Penetration Testing mailing list archives
Re: Backdoor:Win32/Hackdef.E
From: arif.jatmoko () sea ccamatil com
Date: Thu, 27 Oct 2005 10:03:35 +0700
I think most AV software capable to detect this trojan / backdoor / rootkit. If M$ removal tool has detected hackdef rootkit, you could cross check your finding using AV software: Kaspersky ==> Backdoor.HacDef.xxx TrendMicro ==> BKDR_HACDEF.xx CA ==> Win32.HacDef Symantec ==> Backdoor.HackDefender McAfee ==> HackerDefender F-Secure ==> W32/HD.Rootkit.xx Cheers, Arif |+---------------+---------------------------------| || Alex Stender| | || <alex.stende| To: | || r () gmail com>| pen-test () securityfocus com | || | cc: (bcc: Arif | || 10/27/2005 | Jatmoko/IDN/SEA/CCA) | || 01:19 AM | Subject: | || | Backdoor:Win32/Hackdef.E | || | | |+---------------+---------------------------------| After installing October's MS Malicious Software Removal tool, a couple of server, one behing a Sonicwall TZ170 firewall have shown he presence of Win32/Hackdef.E and Win32/Hackdef.T. The MS tools they have been removed. Has anyone had any experience with that trojan in terms of detecting payload etc? Is there a security scanner to check for that specific vulnerability? Thanks Alex ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------------- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Backdoor:Win32/Hackdef.E Alex Stender (Oct 26)
- Re: Backdoor:Win32/Hackdef.E Marco Monicelli (Oct 27)
- <Possible follow-ups>
- Re: Backdoor:Win32/Hackdef.E arif . jatmoko (Oct 26)
- Re: Backdoor:Win32/Hackdef.E Marco Monicelli (Oct 27)
- RE: Backdoor:Win32/Hackdef.E Jeffrey Leggett (Oct 27)