2001-07-11, 02:23 AM
Somebody has tried to access your machine with the "SubSeven Trojan Horse" and failed.


This is a common intrusion detected on the Internet, resulting from hackers looking for systems who might have been compromised with this program. It appears that you haven't been compromised, and that the hacker has gone away.

A Trojan program is one that has some subversive purpose other than what it looks like One of the favorite hacker techniques is to send these programs to people in the hopes they will be fooled into running them. Typical Trojans are those that steal passwords, install a virus, reformat your hard-disk, and so forth.

A particular popular class of Trojans are the Remote Access Trojans. These are programs that provide the hacker complete remote control over your machine. The problem for that hacker is that while they can often send you such Trojans via e-mail, chat, or news programs, they often don't know where on the Internet you are located. For example, they can tell from your e-mail that you use a certain ISP, but they don't know your current IP address. Therefore, if they think they've fooled you into running their program, they must then scan the entire ISP's range for you.

The flip-side to this means that if the hacker isn't after you, you will still see their scans as they search for their other victims. Likewise, the hacker may hope that some other hacker has hoodwinked you into running this Trojan. This means the hacker may be looking for anybody who might be compromised.

Trojan Horse probes are therefore very common. They aren't a cause for concern.

The page on TCP port probe has more information on probing machines for open ports like this. Please see that page for more details.
誰能幫我查出這個人的資料 他三不五時就攻擊我的電腦