Code: p412 Severity: Warning
Description: This event is generated when a Stacheldraht handler probes for a Stacheldraht agent on the destination host. Impact: Severe. This indicates that a Stacheldraht handler may exist on the source host and an agent may exist on the destination host. Corrective: Perform proper forensic analysis on the suspected compromised host to discover the means of compromise. Rebuild a confirmed compromised host. Use a packet filtering firewall to block inappropriate traffic to the network to prevent hosts from being compromised.
|
