Re: Backdoor:Win32/Hackdef.E
arif.jatmoko_at_sea.ccamatil.com
Date: 10/27/05
- Previous message: kukulkan: "Re: mac to ip address tools"
- Maybe in reply to: Alex Stender: "Backdoor:Win32/Hackdef.E"
- Next in thread: Marco Monicelli: "Re: Backdoor:Win32/Hackdef.E"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: pen-test@securityfocus.com Date: Thu, 27 Oct 2005 10:03:35 +0700
I think most AV software capable to detect this trojan / backdoor /
rootkit. If M$ removal tool has detected hackdef rootkit, you could cross
check your finding using AV software:
Kaspersky ==> Backdoor.HacDef.xxx
TrendMicro ==> BKDR_HACDEF.xx
CA ==> Win32.HacDef
Symantec ==> Backdoor.HackDefender
McAfee ==> HackerDefender
F-Secure ==> W32/HD.Rootkit.xx
Cheers,
Arif
|+---------------+---------------------------------|
|| Alex Stender| |
|| <alex.stende| To: |
|| r@gmail.com>| pen-test@securityfocus.com |
|| | cc: (bcc: Arif |
|| 10/27/2005 | Jatmoko/IDN/SEA/CCA) |
|| 01:19 AM | Subject: |
|| | Backdoor:Win32/Hackdef.E |
|| | |
|+---------------+---------------------------------|
After installing October's MS Malicious Software Removal tool, a
couple of server, one behing a Sonicwall TZ170 firewall have shown he
presence of Win32/Hackdef.E and Win32/Hackdef.T. The MS tools they
have been removed.
Has anyone had any experience with that trojan in terms of detecting
payload etc? Is there a security scanner to check for that specific
vulnerability?
Thanks
Alex
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
- Previous message: kukulkan: "Re: mac to ip address tools"
- Maybe in reply to: Alex Stender: "Backdoor:Win32/Hackdef.E"
- Next in thread: Marco Monicelli: "Re: Backdoor:Win32/Hackdef.E"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
