Subj : Malwarebytes reports trojan
To : All
From : Dumas Walker
Date : Sat Jan 20 2024 10:41 am
A couple of weeks ago, one of my users reported that his Malwarebytes was
warning him of a potential Trojan when he tried to connect here via telnet. At
the time, I assumed it was because I have iptables set up to redirect the port
from 23 to the "non root" port that Syncrhonet is listening on.
However, I have since had a fellow sysop who connects here to exchange mail
report the same thing. Because the bink port that binkit listens on is not a
"needs root" port, I don't have that one redirected by iptables. He also tried
it via telnet and sent me the error message. I cannot see what Trojan it
thinks is on this end -- I don't think the message says.
I have asked him to resend the message as text so I can share it. Malwarebytes
was actually blocking our systems from exchanging mail.
I did scan with ClamAV and all it reports are some "potentially unwanted
applications" -- some DOS programs in my download directories that are
apparently compressed with PKlite.
As I only have linux machines, I don't have any experience with Malwarebytes.
Has anyone else run into this -- is it a case of Malwarebytes just not liking
BBSes or something else?
