Penetration Testing mailing list archives
RE: Scanning for trojans
From: "Discussion Lists" <discussions () lagraphico com>
Date: Mon, 28 Apr 2003 15:05:49 -0700
Thanks, but in my case I don't have local access to the machine, so it would be helpful to find a way to identify it remotely. I am beginning if such an animal actually exists? Thanks
-----Original Message----- From: Eric [mailto:ews () tellurian net] Sent: Monday, April 28, 2003 2:26 PM To: Discussion Lists; pen-test () securityfocus com Subject: Re: Scanning for trojans map the open port back to the executable that launched it. ...Microsoft specific advice... If on Win2K, use fport from foundstone. If XP, try fport, or do netstat -on and map the PID back to the executable. At 10:19 AM 4/27/2003 -0700, Discussion Lists wrote:Hi all, I have discovered what I believe is a trojan on a port that is a non-standard port for that particular trojan, but I want tonarrow downthe possibilities of what it could be. Can anyone suggest a trojan scanner that can detect a trojan by simply scanning for openports, andconnecting? Thanks --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 inAmsterdam, theworld's premier event for IT and network security experts.The two-dayTraining features 6 hand-on courses on May 12-13 taught byprofessionals.The two-day Briefings on May 14-15 features 24 top speakerswith no vendorsales pitches. Deadline for the best rates is April 25.Register today toensure your place. http://www.securityfocus.com/BlackHat-pen-test ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
Current thread:
- Scanning for trojans Discussion Lists (Apr 28)
- Re: Scanning for trojans cdowns (Apr 28)
- <Possible follow-ups>
- Re: Scanning for trojans Eric (Apr 28)
- RE: Scanning for trojans Discussion Lists (Apr 28)
- RE: Scanning for trojans Rob Shein (Apr 29)
- RE: Scanning for trojans Discussion Lists (Apr 29)
- re: Scanning for Trojans anj (Apr 30)