| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: xillwillx at gmail.com (Ill will) Subject: SV: Norton AntiVirus 2005 treats Radmin as a Virus ??! oops... http://www.illmob.org/0day/ghostradmin.zip On Tue, 12 Oct 2004 17:40:32 +0200, Peter Kruse <kruse@...sesecurity.dk> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > Hi, > > Keep in mind that there's a client and a server part in the Radmin installation. During installation of this commercial software you'll have the option to choose wether you want to install the server or only the client. > > If the client software is detected as malicious this would indeed be a bad call. However, if Symantec labels the server as a backdoor risk, it's likely because it was distributed as part of a malware package not so long ago (a few weeks back). Still, this doesn't justify to label the Radmin Client as a security risk. The Radmin software is widely used for remote administration in the same manner as VNC, Terminal Services or "Netbus" ;-) > > Regards > Peter Kruse > > >-----Oprindelig meddelelse----- > >Fra: full-disclosure-admin@...ts.netsys.com > >[mailto:full-disclosure-admin@...ts.netsys.com]P? vegne af Todd Towles > >Sendt: 12. oktober 2004 16:15 > >Til: Sowhat .; full-disclosure@...ts.netsys.com > >Emne: RE: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a > >Virus ??! > > > > > >That is a widely used tool that is dropped by various malware > >programs. I think even one of the JPEG exploits was dropping radmin.exe > > > >It be better to assume you have a infection and prove yourself > >wrong than the other way around. Look into it pretty deep, I would > >suggest. > > > >> -----Original Message----- > >> From: full-disclosure-admin@...ts.netsys.com > >> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Sowhat . > >> Sent: Tuesday, October 12, 2004 7:51 AM > >> To: full-disclosure@...ts.netsys.com > >> Subject: [Full-Disclosure] Norton AntiVirus 2005 treats > >> Radmin as a Virus ??! > >> > >> hi ,list > >> > >> I have installed Norton AntiVirus 2005 ,and when i open my > >> F:\ directory ,Norton pops up and show that,"Norton AntiVirus > >> has detected a virus on your computer" "Boject Name > >> F:\radmin.exe" "Virus Name Hacktool". > >> > >> Is RemoteAdministrator a commercial remote control software > >> or a Hacktool ? > >> > >> the following information is copied from the Radmin's site: > >> (http://www.radmin.com/) > >> > >> "This fast, reliable, easy-to-use pc remote control software > >> saves you hours of running up and down stairs between > >> computers. Radmin allows you to take control of another PC on > >> a LAN, WAN or dial-up connection so you see the remote > >> computer's screen on your monitor and all your mouse > >> movements and keystrokes are directly transferred to the > >> remote machine. Radmin provides fast secure access to remote > >> PC's on Windows platforms. " > >> > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.netsys.com/full-disclosure-charter.html > >> > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > -----BEGIN PGP SIGNATURE----- > Version: PGP 8.1 > > iQA/AwUBQWv68HxYZNa+g/pgEQKOiwCePgzmaczX3p55JZXV4DvZcxox/GcAn3Kc > q+lT8pAgWbC+ESuAaZRQNkYo > =bmBO > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > -- - illwill http://illmob.org
Powered by blists - more mailing lists