Generic Botnet Server Detection (http) (deprecated)
critical Nessus Network Monitor Plugin ID 3143
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The remote host has been compromised and is running a 'backdoor' program.
The remote host appears to be running a machine that is being used to control a botnet. A botnet is a network of compromised computers that are remotely controlled by a malicious bot administrator. Botnets are commonly used for sending spam running Denial of Service (DoS) attacks against other networks scanning and compromising new systems Installing sniffers Installing keyloggers Identify theft
Manually inspect the machine for malicious processes. In addition, you may wish to consider installing security software that detects and blocks this sort of malicious software.