Re: Can anyone identify this backdoor?

From: David Jacoby (djat_private)
Date: Thu Jul 11 2002 - 04:05:02 PDT

  • Next message: shawn merdinger: "Re: Can anyone identify this backdoor?"

    My BAD! :/
    
    iis.dll is a cfg file for the Serv-U daemon, it shows usage information.
    NetworkEter.dll is used to change processID and portnumer and stuff.
    iisl.dll is just the welcome message for the FTPserver!
    
    
    Some of this kind of backdoors is used when scriptkiddie hackers
    try to make a DUMP (warez) site on a fast connection. They will
    hack a site, and then run this.
    
    
    David Jacoby
    Outpost24
    www.outpost24.com
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 15:37:09 PDT