Identifing services on potential trojan ports

From: Drew Delbridge (drewdelbridge@hotmail.com)
Date: Thu May 31 2007 - 09:49:25 EDT


In scanning a system with nmap and nessus we identify open ports that are
used by known trojans. amap does not identify the service as one it
recognizes. Is anyone aware of a tool similar to amap that can send possible
trojan connection strings to remotely identify if the trojan is present? I
do not have physical access to the box nor admin credientials to look for
the binaries or other usual signatures.

Drew

_________________________________________________________________
More photos, more messages, more storage—get 2GB with Windows Live Hotmail.
http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migration_HM_mini_2G_0507

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:50 EDT