> -----Original Message-----
> > ouch! Did they give you a fix Aidan...?
>
> We just moved the files off the servers (found it on 3 out of 4). Do you
> think we'd need to take any further steps?
If I were you I'd find out what port(s) that particular Trojan runs on and
block it. Also get yourself a decent Trojan/Port scanner..... I'd recommend
BlackIce (or Network Ice for servers) (http://www.networkice.com) that's
also a good site for informational purposes, you may also find something at:
http://www.hack-net.com/html/archives/display_archives_category.php3?show_ca
tegory=Intrusion%20Detection
> The network admin says he's reluctant to install anti-virus
> software on any
> of the servers but this seems to be a good reason to do exactly that.
Why did he say that???? No offence but that strikes me as just plain dumb!
> It looks like they've been sat there since last August (the
> date/time stamp
> on two of the files) and could possibly go towards explaining a period of
> problems we were having with several servers at that time.
> Changing several
> network passwords stopped the problems.
Yeah it would do.....
> Hey, why does this thread feel like I'm saying "Please come and hack our
> machines... our security is so crap, someone has managed it"? ;-)
I can recommend a very good NT security consultant in the UK ;o)
You may also want to get a copy of "Hacking Exposed 2nd Ed." available on
Amazon......
-= Ed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
