From: Andreas Junestam (andreas@atstake.com)
Date: Mon May 13 2002 - 12:18:06 EDT
Hi Parth,
Whoa, Im surprised to see that people actually are using it! :) Cool
bd has moved on and become bd2, with some new features:
* Injects itself as a dll under services.exe
* New, "stealthy" reboot protection
* Kernel driver to hide the backdoor files from userspace
The rest is still done the same way as before...
But, this hasn't been worked on for 4-5 months, so Im no 100% about the
current build state. Drop me an e-mail if you want a copy of it, since
it is not currently posted to any web-space. Will be posted on
darklab.org
sometime in the future (read: when I finaly have some spare time for
it.. :) )
Regards
Andreas
Parth Galen wrote:
>
> Does anyone know where I can get a copy of bd? It was at labs.defcom.com/releases/bd/ but is no longer there. I am wanting to use this rather than nc in a pentest to prove the point that local portscanning as an intrusion detection method is not enough.
>
> Cheers,
> Parth
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT