SV: question about fuxay scanner

From: Peter Kruse (kruseat_private)
Date: Wed Jan 30 2002 - 09:24:50 PST

Next message: Matt Peterson: "RE: resources for the pen-test team?"

Previous message: Cushing, David: "RE: Can you impersonate a client side cert??"
In reply to: James McGee: "RE: question about fuxay scanner"
Next in thread: fooyu: "Re: question about fuxay scanner"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

This means that the scanner is infected or written as a backdoor.
According to Sophos database the "Troj/BD-Mania pipes the input and
output of a DOS window through a network port, allowing remote access to
your computer". 

The scanner has now been removed from the Chinese site. If you have
installed fluxay you should scan your PC for the presence of the trojan
or as an alternative try to bind the open ports to a applikation with a
tool like fport to pinpoint the location of the backdoor komponent.

Med venlig hilsen // Kind regards

Peter Kruse
Security- and Virusanalyst
Telia Telecom Denmark

"Whenever I climb I am followed by a dog called 'Ego'."


> -----Oprindelig meddelelse-----
> Fra: James McGee [mailto:jmat_private] 
> Sendt: 30. januar 2002 00:30
> Til: 'christophe gueguen'; pen-testat_private
> Emne: RE: question about fuxay scanner
> 
> 
> appears to be a sort of trap!
> 
> sophos picked up a virus in it...
> 
> BD-Mania
> 
> 
> 
> 
> 
> -----Original Message-----
> From: christophe gueguen [mailto:chris_securiteat_private]
> Sent: 29 January 2002 15:50
> To: pen-testat_private
> Subject: question about fuxay scanner
> 
> 
> 
> 
> Hi
> I have heard about a vulnerabilities scanner
> called fluxay. It is on a chinese site 
> (www.netxeyes.com/down.html). It seems to be a > good tool but 
> I don't have seen any recommandation about it on any security 
> site. Does anyone have already use it ?
> 
> Thx
> Christophe
> 
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security 
> Intelligence Alert (SIA) Service. For more information on 
> SecurityFocus' SIA service which automatically alerts you to 
> the latest security vulnerabilities please see: 
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Matt Peterson: "RE: resources for the pen-test team?"
Previous message: Cushing, David: "RE: Can you impersonate a client side cert??"
In reply to: James McGee: "RE: question about fuxay scanner"
Next in thread: fooyu: "Re: question about fuxay scanner"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jan 30 2002 - 11:12:02 PST