TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

301

302

303

304

305

306

307

308

309

310

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

306

computer while attempting to remain undetected. Progenic is a backdoor Trojan for Microsoft Windows family of

operating systems. The backdoor uses a client/server relationship, where the server component is installed in the

victim's system and the remote attacker has control of the client. The server attempts to open a port, typically TCP port

11223, to allow the client system to connect. Progenic could allow a remote attacker to retrieve user passwords, open

and close the host system's CD-ROM drive, restart or shut down your computer, log the host system's keystrokes,

interact with Mirabilis' ICQ chat system (if installed).

Signature ID: 3112

Prosiak Backdoor detection

Threat Level: Severe

Signature Description: A backdoor is a program used for bypassing normal authentication, securing remote access to a

computer while attempting to remain undetected. The Prosiak backdoor for Windows 9x/Me operating systems. It

allows attackers to access the host system's hard drive, set up a proxy server to redirect network traffic from the host

system's computer, copy text to the host system's clipboard, shut down or restart the host system.

Signature ID: 3113

RWS backdoor for Windows detection

Threat Level: Warning

Signature Description: A backdoor is a program used for bypassing normal authentication, securing remote access to a

computer while attempting to remain undetected. The Remote Windows Shutdown (RWS) is a backdoor for windows

based systems. Attackers can use it to remotely shutdown or reboot an infected system.

Signature ID: 3115

Schwindler Backdoor detection

Threat Level: Warning

Signature Description: A backdoor is a program used for bypassing normal authentication, securing remote access to a

computer while attempting to remain undetected. The Schwindler backdoor for Windows 9x allows a remote attacker

to access files on the host system's hard drive, capture keystrokes on the host system's , and get passwords stored on the

host system. This backdoor is based on the GirlFriend backdoor and has almost identical functionality.

Signature ID: 3116

Secretservice Backdoor detection

Threat Level: Warning

Signature Description: A backdoor is a program used for bypassing normal authentication, securing remote access to a

computer while attempting to remain undetected. SecretService is a backdoor for Windows 9x that allows remote

attackers to connect to your computer over the Internet and upload and download files, as well as log keystrokes and

execute programs.

Signature ID: 3117

Serveme Backdoor detection

Threat Level: Information

Signature Description: A backdoor is a program used for bypassing normal authentication, securing remote access to a

computer while attempting to remain undetected. ServeMe is a backdoor for Windows 9x that allows a remote attacker

to connect to your computer and execute programs, list and kill processes, and shut down your computer.