TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
330
and the remote attacker has control of the client. The server attempts to open a port, typically TCP port 8811 to allow
the client system to connect. Once installed on a system, permits unauthorized users to remotely perform a variety of
operations, such as Get system information, change the contents of the victim's clipboard, Read/Modify contents of the
clipboard, listing files, and uploading or downloading files. Administrators are advised to close the port 8811 for
external users.
Signature ID: 3247
Backdoor Amitis 1.4.3
Threat Level: Severe
Signature Description: Backdoor Amitis 1.4.3 is a backdoor program that affects Microsoft Windows Operating
System. The backdoor uses a client/server relationship, where the server component is installed in the victim's system
and the remote attacker has control of the client. The server attempts to open a port, typically TCP port 33229 to allow
the client system to connect. Once installed on a system, permits unauthorized users to remotely perform a variety of
operations, such as viewing or modifying registry keys, viewing or killing processes, uploading or downloading files,
and rebooting or shutting down Windows. Administrators are advised to close the port 33229 for external users.
Signature ID: 3248
Backdoor Assassin 1.1
Threat Level: Severe
Signature Description: Backdoor Assassin 1.1 is a backdoor program that affects Microsoft Windows Operating
System. The backdoor uses a client/server relationship, where the server component is installed in the victim's system
and the remote attacker has control of the client. The server attempts to open a port, typically TCP port 5695 to allow
the client system to connect. Once installed on a system, permits unauthorized users to remotely perform a variety of
operations, such as changing the registry, executing commands, starting services, listing files, and uploading or
downloading files. Administrators are advised to close the port 5695 for external users.
Signature ID: 3249
Backdoor Beast 1.9
Threat Level: Critical
Signature Description: Beast is a backdoor program that affects Microsoft Windows Operating System. It can disable
personal firewalls and anti virus software. It contains a key logger option that capture passwords. If the key logger is
enable, then an attacker can capture the passwords. The successful exploitation of this issue will allow an attacker to
gain unauthorized access to the system via on TCP port 6666 or 666.
Signature ID: 3250
Backdoor Beast 1.91
Threat Level: Critical
Signature Description: Backdoor Beast 1.91 is a backdoor program that affects Microsoft Windows Operating System.
The backdoor uses a client/server relationship, where the server component is installed in the victim's system and the
remote attacker has control of the client. The server attempts to open a port, typically TCP port 600 to allow the client
system to connect. Once installed on a system, permits unauthorized users to remotely perform a variety of operations,
such as changing the registry, executing commands, starting services, listing files, and uploading or downloading files.
Administrators are advised to close the port 600 for external users.
Signature ID: 3251
Backdoor Drat and Drat 1.0/2.0 Vulnerability
Threat Level: Severe
Signature Description: Backdoor Drat is a Trojan. It can installs itself secretly and gain complete control of the