Re: Backdoor Trojan IRC

From: r0adh0g (
Date: 07/23/03

Date: Wed, 23 Jul 2003 09:31:15 -0400

Than you for the information!


"Karl Levinson [x y] mvp" <> wrote in message
> Worms by definition spread on their own, usually without any human
> intervention. You should *first* look up the exact name of that
> worm in the virus encyclopedia on the web site of whatever antivirus
> you're using to find out how it spreads, what vulnerabilities and/or
> ports it uses and what else you may need to do to stop it from spreading.
> Sometimes you need a patch.
> However, if you have this one vulnerability, you probably have others, and
> you should close them all, not just this one. Here's how:
> How to tell how you are being compromised:
> How to remove vulnerabilities from your computer:
> [consider this if you have
> hacked]
> You probably don't have a firewall. You need one. A firewall [or
> would also help you see who is doing what. There are free ones:
> There may be some log files somewhere recording this activity, but which
> to inspect depends on which vulnerability is being exploited. So, looking
> up how this worm spreads may help you faster. Some vulnerabilities like
> buffer overflows don't get logged at all.
> "r0adh0g" <> wrote in message
> news:#i0iUJGUDHA.2260@TK2MSFTNGP12.phx.gbl...
> > Could anyone tell me how someone keeps putting this virus on my web
> server?
> > I am using Windows 2000 Server SP3, IIS with FTP and Web service, Front
> Page
> > Extensions.
> > Is there anyway to veiw a log of how/who is doing this?
> >
> > rh
> >
> >