Malware Payload Code Detection

Critical Nessus Network Monitor Plugin ID 4471

Synopsis

The remote service appears to be distributing the payload of malware code.

Description

The remote port seems to be sending the payload of a malware. This is used by malware when spreading by infecting other hosts. The system is probably infected by a worm or a Trojan horse.

Solution

Inspect the system for malicious code and follow appropriate incident response procedures.

See Also

http://en.wikipedia.org/wiki/Storm_worm#Botnetting

Plugin Details

Severity: Critical

ID: 4471

File Name: 4471.prm

Family: Backdoors

Published: 2008/04/16

Modified: 2016/01/15

Nessus ID: 31854

Risk Information

Risk Factor: Critical