Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 TROJAN:MISC:TROJAN-CIA

Severity

 Medium

Recommended

 No

Category

 TROJAN

Keywords

 Backdoor C.I.A.

Release Date

 2005/02/15

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

TROJAN: CIA Backdoor v1.1-2.2


This signature identified communication exchange of the CIA backdoor during the session establishment process. Backdoor C.I.A is a backdoor client/server combination utilising multiple data-streams that lets you open a remote connection to another system running the server part of the backdoor via TCP on multiple ports starting at 5888 incrementing by 1000 for each subsequent session by default. The server default ports are fully configurable.

Extended Description

The CIA Trojan permits an attacker to seize full control of a victim host.

References

  • CVE: CVE-1999-0660
  • URL: http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076260

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out