site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Port 137 Scans or 'Intro to Basic Forensics'

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
Reviews:
·Shaw

reply to mens rea

Re: Port 137 Scans or 'Intro to Basic Forensics'

The ping -A example given above were an example of how Windows uses the 'root/system' netbios process to send out a hostname request via source port 137.

Basically how Opaserv works is it uses a nbtstat -A like command send using dynamically allocated UDP port to see if any shares are available. It then attempts to connect to those shares in order to copy its payload onto the victim's system and update their registry such that the payload will be run on next boot up. There are some other enhancements that it uses to connect, for example it can get around fileshare passwords on unpatched Windows 98 systems due to a vul in its fileshare security.

Blake
to forum · permalink · 2003-02-15 22:05:44 ·
Forums > Broadband Tech > Security > Security

Sunday, 03-Jun 10:10:42 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics