[ale] UDP port 11011, anyone know what it is?

Michael B. Trausch mike at trausch.us
Tue Feb 23 10:48:12 EST 2010


On 02/23/2010 09:38 AM, Greg Freemyer wrote:
> A couple minutes with google shows that a backdoor trojan called
> Amanda uses that port on the TCP side.
>
> http://www.2-spyware.com/remove-amanda-trojan.html
>
> Never heard of it before, but worth looking into.  Maybe it grew UDP
> usage as well.
>
> btw: is there a lsof equivalent for windows which will show you which
> task is using the port?  If so you can sent the executable to
> virustotal.com as one example to see if it is known bad.

Yeah, I found that, too.

It would appear to be a piece of malware with a nasty name to it, though 
the PC's user claims to have removed it.  We'll see, I'm still keeping 
an eye on the net for more packets matching its port number and protocol.

*sigh*.

	--- Mike

-- 
Michael B. Trausch                                    ☎ (404) 492-6475


More information about the Ale mailing list