Security Incidents mailing list archives
Re: backdoor or bot?
From: Daniel Wittenberg <daniel-wittenberg () UIOWA EDU>
Date: Wed, 27 Dec 2000 11:46:29 -0600
Are there any good tools out there to scan a network for some of these known backdoors/trojans? Preferably something GPL and Linux, but anything known would be nice... Dan
From: Jon Lewis <jlewis () LEWIS ORG> Reply-To: jlewis () LEWIS ORG Date: Tue, 26 Dec 2000 22:23:49 -0500 To: INCIDENTS () SECURITYFOCUS COM Subject: backdoor or bot? I've noticed this on a few systems recently while scanning people back who've been caught scanning for various services on certain networks I manage. $ telnet 211.118.21.87 22546 Trying 211.118.21.87... Connected to 211.118.21.87. Escape character is '^]'. Property of PainKeeper ! Use with extreme care... ...incoming shell... painkeeper login: My guess is, this is a backdoor. ---------------------------------------------------------------------- Jon Lewis *jlewis () lewis org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- backdoor or bot? Jon Lewis (Dec 27)
- Re: backdoor or bot? Robert van der Meulen (Dec 27)
- Re: backdoor or bot? Dave Dittrich (Dec 27)
- Re: backdoor or bot? Daniel Wittenberg (Dec 27)
- Re: backdoor or bot? Aviram Jenik (Dec 27)
- Re: backdoor or bot? Mark Symonds (Dec 28)
- Re: backdoor or bot? George Milliken (Dec 28)
- Re: backdoor or bot? Mark Collins (Dec 28)
- <Possible follow-ups>
- Re: backdoor or bot? Jon Lewis (Dec 27)
- Re: backdoor or bot? Patrick Oonk (Dec 28)
- Re: backdoor or bot? Calhoun, Heath (Dec 27)
- Re: backdoor or bot? Robert van der Meulen (Dec 27)