General discussion


serv-u trojan horse

By alex ·
I have Windows NT 4 server with Exchange Server 5.5 with latest service pack 6. I also have Norton Anti Virus Corp. Edition and Norton Anti Virus for Exchange installed.
Recently I found OS2 directory on C: drive with Serv-U FTP serve files. I deleted entire directory and applied latest security patches.
But I could not find much info about Serv-U besides it is a trojan horse. How they managed to get it on server behind a firewall with only port opened is SMTP. And more importan how to prevent it from happening again?

Any one has any expirience dealing with this issue? Any one?

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

How many users do you have?

by admin In reply to serv-u trojan horse

What makes you sure it came from outside your firewall?

Something to think about.

Collapse -

by alex In reply to How many users do you hav ...

You are right. I do not know, but the question is how to trace it. All clients computer (it is a mis of 98, ME and 2000) have NAV client installed.

Collapse -

by ne8906 In reply to

A port scanner could be able to show you where the pockets led to. The next time when it happen again. Scan it before you delete it.

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums