Trojan/Backdoor Detection - netbus

Critical Nessus Network Monitor Plugin ID 6225

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host seems to be running a trojan or 'backdoor' program - netbus. This is typically an indicator that the machine has been compromised and is now being remotely controlled.

Solution

Manually inspect and repair the infected host

Plugin Details

Severity: Critical

ID: 6225

File Name: 6225.prm

Family: Backdoors

Published: 2012/01/06

Modified: 2016/11/23

Risk Information

Risk Factor: Critical