Is this a windows based trojan ? if so you could write a quick NASL plugin checking remote registry for this trojan and get network output. I guess we ( I ) would need more information on the trojan, atleast the platform OS that you believe is contaminated. ~!>D Discussion Lists wrote: >Hi all, >I have discovered what I believe is a trojan on a port that is a >non-standard port for that particular trojan, but I want to narrow down >the possibilities of what it could be. Can anyone suggest a trojan >scanner that can detect a trojan by simply scanning for open ports, and >connecting? > >Thanks > >--------------------------------------------------------------------------- >Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the >world's premier event for IT and network security experts. The two-day >Training features 6 hand-on courses on May 12-13 taught by professionals. >The two-day Briefings on May 14-15 features 24 top speakers with no vendor >sales pitches. Deadline for the best rates is April 25. Register today to >ensure your place. http://www.securityfocus.com/BlackHat-pen-test >---------------------------------------------------------------------------- > > > > > -- ------------------------------------------ Network Security Engineer http://www.angrypacket.com Christopher M Downs,RHCE cdownsat_private char ash[]="\x48\x61\x69\x6C\x20" "\x74\x6F\x20\x74\x68\x65\x20\x4B" "\x69\x6E\x67"; ------------------------------------------- --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Apr 28 2003 - 15:55:39 PDT