Active Outbound Connection to Host Listed in Known Bot Database

This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is making an outbound connection to a host that is
listed as part of a botnet, according to a third-party public
database.

Description :

Nessus has determined via netstat, that the remote host has an
outbound connection to one or more hosts that are listed in a public
database as part of a botnet. This suggests the host may have been
compromised.

Solution :

Investigate the connection(s) and reinstall the remote system from
scratch if appropriate.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: General

Nessus Plugin ID: 58430 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now