 |
 |
trojan on my machine?
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2002
Location: detroit
Status:
Offline
|
|
hello,
i just got netbarrier for my mac and in the log i found the tcpwrappers trojan sending out through some port that sohuld have been off. in the antivandal feature i turned trojan blocking on for all of them and put the offender on the stop list.
i'm a little freaked out though, i didn't think macs had trojans. my brother had been into downloading stuff on the machine but i've gotten busier with it and i wanted to be secure from the wild...
any advice or explanations would be deeply appreciated.
thanx
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Oct 2001
Location: Belgium
Status:
Offline
|
|
Are you sure about this?
A virus on MOSX? Finally!
Gus
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2002
Location: detroit
Status:
Offline
|
|
no not a virus, a trojan is not a virus
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Ouch. What version of Mac OS X are you running?
Did you see the trojan program running in top? What was the path it installed itself to?
|
|
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: May 2002
Location: UK
Status:
Offline
|
|
where can i find info aobut this, cant seem to get much relervent stuff from google
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jan 2001
Location: Badfort
Status:
Offline
|
|
Huh? I just googled for tcp wrappers trojan. The tcpwrappers trojan was released in Jan 1999, and didn't use a specific port, it was triggered by calling a tcpwrappers run service from source port 421. Are you saying there's another one? Does your brother have admin rights? Does Jaguar even have tcpwrappers, i thought it only used xinetd?
|
|
You see, my friends, pirates are the key. - thalo
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2002
Location: detroit
Status:
Offline
|
|
wow i don't know anything about all this.
i just got netbarrier as it was well recommended, and after installing i went to the log and was astounded to see how much was actually going on. apparently edonkey was running and he had somehow set it in terminal to run in the background. i then freaked out and switched firewall to no network, shutting everything off. ran antivirus and left overnight. next day i was checking the firewall logs and found a couple of lines that blocked connection to tcpwrappers port 2#$%#. i haven't seen it since. i put ip on stop list and turned trojan blocking on in firewall. i don't know the port#, i don't know anything about networks and such. neither, really, does my brother who had adm priveledges. i haven't noticed anything weird on the machine and i really don't know what to do?
sorry for rambling and thanks for the responses...
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
