Hi,
Anybody know where I can get some detailed info on the
characteristics of trojans/viruses that scan for vulnerabilities ?
Specifically, I'm trying to determine if a pattern of scanned ports I have
noticed on my machine is characteristic of any particular
trojan/virus/malicious programme that a user might not be aware of on their
machine (ie, not something they are not consciously running, but which has
been installed without their knowledge).
My googling so far hasn't turned up that kind of detail. For
instance, I found a long list of trojans whose purpose in life is to scan
for windows vulnerabilities. One name I can remember (I did the research on
a different machine than the one from which I write) for example was AGEG
(AGressive Exploit Groper?Grabber), but I don't know if it was written to
scan a specific set of vulnerable ports, or if it is configurable. I've
done a little surfing at the SANS website without coming up with much.
I'm not really too sure where to look for this kind of info, or even
how likely it is to exist. Like is there any kind of trend for these kinds
of programmes to be configurable or to be preset. I thought maybe there
would be people with more security experience on this list that could share
some ideas or resources.
Thanks,
Gerald
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
