i got this msg from my norton internet security.. what is happening?
Printable View
i got this msg from my norton internet security.. what is happening?
Somebody is scanning your computer for this trojan.
As it is a inbound connection try it is not something you should deeply worry about.
You could offcourse try and run a complete anti-virus scan and an anti-trojan scan on your computer to make sure you are not infected in any way.
You can get moosoft's the cleaner (http://www.moosoft.com/) or agnitium's tauscan (http://www.agnitum.com/) to check if your system is infected with that kinda malware.
But it is an inbound connection attempt and they happen quit frequent.
Salud
noODle
what happen on my apache server on 14 Jun?
pix is the error.log
this is my access log..
what does the log means?
what did the intruder install the trojan in?
what vulnerabilities did he used?
inbound means the packet is sending out?Quote:
Originally posted here by noODle
Somebody is scanning your computer for this trojan.
As it is a inbound connection try it is not something you should deeply worry about.
You could offcourse try and run a complete anti-virus scan and an anti-trojan scan on your computer to make sure you are not infected in any way.
You can get moosoft's the cleaner (http://www.moosoft.com/) or agnitium's tauscan (http://www.agnitum.com/) to check if your system is infected with that kinda malware.
But it is an inbound connection attempt and they happen quit frequent.
Salud
noODle
I'm afraid I don't know what the xe* methods are but it seems as if some one has been trying to gain access to your apache but failed pretty miserably.
but he still managed to install the trojan in the system..
are you sure there is a trojan on your system? It could just be a random scan to see if you have a trojan. once you have a trojan anybody that knows how to use it can. they are not user specific. it could just be somebody that is trying to find someone with a trojan ( sub7 for example) And if you do have a trojan more than likely you or one of the systems other users installed it unknowingly
ok.. however i did scan the entire system after i updated the definition.. still there is not virus found.. but this msg kept poping out yesterday nite.. so i suspect there is one in my box.. see how did it perform tonite..
Dude, if you ran a scan with an updated virusscan then you can relax. Even if you did have a trojan like sub7 on your system, any decent antivirus would recognize it even if it hadn't been updated. Like ZomBieMann77 said, most likely you just caught someone looking for a trojan on your system and as I said, if you've run antivirus and antitrojan, then you don't have a trojan. Also I'd like to say that I'm not flaming you and I don't want you to take offense to this, I only want you to be able to breath easy. later
btw how the intruder send that kind of packet to look for computers infected by certain trojan..
Trojans like sub7 are on quite a few machines. (NOT YOURS) Kiddies who know this will do port scans to find machines who contain the trojan server portion. You were not singled out by some "hacker." It's just a kiddie looking for someone without a firewall. Since yours discovered the problem, you have nothing to worry about. This has been said 20 times here. please do not worry anymore
Corn
i am not worried.. i just wanna learn how this things work.. so as to have a better picture of how this type of trojan work.. what is the logic behind the horses...
Trojan horse detection and removal Part I - alittlebitnumb
Trojan horse detection and removal Part II - alittlebitnumb
Trojan FAQ - nsbuttar
Trojan FAQ contd. Part 2
Trojans/ Backdoors - My observations - slarty
That should give you something to read.
Also remember that google is your friend
Buenos Dias
elDOon :eek: