Re: Backdoor Trojan IRC
From: r0adh0g (roadhog_at_nospam.phreaker.net)
Date: Wed, 23 Jul 2003 09:31:15 -0400
Than you for the information!
"Karl Levinson [x y] mvp" <firstname.lastname@example.org> wrote in message
> Worms by definition spread on their own, usually without any human
> intervention. You should *first* look up the exact name of that
> worm in the virus encyclopedia on the web site of whatever antivirus
> you're using to find out how it spreads, what vulnerabilities and/or
> ports it uses and what else you may need to do to stop it from spreading.
> Sometimes you need a patch.
> However, if you have this one vulnerability, you probably have others, and
> you should close them all, not just this one. Here's how:
> How to tell how you are being compromised:
> How to remove vulnerabilities from your computer:
> http://securityadmin.info/faq.htm#re-secure [consider this if you have
> You probably don't have a firewall. You need one. A firewall [or
> would also help you see who is doing what. There are free ones:
> There may be some log files somewhere recording this activity, but which
> to inspect depends on which vulnerability is being exploited. So, looking
> up how this worm spreads may help you faster. Some vulnerabilities like
> buffer overflows don't get logged at all.
> "r0adh0g" <email@example.com> wrote in message
> > Could anyone tell me how someone keeps putting this virus on my web
> > I am using Windows 2000 Server SP3, IIS with FTP and Web service, Front
> > Extensions.
> > Is there anyway to veiw a log of how/who is doing this?
> > rh