Re: Scanning for trojans
From: cdowns (cdowns_at_drippingdead.com)
Date: 04/29/03
- Previous message: Pete Herzog: "RE: Port Scanners / Sniffers Review"
- In reply to: Discussion Lists: "Scanning for trojans"
- Next in thread: Discussion Lists: "RE: Scanning for trojans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Apr 2003 18:10:35 -0400 To: pen-test@securityfocus.com
Is this a windows based trojan ? if so you could write a quick NASL
plugin checking remote registry for this trojan and get network output.
I guess we ( I ) would need more information on the trojan, atleast the
platform OS that you believe is contaminated.
~!>D
Discussion Lists wrote:
>Hi all,
>I have discovered what I believe is a trojan on a port that is a
>non-standard port for that particular trojan, but I want to narrow down
>the possibilities of what it could be. Can anyone suggest a trojan
>scanner that can detect a trojan by simply scanning for open ports, and
>connecting?
>
>Thanks
>
>---------------------------------------------------------------------------
>Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
>world's premier event for IT and network security experts. The two-day
>Training features 6 hand-on courses on May 12-13 taught by professionals.
>The two-day Briefings on May 14-15 features 24 top speakers with no vendor
>sales pitches. Deadline for the best rates is April 25. Register today to
>ensure your place. http://www.securityfocus.com/BlackHat-pen-test
>----------------------------------------------------------------------------
>
>
>
>
>
--
------------------------------------------
Network Security Engineer
http://www.angrypacket.com
Christopher M Downs,RHCE
cdowns@bigunz.angrypacket.com
char ash[]="\x48\x61\x69\x6C\x20"
"\x74\x6F\x20\x74\x68\x65\x20\x4B"
"\x69\x6E\x67";
-------------------------------------------
---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------
- Previous message: Pete Herzog: "RE: Port Scanners / Sniffers Review"
- In reply to: Discussion Lists: "Scanning for trojans"
- Next in thread: Discussion Lists: "RE: Scanning for trojans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
