Content
SunOS/Wanukdoor
- Type
- Trojan
- SubType
- Remote Access
- Discovery Date
- 02/28/2007
- Length
- 7,448 13,548
- Minimum DAT
- 4974 (03/01/2007)
- Updated DAT
- 4977 (03/06/2007)
- Minimum Engine
- 5.1.00
- Description Added
- 02/28/2007
- Description Modified
- 02/28/2007 2:47 PM (PT)
Tab Navigation
Characteristics
This trojan is associated with the SunOS/Wanuk.worm malware, also known as the Telnet worm. It is the backdoor component that opens a door at port 32982 on Unix systems.Symptoms
Opens a backdoor on port 32982 on Unix systems. There are two versions: - for Sparc architecture - for Intel architectureMethod of Infection
This backdoor is installed by the SunOS/Wanuk.worm malware.Removal
Detection is included in the specified DAT release.
In addition to the DAT version requirements for detection, the specified engine version (or greater) must also be used. Delete files identified by the scanner, replace them with clean ones from backup or re-install them using the original packages. Reboot the system.Administrators should regularly check for availability of important security updates/patches.
Recommended links: Caldera Debian FreeBSD Redhat Sun SuSeVariants
Variants
N/A
All Information
Overview -
This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.Characteristics
Characteristics -
This trojan is associated with the SunOS/Wanuk.worm malware, also known as the Telnet worm. It is the backdoor component that opens a door at port 32982 on Unix systems.Symptoms
Symptoms -
Opens a backdoor on port 32982 on Unix systems. There are two versions: - for Sparc architecture - for Intel architectureMethod of Infection
Method of Infection -
This backdoor is installed by the SunOS/Wanuk.worm malware.Removal -
Removal -
Detection is included in the specified DAT release.
In addition to the DAT version requirements for detection, the specified engine version (or greater) must also be used. Delete files identified by the scanner, replace them with clean ones from backup or re-install them using the original packages. Reboot the system.Administrators should regularly check for availability of important security updates/patches.
Recommended links: Caldera Debian FreeBSD Redhat Sun SuSeVariants
Variants -
N/A
