Re: New trojan running in port 12345?

["Edwards, David (JTD)" <Edwards.David2 () SAUGOV SA GOV AU>]

Hi,

claymore wrote:
> You have GOT to be kidding...An Anti-virus product that
> listens on one of the most well know trojan ports in
> existance?

Tell me about it.  I found out during a forensic analysis of a
box and I spent hours trying to sus out which version of
NETBUS it was as I didn't want to modify the running system.

OfficeScan has a fact sheet on how to change the port if anyone
is interested.

<dummy spit>
And please, please please turn off those bloody "out of office"
responders folks, or at least filter the senders that need to
see them.  It doesn't encourage people to post to this list
if they get spammed in return by inconsiderate members.

Moderator:
Perhaps a prefix in the subject line would help people set up
rules for auto-response or maybe set "reply-to" in the msgs so
the auto-responses can be filtered out.
</dummy spit>

ciao
dave
---
Dave Edwards
Justice Technology Division
Ph: +61 8 82265426 || 0408 808355
mailto: edwards.david2 () saugov sa gov au
Snail : Justice Technology Division
        GPO Box 2048, Adelaide 5001
---
The information in this e-mail may be confidential and/or legally
privileged.  Use or disclosure by anyone other than the intended
recipient is prohibited and may be unlawful.  If you have received
this e-mail in error, please advise me immediately
---