[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Qualys scanner fails to detect rst.b trojan?

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Qualys scanner fails to detect rst.b trojan?
From: ned <onedo@xxxxxxx>
Date: Mon, 15 Sep 2003 19:47:14 +0200

Hi

I recently had an infection on one of my machines with the linux rst.b trojan. 
Qualys has a more or less detailed analysis of the code, and provides a 
remote detection tool here. 
https://www.qualys.com/forms/remoteshellb.html
But even though I saw the running trojan process, knew the port of it and it 
was listening for incoming connections, Qualys' remote detection tool told me 
my host was clean. Did anyone run over the same behaviour? Is there a working 
remote detection utility?  

ned


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] Re: Qualys scanner detects rst.b trojan?
  - From: Scott Manley

Prev by Date: [Full-Disclosure] Blocking Music Sharing.
Next by Date: Re: [Full-Disclosure] Blocking Music Sharing.
Previous by thread: [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #1114 - 33 msgs
Next by thread: [Full-Disclosure] Re: Qualys scanner detects rst.b trojan?
Index(es):
- Date
- Thread