Nemesis 1.1 FAQ
---------------
Program made by STeRoiD.
FAQ written by R a v e N and STeRoiD.

1) What does Nemesis do?
2) Is Nemesis freeware?
3) What is the origin of it's name?
4) What are RATs?
5) How can I remove them?
6) How can I view all open connections on my PC?
7) Will there be a Unix version of Nemesis? May I make one myself?
8) When can Nemesis 1.1 scan for BO (locally and remotely) and when it cannot?
9) Why am I limited on the amount of ports I can listen to?
10) About Nemesis 1.2 (future implementations).


1) What does Nemesis do?

Nemesis does the following:
(a) Listens to RAT ports and detects incoming connections, thus allowing you to catch people who play with RATs and try to "hack" or "0wn" your computer.
(b) Scans local/remote computers for open ports that might belong to RATs.
(c) Let you specify ports that you don't want to be scanned.
(d) Let you specify ports to listen to (in order to detect intruders).
(e) Multi-socket scanning (multiple connections at once. Results in faster scanning).
(f) Lets you view a whole list of trojan ports.

2) Is Nemesis freeware?

Yes.

3) What is the origin of it's name?

The concept of the trojan horse is taken from the siege on Troy, when the Greek built a giant wooden horse, put lots of soldiers inside and then placed the horse near the walls of Troy. When the Trojans woke up in the morning, they saw the horse and found a note that said that the Greek have surrendered, and they left this "present" to the Trojans as a sign of defeat.
The Trojans pulled the horse into their city, and the soldiers snuck out of it under the cover of night and took over Troy from the inside.

Nemesis is the Greek goddess of revenge.
At first, we wanted to create an anti-script kiddies tool that detects lamers who try to "hack" or "0wn" your computer using Netbus, BO and other RATs.

4) RAT stands for Remote Administration Trojan. A RAT is a program that, like a usual trojan horse, does not do what it is supposed to do.
Now, a RAT is a trojan horse program that also lets other people gain control over your computer. Some people do this kind of stuff because they think they're "hackers". This does not require any skill, therefore it does not make you a real hacker. Besides, most hackers don't just destroy or crack into things. Instead, they find security vulnerabilities and fix them (the original term "hacker" meant "a person who knows a lot about computers", but it has changed in the past decades).
So anyway, these RATs open a port on your computer. Then, anyone with the client program can send commands to the RAT, and the RAT will run them on your computer.

5) How can I remove them?

The best program for removing RATs is "The Cleaner". Current versions clean hundreds of RATs.
The latest version can be found at www.homestead.com/moosoft
However, it takes a lot of time to do a full scan using The Cleaner, and it doesn't listen to RAT ports and does the other things Nemesis can do.

6) How can I view all open connections on my PC?

Easy. Simply type 'netstat -a' (without the quotes) in a Unix Terminal/DOS window

7) Probably. If you want to help us making one, please contact R a v e N at barakirs@netvision.net.il.

9) Nemesis 1.1 can locally or remotely scan for the BO RAT only when it has a TCP port open. If it uses UDP only (versions earlier than BO2K), it cannot be detected by this version of Nemesis. 

10) This all is for your own good. Listening to too many ports will result in overloading your computer.

11) Nemesis 1.2 will have some new options, such as:
(a) Specify your own ports for the scanning procedure (both local and remote).
(c) Nicer splash screens ("starting screen").

----------------------------
Nemesis 1.1 Made STeRoiD. 
Icq:15039767
http://blacksun.box.sk
