|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: sndvol.exe
Frank W. Keeney (FKeeney
hsa.com)
Mon, 22 Mar 1999 08:00:44 -0800
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Neil Ratzlaff: "RE: strange icmp packets."
- Previous message: Frank W. Keeney: "RE: vulnerability scanner"
- Maybe in reply to: Sandy Green: "vulnerability scanner"
It causes the same problem with Firewall 1.
----------
From: 0x1c [SMTP:nickshibumi.feralmonkey.org]
Sent: Saturday, March 20, 1999 10:17 AM
Cc: firewall-wizardsnfr.net
Subject: Re: sndvol.exe
I would have hoped a firewall product from Cisco would be
smarter than
that.
Nick
On Thu, 18 Mar 1999, Randy Garbrick wrote:
> Has anyone noticed a Trojan horse called sndvol.exe that
replaces the
> Win NT/9X sndvol.exe and then does a continuous port scan from
inside a
> firewall to multiple outside addresses? It created a denial
of service
> by maxing out the sessions on our Pix. We're trying to locate
the
> source of the executable.
- Next message: Neil Ratzlaff: "RE: strange icmp packets."
- Previous message: Frank W. Keeney: "RE: vulnerability scanner"
- Maybe in reply to: Sandy Green: "vulnerability scanner"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:18:16 CDT