From owner-freebsd-security  Thu Aug 27 20:16:30 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA06767
          for freebsd-security-outgoing; Thu, 27 Aug 1998 20:16:30 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from Mercury.unix.acs.cc.unt.edu (mercury.acs.unt.edu [129.120.220.1])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA06703
          for <freebsd-security@freebsd.org>; Thu, 27 Aug 1998 20:16:05 -0700 (PDT)
          (envelope-from john@unt.edu)
Received: from leonardo.cascss.unt.edu (leonardo.cascss.unt.edu [129.120.32.203])
	by Mercury.unix.acs.cc.unt.edu (8.8.8/8.8.8) with ESMTP id WAA06006;
	Thu, 27 Aug 1998 22:15:06 -0500 (CDT)
Received: (from john@localhost) by leonardo.cascss.unt.edu (8.8.8/8.6.9) id WAA11164; Thu, 27 Aug 1998 22:12:27 -0500 (CDT)
From: john <john@unt.edu>
Message-Id: <199808280312.WAA11164@leonardo.cascss.unt.edu>
Subject: Re: bnc
In-Reply-To: <v04003a03b20b8150c04c@[204.141.112.245]> from "Timothy R. Platt" at "Aug 27, 98 06:39:13 pm"
To: tplatt@nethampton.com (Timothy R. Platt)
Date: Thu, 27 Aug 1998 22:12:26 -0500 (CDT)
Cc: freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

We had a breakin on our web server a while back.  It was a very simple
intrusion--they had sniffed a password and just trounced right in.
They installed bnc and it was an irc proxy.  I imagine it was the same
thing.  

> Huh? From the bnc distribution README (bnc is in the FreeBSD ports
> collection, btw):
> 
> 1.INTRODUCTION
>         BNC is a simple program designed to Proxy irc sessions.
>   It is user configurable using the file bnc.conf and includes
>   multi-user, passwords, and other basic necessities.
>          NOW INCLUDES VIRTUAL HOSTS!!! ;P
> 
> 
> This is the only bnc I've seen..
> 
> Tim
> 
> 
> >	Arggh! I just remembered. Gary is correct If you download netcat
> >it comes with some scripts, bnc is one of them. It will listen on a port

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message