Spyware Detail

Alias

ServU-Daemon[McAfee]
destructive program[F-Prot]
Backdoor.ServU-based[Kaspersky]
Win32/Irc-hack.B!Trojan[Computer Associates]
Application/Serv-U-Based.A[Panda]

Vendor Description

Serv-U is an FTP Server program for Windows 95/98/2000/ME/XP and Windows NT 4.0. With Serv-U, your PC will be turned into an FTP server. This means that others on the computer network that you are connected to (the Internet for most people) can access your PC to copy, move, make, and delete files and directories, using the FTP protocol (FTP = File Transfer Protocol). This protocol dictates standard ways of communication between computers, so that many different types of computers, using different operating systems and file formats, can exchange files. In simplest terms user accounts are created and permissions granted to areas on the hard drive so that FTP Clients, like FTP Voyager, can download and upload files. There are FTP servers (and clients) for many different systems. Serv-U is meant for PCs running MS-Windows that have a WinSock version 1.1 compatible TCP/IP stack installed. This includes Windows 95, Windows 98, Windows ME, Windows XP, Windows NT 4, and Windows 2000. Serv-U is composed of two separate parts, the Engine and the user interface. The Serv-U Engine or Daemon is the heart of Serv-U. It does all the work of serving FTP commands from FTP clients. It is the software that performs all file transfers. The Serv-U Administrator program is the way you interact with the Serv-U Engine. It is used to configure Serv-U and to define users, specify access etc. Depending on the Serv-U Edition you are using Serv-U can handle both regular (clear-text) FTP and secure-FTP. The latter uses SSL/TLS to provide strong encryption (128 bits or more), protecting usernames, passwords, and file transfers. The Administrator program also uses SSL/TLS to encrypt all traffic between it and the Engine.

Category

Backdoor:  A secret or undocumented means of getting into a computer system, or software that uses such a means to penetrate a system. Some software has a backdoor placed by the programmer to allow them to gain access to troubleshoot or change the program. Software that is classified as a "backdoor" is designed to exploit a vulnerability in a system, and open it to future access by an attacker.

FTP Server:  When installed without user awareness, an FTP server allows an attacker to download any file in the user's machine, to upload new files to that machine, and to replace any existing file with an uploaded file.

Trojan:  Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.



Variants

Serv-U FTP Server 2.5a · Serv-U FTP Server 3.0 ·

View Full Details