Mailing List Archive

RemotelyAnywhere detection
"US Military Sweep for Compromises and Backdoors
The United States Army and Navy are doing a crash review of
unclassified Windows systems for RemotelyAnywhere, a commercial remote
system management tool that's been found on numerous compromised
systems. [...]"
See also

So... Here are two scripts for SSH and the web interface. Detecting
the Telnet server is not easy.
TBD: check for default account administrator / remotelyanywhere