When performing a vulnerability scan (or even a penetration test), you must be able to spot a host that is already compromised, contains malware, or is part of a botnet. When malware exists on a host you're testing, the right course of action is to switch from scanning or penetration testing mode into forensics mode to determine how the system was compromised and implement a plan to remove the backdoors that may exist.
↧