From: Eric (ews@tellurian.net)
Date: Mon Apr 28 2003 - 17:25:49 EDT
map the open port back to the executable that launched it.
...Microsoft specific advice...
If on Win2K, use fport from foundstone. If XP, try fport, or do netstat
-on and map the PID back to the executable.
At 10:19 AM 4/27/2003 -0700, Discussion Lists wrote:
>Hi all,
>I have discovered what I believe is a trojan on a port that is a
>non-standard port for that particular trojan, but I want to narrow down
>the possibilities of what it could be. Can anyone suggest a trojan
>scanner that can detect a trojan by simply scanning for open ports, and
>connecting?
>
>Thanks
>
>---------------------------------------------------------------------------
>Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
>world's premier event for IT and network security experts. The two-day
>Training features 6 hand-on courses on May 12-13 taught by professionals.
>The two-day Briefings on May 14-15 features 24 top speakers with no vendor
>sales pitches. Deadline for the best rates is April 25. Register today to
>ensure your place. http://www.securityfocus.com/BlackHat-pen-test
>----------------------------------------------------------------------------
---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:32 EDT