Re: HTTP based trojans

["s.wun" <s.wun () thales-is com hk>]

Hi,

What other open-source tool do you use to detect this attack?

Sam.
----- Original Message -----
From: <AQBARROS () BKB com br>
To: <focus-ids () securityfocus com>
Sent: Thursday, October 31, 2002 8:46 PM
Subject: HTTP based trojans


> As I saw on the last messages about detecting trojans through flow-based
> analysis, I thought if someone already made anything to detect trojans
that
> use Internet Explorer controls to communicate with the client, even on
> networks that allow only proxied (even authenticated) http connections.
Did
> anyone try to do such kind of thing?
>
> Regards,
>
>
> Augusto.