Security Incidents: Re: Can anyone identify this backdoor?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Can anyone identify this backdoor?

From: David Jacoby <dj () outpost24 com>
Date: Thu, 11 Jul 2002 13:05:02 +0200

My BAD! :/

iis.dll is a cfg file for the Serv-U daemon, it shows usage information.
NetworkEter.dll is used to change processID and portnumer and stuff.
iisl.dll is just the welcome message for the FTPserver!


Some of this kind of backdoors is used when scriptkiddie hackers
try to make a DUMP (warez) site on a fast connection. They will
hack a site, and then run this.


David Jacoby
Outpost24
www.outpost24.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

By Date By Thread

Current thread:

RE: Can anyone identify this backdoor?, (continued)
- RE: Can anyone identify this backdoor? Erick Arturo Perez Huemer (Jul 11)
- RE: Can anyone identify this backdoor? Richard Bartlett (Jul 11)
  - RE: Can anyone identify this backdoor? Ian Webb (Jul 22)
- Re: Can anyone identify this backdoor? Mark Shirley (Jul 12)
- Re: Can anyone identify this backdoor? Jhon Q Doe (Jul 11)
- Re: Can anyone identify this backdoor? David Jacoby (Jul 11)