TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
313
Attacker attempts to connect to a Telnet server using the phrase "satori". This is a known password for the Satori Linux
rootkit.
Signature ID: 3151
BACKDOOR MISC Solaris 2.5 attempt
Threat Level: Information
Signature Description: Trojan horses are malicious program which usually hacker used to bind it with some other
application or process like, Greeting cards or Games etc.When the user opens or triggers, then the malicious program
will sit in the users computer and tries to open a backdoor silently and give a way to an attacker to take full control of
the user and can exploit the user. This Trojan affects Solaris 2.5 operating systems. Attacker attempts to connect to a
Telnet server using the phrase "friday". The target machine may already be compromised.
Signature ID: 3152
BACKDOOR MISC r00t attempt
Threat Level: Information
Signature Description: Trojan horses are malicious program which usually hacker used to bind it with some other
application or process like, Greeting cards or Games etc.When the user opens or triggers, then the malicious program
will sit in the users computer and tries to open a backdoor silently and give a way to an attacker to take full control of
the user and can exploit the user. This Trojan affects UNIX operating systems. Attacker attempts to connect to a Telnet
server using the phrase "r00t".The target machine may already be compromised.
Signature ID: 3153
BACKDOOR MISC rewt attempt
Threat Level: Information
Signature Description: Trojan horses are malicious program which usually hacker used to bind it with some other
application or process like, Greeting cards or Games etc.When the user opens or triggers, then the malicious program
will sit in the users computer and tries to open a backdoor silently and give a way to an attacker to take full control of
the user and can exploit the user. This Trojan affects UNIX operating systems.Attacker attempts to connect to a telnet
server using the phrase "rewt".The target machine may already be compromised.
Signature ID: 3154
BACKDOOR MISC sm4ck attempt
Threat Level: Information
Signature Description: Trojan horses are malicious program which usually hacker used to bind it with some other
application or process like, Greeting cards or Games etc.When the user opens or triggers, then the malicious program
will sit in the users computer and tries to open a backdoor silently and give a way to an attacker to take full control of
the user and can exploit the user. This Trojan affects UNIX operating systems. Attacker attempts to connect to a Telnet
server using the phrase "hax0r".This is a known password for the sm4ck Linux rootkit.The target machine may already
be compromised.
Signature ID: 3155
BACKDOOR Matrix 2.0 Client connect
Threat Level: Information
Signature Description: This trojan affects windows operating systems.Matrix is a Trojan Horse offering the attacker the
ability to upload files to, and download files from the victim host, retrieve passwords and start and stop an FTP server
on your computer. This signature detects a MavericksMatrix backdoor running on your network.