| VID |
24078 |
| Severity |
40 |
| Port |
Any |
| Protocol |
TCP |
| Class |
BackDoor |
| Detailed Description |
The backdoor 'HACKER Defender' has been detected as installed on the system. This is a backdoor server program that allows unauthorized remote access to a compromised computer. This backdoor may be dropped on the infected host by Internet Worms. Hacker defender is rootkit for Windows NT 4.0, Windows 2000 and Windows XP. Main code was written in Delphi 6. Hacker Defender can run on any port, however, the preferred method of configuration is to insert itself in the TCP stream of running, well known services, such as HTTP, FTP, and TELNET. Due to the nature of the program, the possibility exists to be exploited for spying purposes.
* References:
http://hxdef.czweb.org/
http://rootkit.host.sk/
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
Remove it from the infected computer by using a anti-virus program (vaccine program). |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
13957 (ISS) |
|
