Re: ServUDaemon?? What is this?

From: Alun Jones (alun@texis.com)
Date: 03/04/03 

From: alun@texis.com (Alun Jones)
Date: Tue, 04 Mar 2003 14:36:13 GMT

In article <31e90824.0303031931.212b3e3@posting.google.com>,
mcleanap@rogers.com (News) wrote:
>Well....I scanned as much as I could...and couldn't find anything
>strange. I have some trojan scanners and they couldn't find
>servUDaemon either. I am running IIS, but not FTP...could they still
>be able to hack into my computer?

Though it may pain me(*) to admit it, Serv-U is not a trojan. This is why it
is not flagged by your trojan scanner. Serv-U is a legitimate FTP server, and
its author frequently expresses how livid he is that it has become the tool of
choice for crackers, pirates and pornographers alike.

As for how they got in, that's a matter of forensics. It's clear that they
_did_ get in, because you have a running copy of "servudaemon.exe". Start by
deleting all copies of that executable!

Alun.
~~~~
(*) Serv-U is, at least when sold for legitimate use, one of our competitors.

[Please don't email posters, if a Usenet response is appropriate.] 

-- 
Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place   | http://www.wftpd.com or email alun@texis.com
Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for XP/2000/NT.
Loading