Code: p328 Severity: Warning
Description: This event is generated when an attacker attempts to connect to a Telnet server using the phrase "StoogR". This is a known password for the HidePak rootkit. Impact: Possible theft of data and control of the targeted machine leading to a compromise of all resources the machine is connected to. Corrective: Disallow Telnet access from external sources. Use SSH as opposed to Telnet for access from external locations Delete the Trojan and kill any associated processes.
|
