
My ISP has received 2 complaints from different people complaining that =
one
of my users is using netbus to attempt access to their systems. Both
complaints finger the same user different days though.
After the first complaint, I sent a notice to the user and this is the
response I got back. I am not that familiar with Netbus and want to =
know if
the customer sounds legit or is he blowing me off?
<Customer Response>
I've recieved the same messages myself and i have found that these
people are mistaking the netbus scanner in the script I use as an actual
attempt to connect with them. And i also get the complaints when i use
netbuster to protect myself from similar problems. I dont have any of
those types of programs nor do i have any use for them. I understand
your concern..I am sysop in a few chat rooms so i have to use some type
of protection from the people we have problems with. I've found that
most of the complaints i get are from people who simply just dont know
what they are seeing when they are scanned. I apolagize for any problems
that may arise from it .. but i do need to protect myself from those
programs also.
</Customer Response>
Mike K
For more information about this list, including removal,
see this url: http://www.iea-software.com/maillist.html
For more information about this list, including removal,
see this url: http://www.iea-software.com/maillist.html