Trojan/Backdoor - NetSphere Detection

High Nessus Network Monitor Plugin ID 1911

Synopsis

The remote host has a backdoor installed.

Description

NetSphere is installed. This backdoor allows anyone to partially take control of the remote system. An attacker may use this vulnerability to steal your password or prevent your system from working properly.

Solution

Telnet to this computer on TCP port 30100 and type : '<KillServer>', without the quotes, and press Enter. This will stop the NetSphere service. Manually inspect and repair this system.

See Also

http://www.commodon.com/threat/threat-ns.htm

Plugin Details

Severity: High

ID: 1911

Family: Backdoors

Published: 2004/08/20

Modified: 2016/01/15

Nessus ID: 10005

Risk Information

Risk Factor: High