Trojan/Backdoor Detection - netbus

critical Nessus Network Monitor Plugin ID 6225

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host seems to be running a trojan or 'backdoor' program - netbus. This is typically an indicator that the machine has been compromised and is now being remotely controlled.

Solution

Manually inspect and repair the infected host

Plugin Details

Severity: Critical

ID: 6225

Family: Backdoors

Published: 1/6/2012

Updated: 11/23/2016