Nmap Development mailing list archives
Re: GSoC 2011 My Two Ideas
From: Jonathan R <agentsmith15 () gmail com>
Date: Tue, 22 Mar 2011 12:03:10 -0500
Hey Eugene,
From what I have seen with keyloggers lately is that a lot of them don't
open ports. They either mail their logs or upload them to a ftp account. Also with some of the newer backdoors opening a port is optional. Most will connect back to the attacker so the attacker always knows the address of his victim(s). In order to detect these types of malware we would have to see some kind of open port. So writing these types of scripts would be difficult, and hard to manage. Jonathan On Tue, Mar 22, 2011 at 9:39 AM, Eugene Melnichenko < my.email.eugene () gmail com> wrote:
Hi!!! It's Eugene :) I have a couple of proposals, they relate to the Project: Vulnerability and exploitation specialist and Malware detection scripts. Here: 1. Possible threat category (keylogger, backdoor, etc.) and its level (Malware detection). 2. What programming language was used, a possible country of origin, etc. (Malware and Exploit). What do you think about these ideas? _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- GSoC 2011 My Two Ideas Eugene Melnichenko (Mar 22)
- Re: GSoC 2011 My Two Ideas Jonathan R (Mar 22)
- Re: GSoC 2011 My Two Ideas David Fifield (Mar 22)
- Re: GSoC 2011 My Two Ideas Eugene Melnichenko (Mar 23)