boxa
26.07.02, 14:08
Hallo Experten,
ich habe mich heute schon mal wegen eines Hackerangriffes an euch gewandt. In diesem Zusammenhang ist mir noch was aufgefallen:
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:21 +0200] " HELP " 214 -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:31 +0200] " REIN " 502 -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:35 +0200] " RMD " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:39 +0200] " NOOP " 200 -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:45 +0200] " XPWD " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:49 +0200] " MODE " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:54 +0200] " STAT " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:59 +0200] " SYST " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:38:08 +0200] " PORT 3456" - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:38:14 +0200] " NLST " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:39:54 +0200] " USER " 500 -
In der Logdatei von Proftp steht Port 3456. In Trojaner Listen habe ich dazu den Trojaner "Terror Trojan" gefunden. Weiß jemand wie man den findet, oder was der so alles anstellen kann?
ich habe mich heute schon mal wegen eines Hackerangriffes an euch gewandt. In diesem Zusammenhang ist mir noch was aufgefallen:
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:21 +0200] " HELP " 214 -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:31 +0200] " REIN " 502 -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:35 +0200] " RMD " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:39 +0200] " NOOP " 200 -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:45 +0200] " XPWD " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:49 +0200] " MODE " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:54 +0200] " STAT " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:37:59 +0200] " SYST " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:38:08 +0200] " PORT 3456" - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:38:14 +0200] " NLST " - -
62.158.229.138 UNKNOWN nobody [25/Jul/2002:22:39:54 +0200] " USER " 500 -
In der Logdatei von Proftp steht Port 3456. In Trojaner Listen habe ich dazu den Trojaner "Terror Trojan" gefunden. Weiß jemand wie man den findet, oder was der so alles anstellen kann?