Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Troj_agent.asak

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Troj_agent.asak
# 1  
Old 06-13-2008
Troj_agent.asak
This Trojan may be dropped by other malware. It is used by other malware for its rootkit functionalities. It does this by hooking to certain functions.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT LINUX

snmpa_discovery_handler

snmpa_discovery_handler(3erl)				     Erlang Module Definition				     snmpa_discovery_handler(3erl)

NAME

       snmpa_discovery_handler - Behaviour module for the SNMP agent discovery handler.

DESCRIPTION

       This  module  defines  the  behaviour  of the agent discovery handler. A snmpa_discovery_handler compliant module must export the following
       functions:

	 * stage1_finish/2

       The semantics of them and their exact signatures are explained below.

EXPORTS

       stage1_finish(TargetName, ManagerEngineID, ExtraInfo) -> ignore | {ok, usm_entry() | [usm_entry()]} |  {ok,  usm_entry()  |  [usm_entry()],
       NewExtraInfo}

	      Types  TargetName = string()
		     ManagerEngineID = string()
		     ExtraInfo = term()
		     usm_entry() = tuple() compatible with usm.conf
		     NewExtraInfo = term()

	      This  function is called at the end of stage 1 of the discovery process. It should return either the atom ignore or {ok, usm_entry()
	      | [usm_entry()]} . See usm_entry() and usm_entry/13 for more info.

	      If the function returns ignore , then it is assumed that either:

		* The caller (of the discovery function) will make the needed updates later.

		* The callback function itself did the updates.

	      In either case, the agent will do nothing, but return the retrieved ManagerEngineID (see discovery for more info) and possible  con-
	      tinue with stage 2 of the discovery process.

	      The ExtraInfo argument is passed on from the discovery function.

	      This  function  may  return  an  updated	NewExtraInfo that will be used in subsequent calls to the callback functions. Intended for
	      future use.

	      The purpose of this function is to generate the usm- related security data needed for usm processing  in	the  agent.  Specifically,
	      updating the usmUserTable.

	      When  an	usm_entry()  tuple  (or  a  list of such tuples) is returned, this data is then added to the usmUserTable by the (master-)
	      agent.

	      When an usm_entry() tuple (or a list of such tuples) is returned, this data is then added  to  the  usmUserTable	by  the  (master-)
	      agent.

   Note:
       Note that the function does not check if this entry already exists.

   Note:
       Note that this function is executed in the context of the master-agent process.

Ericsson AB							     snmp 4.19					     snmpa_discovery_handler(3erl)