Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

TROJAN: Satan's Backdoor Server Response

This signature detects TCP packets sent from local server port 666 to remote port 1024. This can indicate the server is responding to an attacker to confirm connection to the Trojan Satan's Backdoor. Satan's Backdoor, a remote administration Trojan, allows attackers to access data and gain control over some functions on remote Microsoft Windows systems.

References

CVE: CVE-1999-0660

URL: http://www3.ca.com/securityadvisor/pest/pest.aspx?id=5262 http://www3.ca.com/securityadvisor/pest/pest.aspx?id=5261

Short Name

TROJAN:SATANS-BD:SERVER-RES

Severity

Critical

Recommended

False

Recommended Action

Drop

Category

TROJAN

Keywords

Backdoor CVE-1999-0660 Response Satan's Server

Release Date

04/22/2003

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3324

Port

TCP/666

False Positive

Unknown

CVSS Score

8.8