[ale] UDP port 11011, anyone know what it is?
Michael B. Trausch
mike at trausch.us
Tue Feb 23 10:48:12 EST 2010
On 02/23/2010 09:38 AM, Greg Freemyer wrote:
> A couple minutes with google shows that a backdoor trojan called
> Amanda uses that port on the TCP side.
>
> http://www.2-spyware.com/remove-amanda-trojan.html
>
> Never heard of it before, but worth looking into. Maybe it grew UDP
> usage as well.
>
> btw: is there a lsof equivalent for windows which will show you which
> task is using the port? If so you can sent the executable to
> virustotal.com as one example to see if it is known bad.
Yeah, I found that, too.
It would appear to be a piece of malware with a nasty name to it, though
the PC's user claims to have removed it. We'll see, I'm still keeping
an eye on the net for more packets matching its port number and protocol.
*sigh*.
--- Mike
--
Michael B. Trausch ☎ (404) 492-6475
More information about the Ale
mailing list