I just ran Nessus 1.2.6 (partial scan) against a local Windows 2000 DNS Server and Nessus reported (in addition to all kinds of services running):
"Possible Backdoors: iiscrack.dll - /scripts/httpodbc.dll iise.exe - /scripts/idq.dll" Could someone tell me more about the test that determines these files to potentially be backdoors? I did some quick searching on Google and it looks like this could indicate the presence of (in Symantec terminology) W32.Nimda.E@mm. I'm curious how Nessus correlates httpodbc.dll to iiscrack.dll. For the hell of it I connected to the NNTP service, but there were five empty groups there with no messages. They looked like default groups. Also, the web service just sends an "Under Construction" page. Nothing interesting like "You've been owned!" .. I apologize in advance for bringing up Nimda, I'm sure you guys have heard enough about it. ;) Mark - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
