Share to: share facebook share twitter share wa share telegram print page

 

NetBus

NetBus
Developer(s)Carl-Fredrik Neikter
Stable release
2.01 Pro
Operating systemMicrosoft Windows,
UNIX-systems (v1.60 client only)
TypeRemote administration
LicenseShareware
Websitewww.tcp-ip-info.de/trojaner_und_viren/netbus_pro_eng.htm Edit this on Wikidata

NetBus or Netbus is a software program for remotely controlling a Microsoft Windows computer system over a network. It was created in 1998 and has been very controversial for its potential to be used as a trojan horse.[1][2]

NetBus was written in Delphi by Carl-Fredrik Neikter, a Swedish programmer in March 1998.[3] It was in wide circulation before Back Orifice was released, in August 1998. The author claimed that the program was meant to be used for pranks, not for illegally breaking into computer systems. Translated from Swedish, the name means "NetPrank".

However, use of NetBus has had serious consequences. In 1999, NetBus was used to plant child pornography on the work computer of a law scholar at Lund University. The 3,500 images were discovered by system administrators, and the law scholar was assumed to have downloaded them knowingly. He lost his research position at the faculty, and following the publication of his name fled the country and had to seek professional medical care to cope with the stress. He was acquitted of criminal charges in late 2004, as a court found that NetBus had been used to control his computer.[4]

There are two components to the client–server architecture. The server must be installed and run on the computer that should be remotely controlled. It was an .exe file with a file size of almost 500 KB. The name and icon varied a lot from version to version. Common names were "Patch.exe" and "SysEdit.exe". When started for the first time, the server would install itself on the host computer, including modifying the Windows registry so that it starts automatically on each system startup. The server is a faceless process listening for connections on port 12345 (in some versions, the port number can be adjusted). Port 12346 is used for some tasks, as well as port 20034.

The client was a separate program presenting a graphical user interface that allowed the user to perform a number of activities on the remote computer. Examples of its capabilities:

  • Keystroke logging
  • Keystroke injection
  • Screen captures
  • Program launching
  • File browsing
  • Shutting down the system
  • Opening / closing CD-tray
  • Tunneling protocol (NetBus connections through a number of systems.)

The NetBus client was designed to support the following operating system versions:

Netbus client (v1.70) works fine in Windows 2000 and in Windows XP as well. Major parts of the protocol, used between the client and server interactions (in version 1.70) are textual.

NetBus 2.0 Pro was released in February 1999. It was marketed commercially as a powerful remote administration tool. It was less stealthy, but special hacked versions exist that make it possible to use it for illegal purposes.

All versions of the program were widely used by "script kiddies" and were popularized by the release of Back Orifice. Because of its smaller size, Back Orifice can be used to gain some access to a machine. The attacker can then use Back Orifice to install the NetBus server on the target computer. Most anti-virus programs detect and remove NetBus.

References

  1. ^ Kulakow, Seth (2001). "NetBus 2.1, Is It Still a Trojan Horse or an Actual Valid Remote Control Administration Tool?". SANS Institute: Reading Room - Malicious Code. Retrieved 2020-03-26.
  2. ^ William (Chuck) Easttom II (18 October 2013). Network Defense and Countermeasures: Principles and Practices. Pearson Education. pp. 262–. ISBN 978-0-13-338438-3.
  3. ^ "NetBus". December 17, 2000. Retrieved 2021-08-01.
  4. ^ "Offer för porrkupp" (in Swedish). Expressen. November 28, 2004. Archived from the original on June 21, 2009. Retrieved May 31, 2007.
  • Information about NetBus — Information from anti-virus vendor F-Secure.
  • lxnb — A NetBUS client for Linux that works with NetBus 1.60.
  • NIL — NIL 0.1b - NIL is a simple Netbus client with a clean interface for Linux.
Kembali kehalaman sebelumnya


Index: pl ar de en es fr it arz nl ja pt ceb sv uk vi war zh ru af ast az bg zh-min-nan bn be ca cs cy da et el eo eu fa gl ko hi hr id he ka la lv lt hu mk ms min no nn ce uz kk ro simple sk sl sr sh fi ta tt th tg azb tr ur zh-yue hy my ace als am an hyw ban bjn map-bms ba be-tarask bcl bpy bar bs br cv nv eml hif fo fy ga gd gu hak ha hsb io ig ilo ia ie os is jv kn ht ku ckb ky mrj lb lij li lmo mai mg ml zh-classical mr xmf mzn cdo mn nap new ne frr oc mhr or as pa pnb ps pms nds crh qu sa sah sco sq scn si sd szl su sw tl shn te bug vec vo wa wuu yi yo diq bat-smg zu lad kbd ang smn ab roa-rup frp arc gn av ay bh bi bo bxr cbk-zam co za dag ary se pdc dv dsb myv ext fur gv gag inh ki glk gan guw xal haw rw kbp pam csb kw km kv koi kg gom ks gcr lo lbe ltg lez nia ln jbo lg mt mi tw mwl mdf mnw nqo fj nah na nds-nl nrm nov om pi pag pap pfl pcd krc kaa ksh rm rue sm sat sc trv stq nso sn cu so srn kab roa-tara tet tpi to chr tum tk tyv udm ug vep fiu-vro vls wo xh zea ty ak bm ch ny ee ff got iu ik kl mad cr pih ami pwn pnt dz rmy rn sg st tn ss ti din chy ts kcg ve 
Prefix: a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 

Portal di Ensiklopedia Dunia

Portal : Agama
Agama
Portal : Bahasa
Bahasa
Portal : Biografi
Biografi
Portal : Budaya
Budaya
Portal : Ekonomi
Ekonomi
Portal : Elektronika
Elektronika
Portal : Film
Film
Portal : Filsafat
Filsafat
Portal : Geografi
Geografi
Portal : Indonesia
Indonesia
Portal : Ilmu
Ilmu
Portal : Lingkungan
Lingkungan
Portal : Masyarakat
Masyarakat
Portal : Matematika
Matematika
Portal : Militer
Militer
Portal : Mitologi
Mitologi
Portal : Musik
Musik
Portal : Olahraga
Olahraga
Portal : Pendidikan
Pendidikan
Portal : Politik
Politik
Portal : Sastra
Sastra
Portal : Sejarah
Sejarah
Portal : Seni
Seni
Portal : Teknologi
Teknologi