> > Hi, > > Anybody know where I can get some detailed info on the > characteristics of trojans/viruses that scan for vulnerabilities ? > Specifically, I'm trying to determine if a pattern of scanned ports I have > noticed on my machine is characteristic of any particular > trojan/virus/malicious programme that a user might not be aware > of on their > machine (ie, not something they are not consciously running, but which has > been installed without their knowledge). > > My googling so far hasn't turned up that kind of detail. For > instance, I found a long list of trojans whose purpose in life is to scan > for windows vulnerabilities. One name I can remember (I did the > research on > a different machine than the one from which I write) for example was AGEG > (AGressive Exploit Groper?Grabber), but I don't know if it was written to > scan a specific set of vulnerable ports, or if it is configurable. I've > done a little surfing at the SANS website without coming up with much. > > I'm not really too sure where to look for this kind of info, or even > how likely it is to exist. Like is there any kind of trend for > these kinds > of programmes to be configurable or to be preset. I thought maybe there > would be people with more security experience on this list that > could share > some ideas or resources. >
http://securityresponse.symantec.com/ - here are the TOP10 and the LATEST 10 Virus(s?)es http://www.symantec.com/search/ - use different search words like ports and make sure to check the boxes for Virus & Exploit http://security.symantec.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=22&p kj=WZMHDTKJBTVISBYWWYP - online virus scan :-) if you might need this I think the best one is this here - http://securityresponse.symantec.com/avcenter/vinfodb.html But those will list more or less ALL virus(s?)es regardless if it's a trojan, worm or else..... HTH, Simmel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
