Intrusion Prevention

Backdoor.GDoor.ICMP

Description

This indicates that the ICMP activity of a G_Door trojan is detected.

G_Door is a trojan horse that uses standard client-server technology. An attacker installs the backdoor server on target systems and remotely controls them via a backdoor client.

The backdoor server listens on port 7626 for client connection requests. Once connected, an attacker can take control over the target machine.

Affected Products

Any unprotected Windows system is vulnerable to the attack.

Impact

Attackers can gain remote control over the victim system.

Recommended Actions

Apply anti-virus protection to vulnerable systems

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	12168
Created	Sep 11, 2006
Updated	Apr 23, 2014
Risk
Default Action	pass
Active
Affected OS	Windows
Affected App	Other
Profile Type	Malware

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Backdoor.GDoor.ICMP

Description

Affected Products

Impact

Recommended Actions

Coverage

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Backdoor.GDoor.ICMP

Description

Affected Products

Impact

Recommended Actions

Coverage

Threat Intelligence
Center