Backdoor:Win32/Hackdef.E

• Previous message: Adam Jones: "Re: Scanning Class A network"
• Next in thread: arif.jatmoko_at_sea.ccamatil.com: "Re: Backdoor:Win32/Hackdef.E"
• Maybe reply: arif.jatmoko_at_sea.ccamatil.com: "Re: Backdoor:Win32/Hackdef.E"
• Reply: Marco Monicelli: "Re: Backdoor:Win32/Hackdef.E"
• Maybe reply: Marco Monicelli: "Re: Backdoor:Win32/Hackdef.E"
• Maybe reply: Jeffrey Leggett: "RE: Backdoor:Win32/Hackdef.E"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 26 Oct 2005 19:19:18 +0100
To: pen-test@securityfocus.com

After installing October's MS Malicious Software Removal tool, a
couple of server, one behing a Sonicwall TZ170 firewall have shown he
presence of Win32/Hackdef.E and Win32/Hackdef.T. The MS tools they
have been removed.

Has anyone had any experience with that trojan in terms of detecting
payload etc? Is there a security scanner to check for that specific
vulnerability?

Thanks

Alex

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Previous message: Adam Jones: "Re: Scanning Class A network"
• Next in thread: arif.jatmoko_at_sea.ccamatil.com: "Re: Backdoor:Win32/Hackdef.E"
• Maybe reply: arif.jatmoko_at_sea.ccamatil.com: "Re: Backdoor:Win32/Hackdef.E"
• Reply: Marco Monicelli: "Re: Backdoor:Win32/Hackdef.E"
• Maybe reply: Marco Monicelli: "Re: Backdoor:Win32/Hackdef.E"
• Maybe reply: Jeffrey Leggett: "RE: Backdoor:Win32/Hackdef.E"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Can Somone Tell Me If We Have a Hacker? ... your firewall to never see that stuff again. ... Those types of attacks DO work. ... beginners out there do that stuff thinking no one will find their FTP site. ... FTP server" which is probably not an option. ... (microsoft.public.inetserver.iis.security) Re: Blocking Port scans ... Its kind of hard to block SYN scans as to maintain functionality, ... server has to respond to a SYN with a SYN/ACK. ... > Firewall Assessment for a CISCO PIX firewall. ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test) Re: firewall between game servers and clients ... ports ect and prevent attacks on the game servers.... ... The Gaming software is not written to work over Proxy Based Firewall and is ... You would have to expose the server to run the games,...they would attack ... (microsoft.public.isa) RE: pushing exploits through the Firewall ... pushing exploits through the Firewall ... an external DNS server and has successfully sourced an exploit for the vuln. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... (Pen-Test) Re: CEICW fails at firewall config ... Do you or do you not have ISA 2000 or ISA 2004 installed on the SBS server? ... Do you have 2 NICs in the SBS? ... CEICW fails on firewall configuration every time. ... >>> Call to Creating the protected networks access rule returned ok. ... (microsoft.public.windows.server.sbs)