1. Forum
  2. FidoNet
  3. OS2BBS

  • Using BBS to spread trojans

    From Jack Troughton@1:117/3001 to All on Tue Jun 5 05:13:02 2001
    Hi Guys!

    Well, this whole FIDO thing is pretty cool...

    At any rate, after poking around a bit on Mike Luther's BBS, it would seem to me that the easiest way to pass an OS/2 trojan around would be by distributing modified installation routines. Since most install routines are written in REXX, it would be very easy to add in a bit of code to go get the trojan and install it along with the legitamate program. However, it should be pretty easy
    to catch; just grep the install prog for RXFTP (as it would be used to go get the trojan) and if found, examine the code to see what it's getting...

    Regards,

    Jack


    --- Maximus/2 3.01
    * Origin: Ziplog Public Port (1:117/3001)
  • From Jonathan de Boyne Pollard@2:440/4.3 to Jack Troughton on Wed Jun 6 18:35:42 2001
    Well, this whole FIDO thing is pretty cool...

    Indeed. Grab yourself one of the several door, message scanning/tossing, and messagebase reader softwares for OS/2 and set yourself up as a point.

    ( I gather that some people point over TCP/IP. Looking at the relative costs of calls to ISPs and direct FTN calls on my telephone bills over the past few years, I personally don't see any merit in doing this. )

    » JdeBP «

    --- FleetStreet 1.22 NR
    * Origin: JdeBP's point, using Squish <yuk!> (2:440/4.3)
  • From Gord Hannah@1:17/23.1 to Jack Troughton on Sat Jun 9 22:45:28 2001
    Replying to a message from Jack Troughton 1:117/3001 to All,

    About Using BBS to spread trojans, On Tue Jun 05 2001

    Well, this whole FIDO thing is pretty cool...

    You could ask Mike if he would set you up as a point, I know of a couple of easy solutions to do the point thing, one is PPoint, relatively easy to setup,
    I have a point system setup with Binkley, Squish, and Timed all freeware. I also have the .cmd file to run this combination. The only thing left after all
    this is setup is if you decide you want to become a full blown BBS is to add your favourite BBS package. For transmittal and receiving over the internet IRex will do the job just nicely.

    BTW welcome to Fido.

    Hope this helps. Keep us posted.

    We are a fine board trying to make it better.
    http://www.pris.bc.ca/ghannah
    ghannah@pris.bc.ca
    Cheers! Gord
    -=Team OS/2=-
    --- timEd/2 1.10.y2k+
    * Origin: Marsh BBS (c) [Dawson Creek BC Canada] 1-250-786-7921 (1:17/23.1)
  • From Darin McBride@1:250/102 to Jonathan de Boyne Pollard on Mon Jun 11 15:46:46 2001
    Hello Jonathan!

    Replying to a message of Jonathan de Boyne Pollard to Jack Troughton:

    Well, this whole FIDO thing is pretty cool...

    JdBP> Indeed. Grab yourself one of the several door, message
    JdBP> scanning/tossing, and messagebase reader softwares for OS/2 and set
    JdBP> yourself up as a point.

    JdBP> ( I gather that some people point over TCP/IP. Looking at the
    JdBP> relative costs of calls to ISPs and direct FTN calls on my
    JdBP> telephone bills over the past few years, I personally don't see any
    JdBP> merit in doing this. )

    Since local calls are free in N. America (Zone 1), and possibly elsewhere, I used to get my 'local' feed over TCP/IP (the guy I got it from was a local 'free' call). But I could download from him at 44k (rarely got much faster than the 33.6k I would get direct). And, most importantly, I didn't tie up his
    line, and I didn't get busy signals nearly as often.

    Now, however, I don't even have my modem turned on. No phone line for it. Just the cablemodem, and all my fido feed is via the internet.

    Darin

    ---
    * Origin: Tanktalus' Tower BBS (1:250/102)