Displaying 2 results from an estimated 2 matches for "1rwj9ejb0zjtznp6dr".
2015 Apr 19
0
ClamAV reports a trojan
...0Lpc/jwx2P7s4H/2V++W499w2fAZPM8kjnKi9b
> EBS0vl/oYAOVgzc3lo4y0CbY9GQtQ3258tISCeMGGOR/OjPYl3BqINsS1Qf0FGSw
> FzNHWrlgas/bZO/HbTAzWbtxknRKIJiiYfBHqLL6s/r9WpOMsBvA2eVpkXsEZZoz
> AWC0CFcrVsh7+Agqk46GyIsDn8ZpT+IymwMp+gKiqBv8e4uG5WjE8YRGBybscJgk
> DAPZ9ZaSJpJNFkJ0tpAAgNkPO96lFv6l43nnm/IyTfKtd/1rWJ9ejb0ZjtZnP6Dr
> xWdNyTjK39euHiVBP3pZ6ex8VKthph6b9FeferoQaGFxGvixk7epIihPbeEYqbg=
> =lowP
> -----END PGP SIGNATURE-----
>
>
Thank you. We run aide on that box and it did not report any recent
changes to that file. RPM and yum history corroborated the install
date as being last October. We have c...
2015 Apr 16
3
ClamAV reports a trojan
This morning I discovered this in my clamav report from one of our
imap servers:
/usr/share/nmap/scripts/irc-unrealircd-backdoor.nse:
Unix.Trojan.MSShellcode-21 FOUND
I have looked at this script and it appears to be part of the nmap
distribution. It actually tests for irc backdoors. IRC is not used
here and its ports are blocked by default both at the gateway and on
all internal hosts.