RE: Scanning for trojans
From: Discussion Lists (discussions_at_lagraphico.com)
Date: 04/29/03
- Previous message: Eric: "Re: Scanning for trojans"
- Maybe in reply to: Discussion Lists: "Scanning for trojans"
- Next in thread: Rob Shein: "RE: Scanning for trojans"
- Reply: Rob Shein: "RE: Scanning for trojans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Apr 2003 15:05:49 -0700 To: "Eric" <ews@tellurian.net>, <pen-test@securityfocus.com>
Thanks, but in my case I don't have local access to the machine, so it
would be helpful to find a way to identify it remotely. I am beginning
if such an animal actually exists?
Thanks
> -----Original Message-----
> From: Eric [mailto:ews@tellurian.net]
> Sent: Monday, April 28, 2003 2:26 PM
> To: Discussion Lists; pen-test@securityfocus.com
> Subject: Re: Scanning for trojans
>
>
> map the open port back to the executable that launched it.
>
> ...Microsoft specific advice...
> If on Win2K, use fport from foundstone. If XP, try fport, or
> do netstat
> -on and map the PID back to the executable.
>
> At 10:19 AM 4/27/2003 -0700, Discussion Lists wrote:
> >Hi all,
> >I have discovered what I believe is a trojan on a port that is a
> >non-standard port for that particular trojan, but I want to
> narrow down
> >the possibilities of what it could be. Can anyone suggest a trojan
> >scanner that can detect a trojan by simply scanning for open
> ports, and
> >connecting?
> >
> >Thanks
> >
> >-------------------------------------------------------------
> ----------
> >----
> >Attend Black Hat Briefings & Training Europe, May 12-15 in
> Amsterdam, the
> >world's premier event for IT and network security experts.
> The two-day
> >Training features 6 hand-on courses on May 12-13 taught by
> professionals.
> >The two-day Briefings on May 14-15 features 24 top speakers
> with no vendor
> >sales pitches. Deadline for the best rates is April 25.
> Register today to
> >ensure your place. http://www.securityfocus.com/BlackHat-pen-test
> >-------------------------------------------------------------
> ---------------
>
>
>
---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------
- Previous message: Eric: "Re: Scanning for trojans"
- Maybe in reply to: Discussion Lists: "Scanning for trojans"
- Next in thread: Rob Shein: "RE: Scanning for trojans"
- Reply: Rob Shein: "RE: Scanning for trojans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
