Code: p329 Severity: Warning
Description: This event is generated when an attacker attempts to connect to a Telnet server using the phrase "wank". This is a known password for the HideSource rootkit. Impact: Possible theft of data and control of the targeted machine leading to a compromise of all resources the machine is connected to. Corrective: Disallow Telnet access from external sources. Use SSH as opposed to Telnet for access from external locations Delete the Trojan and kill any associated processes.
|
