Displaying 4 results from an estimated 4 matches for "msshellcode".
2015 Apr 16
3
ClamAV reports a trojan
This morning I discovered this in my clamav report from one of our
imap servers:
/usr/share/nmap/scripts/irc-unrealircd-backdoor.nse:
Unix.Trojan.MSShellcode-21 FOUND
I have looked at this script and it appears to be part of the nmap
distribution. It actually tests for irc backdoors. IRC is not used
here and its ports are blocked by default both at the gateway and on
all internal hosts.
However, I none-the-less copied that file, removed namp, re-in...
2015 Apr 16
0
ClamAV reports a trojan
On Thu, Apr 16, 2015 at 10:01 AM, James B. Byrne <byrnejb at harte-lyne.ca> wrote:
> This morning I discovered this in my clamav report from one of our
> imap servers:
>
> /usr/share/nmap/scripts/irc-unrealircd-backdoor.nse:
> Unix.Trojan.MSShellcode-21 FOUND
>
>
> I have looked at this script and it appears to be part of the nmap
> distribution. It actually tests for irc backdoors. IRC is not used
> here and its ports are blocked by default both at the gateway and on
> all internal hosts.
>
> However, I none-the-less...
2015 Apr 19
0
ClamAV reports a trojan
...:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 16/04/15 16:01, James B. Byrne wrote:
>> This morning I discovered this in my clamav report from one of our
>> imap servers:
>>
>> /usr/share/nmap/scripts/irc-unrealircd-backdoor.nse:
>> Unix.Trojan.MSShellcode-21 FOUND
>>
>>
>> I have looked at this script and it appears to be part of the nmap
>> distribution. It actually tests for irc backdoors. IRC is not
>> used here and its ports are blocked by default both at the gateway
>> and on all internal hosts.
>>
&g...
2015 Apr 16
4
ClamAV reports a trojan
...15 10:09 am, Les Mikesell wrote:
> On Thu, Apr 16, 2015 at 10:01 AM, James B. Byrne <byrnejb at harte-lyne.ca>
wrote:
>> This morning I discovered this in my clamav report from one of our imap
servers:
>> /usr/share/nmap/scripts/irc-unrealircd-backdoor.nse:
>> Unix.Trojan.MSShellcode-21 FOUND
>> I have looked at this script and it appears to be part of the nmap
distribution. It actually tests for irc backdoors. IRC is not used
here and its ports are blocked by default both at the gateway and on
all internal hosts.
>> However, I none-the-less copied that file, remo...