Subj : Malwarebytes reports trojan
To   : All
From : Dumas Walker
Date : Sat Jan 20 2024 10:41:58

A couple of weeks ago, one of my users reported that his Malwarebytes was
warning him of a potential Trojan when he tried to connect here via telnet.  At
the time, I assumed it was because I have iptables set up to redirect the port
from 23 to the "non root" port that Syncrhonet is listening on.

However, I have since had a fellow sysop who connects here to exchange mail
report the same thing.  Because the bink port that binkit listens on is not a
"needs root" port, I don't have that one redirected by iptables.  He also tried
it via telnet and sent me the error message.  I cannot see what Trojan it
thinks is on this end -- I don't think the message says.

I have asked him to resend the message as text so I can share it.  Malwarebytes
was actually blocking our systems from exchanging mail.

I did scan with ClamAV and all it reports are some "potentially unwanted
applications" -- some DOS programs in my download directories that are
apparently compressed with PKlite.

As I only have linux machines, I don't have any experience with Malwarebytes.
Has anyone else run into this -- is it a case of Malwarebytes just not liking
BBSes or something else?

Thanks!
#

---
 þ Synchronet þ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

.