Hosting Provided By

RE: Scanning for trojans

From: Rob Shein <shoten(at)starpower.net>
Date: Mon Apr 28 2003 - 18:55:30 EDT

Most trojans are awfully sparse on response information if you don't authenticate to them properly. I don't think such a tool exists, and if it did, I think it would only spot a few of the many possible trojans out there. A long shot might be to check out which well-known trojans are easily reconfigured to use different ports (like BO2K) and do a quick check for those. Otherwise, it's entirely possible that the trojan has been slightly rewritten to make it remotely unidentifiable anyways.

-----Original Message-----
From: Discussion Lists [mailto:discussions@lagraphico.com] Sent: Monday, April 28, 2003 6:06 PM
To: Eric; pen-test@securityfocus.com
Subject: RE: Scanning for trojans

Thanks, but in my case I don't have local access to the machine, so it would be helpful to find a way to identify it remotely. I am beginning if such an animal actually exists?

Thanks

> -----Original Message-----

Did you know that you have VNC running on your network? Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test

Received on Tue Apr 29 11:11:55 2003

This message: [ Message body ]
Next message: Discussion Lists: "RE: Scanning for trojans"
Previous message: alaric(at)alaricsecurity.com: "Re: pen-testing an information kiosk (breaking out of the application)"
In reply to Discussion Lists: "RE: Scanning for trojans"
Reply: Discussion Lists: "RE: Scanning for trojans"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:35 EDT