Hosting Provided By

Re: Scanning for trojans

From: cdowns <cdowns(at)drippingdead.com>
Date: Mon Apr 28 2003 - 18:10:35 EDT

Is this a windows based trojan ? if so you could write a quick NASL plugin checking remote registry for this trojan and get network output.

I guess we ( I ) would need more information on the trojan, atleast the platform OS that you believe is contaminated.

~!>D

Discussion Lists wrote:

>Hi all,

-- 
------------------------------------------
      Network Security Engineer 
      
http://www.angrypacket.com
       Christopher M Downs,RHCE
     cdowns@bigunz.angrypacket.com
	
   char ash[]="\x48\x61\x69\x6C\x20"
   "\x74\x6F\x20\x74\x68\x65\x20\x4B"
   "\x69\x6E\x67";
-------------------------------------------




---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

Received on Mon Apr 28 18:59:22 2003

This message: [ Message body ]
Next message: alaric(at)alaricsecurity.com: "Re: pen-testing an information kiosk (breaking out of the application)"
Previous message: Pete Herzog: "RE: Port Scanners / Sniffers Review"
In reply to Discussion Lists: "Scanning for trojans"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:35 EDT