I have a Firewall on my cable connection. I get very frequent alerts for a “Default Block Backdoor/SubSeven Trojan”? What the heck is it, and why is it so frequent. Besides the very idea of a Trojan at my back door is unsettling.
At the risk of making this non-GQ, does anyone else get these, with frequency?
Thank You.
Heh. Backdoor trojan.
Heh. heh.
Any computer on the Internet gets port scanned and probed frequently. Check out http://www.sans.org/newlook/resources/IDFAQ/subseven.htm for more info about subseven. Keep your firewall up to date and patch your systems regularly and you should be ok.
Start with a search…
Has some info, including making fun of the term “backdoor trojan” (my contribution). 
Use a virus checker (they look for trojans, too) to see if you have one (try http://housecall.antivirus.com). If you do, and Housecall doesn’t remove it, there are instructions at Hackfix.
For a fun read on how subseven can really screw up your day, go to http://www.grc.com . Poor old Steve Gibson upset some thirteen year old and he launched a number of DDOS attacks on Gibson’s web site. Code Red II is pretty active, at least up to today (20th), I fear the hackers are going to spoil everything for everyone.
Do not rely on virus checkers to catch trojans. The link I posted previously specifically mentions that a lot of virus checkers will not detect sub7. I’m not that familiar with Windows but in Unix, a lot of attacks involve replacing standard system binaries with compromised versions hide traces of the trojan. Eg. you can’t see a trojan process running because the binary that lists system processes was replaced with one that will not list the trojan.
The Cleaner, from Moosoft can catch trojans. You can d/l a free 30 day trial.