arboi at noos
Mar 25, 2002, 2:20 AM
Post #1 of 1
(223 views)
Permalink
|
|
RemotelyAnywhere detection
|
|
http://xwell.org/
"US Military Sweep for Compromises and Backdoors
The United States Army and Navy are doing a crash review of
unclassified Windows systems for RemotelyAnywhere, a commercial remote
system management tool that's been found on numerous compromised
systems. [...]"
See also http://www.technews.com/news/02/175245.html
So... Here are two scripts for SSH and the web interface. Detecting
the Telnet server is not easy.
TBD: check for default account administrator / remotelyanywhere
|
