Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New Trojan?

Status
Not open for further replies.
bytehd

bytehd

IS-IT--Management
Apr 26, 2002
575
US
Uses UDP and TCP port 3386.
Which is listed in iana as GPRS-data (cell phone signalling)

Trouble is, EXPLORER.EXE is opening a connection to
151.25.34.63 which resolves to nice little names
Sam Spade gives me:
fbiserver.shacknet.nu
and
mazservercia.no-ip.org

my rDNS gives me a dial up italian:
ppp-63-34.25-151.libero.it

clues?

George Walkey
Senior Geek in charge
 
Sort by date Sort by votes
Looking at mazservercia.no-ip.org, it could be a possble reverse connecting trojan. I would start doing trojan/virus scans.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ttrsux
  • Locked
  • Question
No internet access on new LAN eth0/2 1
Replies
6
Views
131
iggsterman
iggsterman
normntwrk
  • Locked
  • Question
new asa5505 - old config
Replies
6
Views
95
normntwrk
normntwrk
sapper1
  • Locked
  • Question
New to Sonicwall and need some help.
Replies
1
Views
51
cajuntank
cajuntank
ITSurvivor
  • Locked
  • Question
Newbie On Netscreen 25
Replies
0
Views
54
ITSurvivor
ITSurvivor
RonSwift
  • Locked
  • Question
I'm configuring a new asa 5520. I n 2
Replies
3
Views
55
RonSwift
RonSwift

Part and Inventory Search

Sponsor

Back
Top