[unisog] Infected windows boxes with IRC controlled trojans on them

Gary Flynn flynngn at jmu.edu
Wed Apr 10 21:44:19 GMT 2002


Mark Newman wrote:
> 
> Can anyone comment on the method of exploit?
> 
> Admin shares and anonymous enumeration have been the commonality with
> machines here...but, *how* was this done?

Along the same vein, I'd like to know if anyone that blocks netbios at 
the Internet border has seen this.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe



More information about the unisog mailing list