"larosa, vjay" <[EMAIL PROTECTED]> writes: > I have done some searching on the nessus list and have not seen anybody > talking about this yet. The new billy worm opens up a hidden cmd.exe on port > 4444.
The port was already known by trojan_horses.nasl (other nasty beasties used it). OK, trojan_horses.nasl is a crude test. > If I get packet captures of communication with this backdoor could > somebody create a nessus plugin for this? Yes.
