Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Data Interpretation

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Tue, 17 Mar 2009 16:22:29 +0100
On 2009-03-17 ????????????? * wrote:

All these are remote admin trojans.


No. All of them are ports commonly used by those backdoors. That alone
doesn't say anything about which service is listening on that port. And
since the ports are filtered, it's not even clear if there's a service
listening on any of them in the first place.


Looks that your system is compromised.


No, it doesn't.


Since they are filtered first telnet to these ports & see if they
open.


How would he connect to those ports when access to them is obviously
being filtered?

Regards
Ansgar Wiechers
-- 
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available. 

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: