Test ID:	1.3.6.1.4.1.25623.1.0.10390
Category:	Backdoors
Title:	mstream agent Detect
Summary:	NOSUMMARY
Description:	Description: The remote host appears to be running a mstream agent, which is a trojan that can be used to control your system or make it attack another network (this is actually called a distributed denial of service attack tool) It is very likely that this host has been compromised Solution : Restore your system from backups, contact CERT and your local authorities Risk factor : Critical
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2000-0138 Bugtraq: 19991206 Analysis of Tribe Flood Network (Google Search) Bugtraq: 19991206 Analysis of trin00 (Google Search) Bugtraq: 19991229 Analysis of "stacheldraht" (Google Search) Bugtraq: 20000211 A DDOS proposal. (Google Search) Bugtraq: 20000211 DDOS Attack Mitigation (Google Search) Bugtraq: 20000211 TFN2K - An Analysis (Google Search) Bugtraq: 20000429 Source code to mstream, a DDoS tool (Google Search) http://marc.info/?l=bugtraq&m=95715370208598&w=2 Bugtraq: 20000501 Re: Source code to mstream, a DDoS tool (Google Search) http://marc.info/?l=bugtraq&m=95722093124322&w=2 Cert/CC Advisory: CA-2000-01 Cert/CC Advisory: IN-99-04 ISS Security Advisory: 20000209 Denial of Service Attack using the TFN2K and Stacheldraht programs ISS Security Advisory: 20000502 "mstream" Distributed Denial of Service Tool http://xforce.iss.net/alerts/advise48.php3 Sun Security Bulletin: 00193
Copyright	This script is Copyright (C) 2000 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.