Firewall Wizards mailing list archives
Re: sndvol.exe
From: 0x1c <nick () shibumi feralmonkey org>
Date: Sat, 20 Mar 1999 18:16:59 +0000 (GMT)
I would have hoped a firewall product from Cisco would be smarter than that. Nick On Thu, 18 Mar 1999, Randy Garbrick wrote:
Has anyone noticed a Trojan horse called sndvol.exe that replaces the Win NT/9X sndvol.exe and then does a continuous port scan from inside a firewall to multiple outside addresses? It created a denial of service by maxing out the sessions on our Pix. We're trying to locate the source of the executable. Randy Garbrick Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- sndvol.exe Randy Garbrick (Mar 19)
- Re: sndvol.exe 0x1c (Mar 21)
- Re: sndvol.exe Paul M. Cardon (Mar 22)
- Re: sndvol.exe 0x1c (Mar 23)
- Re: sndvol.exe Paul M. Cardon (Mar 22)
- Re: sndvol.exe Paul M. Cardon (Mar 21)
- Re: sndvol.exe Gordy Thompson (Mar 21)
- <Possible follow-ups>
- Re: sndvol.exe Ryan Russell (Mar 21)
- RE: sndvol.exe Frank W. Keeney (Mar 22)
- Re: sndvol.exe 0x1c (Mar 21)