Trojan/Backdoor Detection - Sasser Worm
Critical Nessus Network Monitor Plugin ID 1215
SynopsisThe remote host has a backdoor installed
DescriptionThe remote host is infected with the Sasser Worm. This worm utilizes a backdoor command server and FTP server on ports 5554 and 9996, respectively.
SolutionUse an anti-virus product to remove the worm and consider re-installing the operating system.