How to detect a trojan on a Unix server?
From: Ryo Furue (furufuru@ccsr.u-tokyo.ac.jp)Date: 05/30/02
- Next message: quentyn@fotango.com: "Re: secure UNIX log server"
- Previous message: Tom St Denis: "Re: ANTISEC IS NOT FOR YOU"
- Next in thread: Juergen P. Meier: "Re: How to detect a trojan on a Unix server?"
- Reply: Juergen P. Meier: "Re: How to detect a trojan on a Unix server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: furufuru@ccsr.u-tokyo.ac.jp (Ryo Furue) Date: 29 May 2002 21:50:04 -0700
Hi there,
A user reported that when she connected to our FTP server, the Norton
security software on her PC said that the PC got a Trojan attack from,
say, 1.11.11.111 (This is a fictious IP address), which is the FTP
server's IP address. I'm worried because I'm an admin of the server.
Does this mean that the server has some malicious software installed
which scans the ports of hosts connecting to it? How can I examine
what's going on? Could some kind soul refer me to some information
sources? The server is a Sun Ultra 1 with Solaris 2.5.1.
Thank you for your attention,
Ryo
- Next message: quentyn@fotango.com: "Re: secure UNIX log server"
- Previous message: Tom St Denis: "Re: ANTISEC IS NOT FOR YOU"
- Next in thread: Juergen P. Meier: "Re: How to detect a trojan on a Unix server?"
- Reply: Juergen P. Meier: "Re: How to detect a trojan on a Unix server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
