Active Outbound Connection to Host Listed in Known Bot Database

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

According to a third-party database, the remote host is making an
outbound connection to a host that is listed as part of a botnet.

Description :

According to the output from netstat, the remote host has an outbound
connection to one or more hosts that are listed in a public database as
part of a botnet. This suggests the host may have been compromised.

See also :

Solution :

Investigate the connection(s) and reinstall the remote system from
scratch if appropriate.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: General

Nessus Plugin ID: 58430 ()

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial