Below is not my writing, but what I found on Web relating to Sygate. Hope it's not a problem for Sygate users. ( Sygate backdoor update. I found this in SANS Windows Security Digest and the second paragraph is additional information from our original posting on this subject. ) Sygate is an Internet connection sharing program made by Sybergen (http://www.sybergen.com). Sygate contains an undocumented remote administration feature which listens on port 7323. This utility is supposed to only be accessible on the internal interface. However, recent reports have indicated that the utility may also be accessible from the outside. This poses a serious vulnerability as it allows a remote shutdown of the Sygate connection sharing program from the Internet. This vulnerability is only present if the Enhanced Security feature is not enabled, and if Sybergen's firewall product, Sybergen Secure Desktop, are not installed. Sybergen has created a patched version of Sygate, but apparently this patch is only available by contacting Sybergen technical support at this point. ...from http://www.sans.org/y2k/020300.htm

There seems to be a bit of confusion here. The 'Sygate' usually talked about here is the Sygate Personal Firewall from Sygate Technologies, Inc, who's website is http://www.sygate.com/ I see no mention of 'Sybergen' on this page 'though I didn't do a full search of the site for any connection between Sygate Technologies, Inc and Sybergen. How old is the info in SANS.org ? FYI Sygate security alerts page is: http://www.sygate.com/alerts/default.htm

You can find a posting about this at: http://www.pcflank.com/art19.htm Then do a google search on: 7323:RAT: Sygate Backdoor