Trinity v3 detection 1.0
 
Plugin ID283
Plugin nameTrinity v3 detection
Plugin filenameTrinity v3 detection.plugin
Plugin filesize2237 bytes
Plugin familyBackdoors
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/02
Plugin version1.0
Plugin protocoltcp
Plugin port33270
Plugin procedure detectionopen|send !@#\n|sleep|send id\n|sleep|close|pattern_exists uid
Plugin detection accuracy90
Plugin commentThe NASL script is Copyright (C) 2000 Renaud Deraison
Bug affectedTrinity v3
Bug not affectedOther solutions and not compromised systems
Bug vulnerability classConfiguration
Bug descriptionThe remote host appears to be running Trinity v3, which is a trojan that can be used to control your system or make it attack another network (this is actually called a distributed denial of service attack tool). It is very likely that this host has been compromised.
Bug solutionRestore your system from backups, contact CERT and your local authorities.
Bug fixing timeApprox. 2 days
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity8
Bug simplicity3
Bug impact9
Bug risk7
Bug Nessus riskCritical
Bug check toolsNessus can check this flaw with the plugin 10501 (Trinity v3 Detect).
Source CVECAN-2000-0138
Source Nessus ID10501
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.