Possible Trojan?
From: Andy Devine (Dada_at_chaos.fnord)
Date: 07/17/03
- Next message: mto: "Re: Have I been hacked?"
- Previous message: Lee Higdon: "Re: [ISN] Symantec 'security scan' distributes rootkit"
- Next in thread: mto: "Re: Possible Trojan?"
- Reply: mto: "Re: Possible Trojan?"
- Reply: Stefan: "Re: Possible Trojan?"
- Reply: R Green - WoWsat.com: "Re: Possible Trojan?"
- Maybe reply: Frank Murphy: "Re: Possible Trojan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Jul 2003 17:21:52 GMT
This has been happening a lot lately... Does this mean I already have a
trojan that has been undetected?
Thanks,
AD
* * * *
Blocked an outgoing TCP packet. The remote address associated with the
traffic was 81.79.8.64. The remote port was 2234 [ephemeral]. The local
port on your PC was 1243 [Sub-7 (trojan)]. The network adapter for the
traffic was "Intel(R) PRO/100+ Management Adapter".
The binary data contained in the packet was "00 08 20 cb 3c 54 00 02 b3 a1
a2 39 08 00 45 00 00 28 8a 05 40 00 80 06 1e 72 0c d7 eb f2 51 4f 08 40 04
db 08 ba 30 3b 6b 12 02 1c 3d 4d 50 11 fa f0 7a 3e 00 00 ".
- Next message: mto: "Re: Have I been hacked?"
- Previous message: Lee Higdon: "Re: [ISN] Symantec 'security scan' distributes rootkit"
- Next in thread: mto: "Re: Possible Trojan?"
- Reply: mto: "Re: Possible Trojan?"
- Reply: Stefan: "Re: Possible Trojan?"
- Reply: R Green - WoWsat.com: "Re: Possible Trojan?"
- Maybe reply: Frank Murphy: "Re: Possible Trojan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
