13 comments

[ 2.9 ms ] story [ 44.8 ms ] thread
Some time in early 2000s I was following FXP boards and playing with scanning open ports on IP ranges.

Remote-Anything was quite a common way to gain access to someone's computer and turn it into a pubstro.

A lot of people back then were running Windows XP without any password, which meant RA could be used by anyone to connect to their computer and do anything there (for example playing solitaire or displaying "Hello, I am your computer and I just gain conciousness" alert).

I believe a lot of people didn't even know they had RA installed on their computers and running there. It was a nightmare from security standpoint.

Yeah, I can't remember if it was RA or another tool, but some remote admin tools in the late 90s/early 2000s were too easy to install and ended up being used by phishers/scammers; so much so that in the wider context they were seen as hacking tools even though they had valid use cases.

I dont know what the solution is-- have some sort of registration / valid credit card check? (yes, I know that introduces friction and some people will just leave)

I remember Dameware being one of these. I have the same history as parent poster, used to do that whole scanning and turning hosts in to pubstros. Edu and NTT hosts were like gold for us.
Were in you the Scene? How did you hide your warez from the machine owners?
Pretty sure I've seen "RAT" end up being general term for some types of malware due to that.
Reminds me of SlimFTPd. A small, efficient, freeware (now BSD licensed) FTP daemon for Windows that got used for malware purposes, found it's way on to AV lists, and now can't be used.

http://www.whitsoftdev.com/slimftpd/

Is there a place I can readup on the remote-anything architecture? I see there's a master and slave -- do all the slaves dial out to the master and all slave-to-slave communication go through the master (like a turn server), or is it doing something more clever? In that case the master must be configured to accept connections
... It was marked as a virus because it was commonly being used to RAT machines. Cool software, but the response from AVs was entirely warranted.

What a misleading writeup.