trojan problem

Michael T. Richter ttmrichter at gmail.com
Sun Jan 22 13:56:16 UTC 2006 

On Sun, 2006-22-01 at 20:59 +0800, Brian Walker wrote:
> It pains me to say so, but I have a trojan somewhere on my system, and
> it is a pain. I need help to rid myself of it.

Wasn't one of the benefits of moving to Linux supposed to be not facing
these scenarios?  :-O

> 2. trinoo_master was on port 27665 
> 3. a number of slaves were operating (googled to get extensive info on
> trinoo_master ... this is typical behaviour of the trojan) 

What did Google say about trinoo_master other than this?  (I just
Googled myself only to find out that Google is down this side of the
Great Firewall for now.  I'll check again in a few hours.)

> Result - my computer (oh the utter shame of it all) was being used to
> mount a DOS attack on some poor IP. 

Where did you get this nmapfe program from?  I think it's time for me to
check my own machine out.

> 2. I have no idea how to coerce windows to tell me what is going on.

Why would Windows know?  Or am I confused and you're reporting about a
problem you're having running Windows?

For Windows to report what it knows, you have to use external utilities.
Look up "Windows network security free" on Google and sift awhile.
There are a surprising number of decent tools for self-analysis
available (contrary to the usual claims that you have to pay for virus,
adware, etc. scanners).

For Linux, I'm not sure what you're asking.

> Furthermore: How can it possibly have been so quickly installed in the
> first place? 

This interests me a great deal as well.  After all the heat I've taken
over being a "Windows lover" and all the crowing over how much more
secure Linux is, I'm a little rattled by your report, actually.

--
Michael T. Richter
Email: ttmrichter at gmail.com, mtr1966 at hotpop.com
MSN: ttmrichter at hotmail.com, mtr1966 at hotmail.com; YIM:
michael_richter_1966; AIM: YanJiahua1966; ICQ: 241960658; Jabber:
mtr1966 at jabber.cn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060122/e5bcbdcf/attachment.sig>

More information about the ubuntu-users mailing list