linux scanner for common windows exploits
Posted 21 July 2004 - 09:46 PM
So basically I need some help cause I dont wanna forget a common worm & its ploit pair. I need a list of those common pesky worms and pointers for scanning for them on linux. I have found a few scanners for certain ploits for windows, but that doesnt really help me here. Help?
Posted 22 July 2004 - 08:29 AM
Here are a few links I found about snort ids.
a snort-user group (snort MySQL, PHP, and ACID)
Intrusion Detection with SNORT (can be adopted to virus)
here are a few virus, trojan, and Backdoors ports.
ONCTek's list of known Trojan/Backdoors and the TCP/UDP ports on which they operate.
DoShelp's list of Trojan and Remote Access Service Ports
more trojans ports
Also I recomened looking at anti-virus sites discription of viruses to get a better rule on them.
I also suggest this as a plan B, use F-Prot on a knoppix with a usb key or remsater and go from room to room and scan the pcs.
Posted 22 July 2004 - 09:12 AM
Posted 22 July 2004 - 09:16 AM
Also just block kazaa ports because the virus are geting thrugh it. And one thing you have to realize is people don't alwase update.
Edited by bankrupt, 22 July 2004 - 09:22 AM.
Posted 22 July 2004 - 12:00 PM
BinRev is hosted by the great people at Lunarpages!