|
Alureon
Alureon (also known as TDSS or TDL-4) is a trojan and rootkit created to steal data by intercepting a system's network traffic and searching for banking usernames and passwords, credit card data, PayPal information, social security numbers, and other sensitive user data. Following a series of customer complaints, Microsoft determined that Alureon caused a wave of BSoDs on some 32-bit Microsoft Windows systems. The update, MS10-015, triggered these crashes by breaking assumptions made by the malware author(s). According to research conducted by Microsoft, Alureon was the second most active botnet in the second quarter of 2010. Description The Alureon bootkit was first identified around 2007. Personal computers are usually infected when users manually download and install Trojan software. Alureon is known to have been bundled with the rogue security software, "Security Essentials 2010". When the dropper is executed, it first hijacks the print spooler service (spoolsv.exe) to update ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Rootkit
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software. The term ''rootkit'' is a compound of "root" (the traditional name of the privileged account on Unix-like operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware. Rootkit installation can be automated, or an attacker can install it after having obtained root or administrator access. Obtaining this access is a result of direct attack on a system, i.e. exploiting a vulnerability (such as privilege escalation) or a password (obtained by cracking or social engineering tactics like "phishing"). Once installed, it becomes possible to hide the intrusion as well as to maintain privileged acc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Botnet
A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation. Overview A botnet is a logical collection of Internet-connected devices, such as computers, smartphones or Internet of things (IoT) devices whose security have been breached and control ceded to a third party. Each compromised device, known as a "bot," is created when a device is penetrated by software from a '' malware'' (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers through communication channels formed by standards-based network protocols, su ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Kad Network
The Kad network is a peer-to-peer (P2P) network which implements the Kademlia P2P overlay protocol. The majority of users on the Kad Network are also connected to servers on the eDonkey network, and Kad Network clients typically query known nodes on the eDonkey network in order to find an initial node on the Kad network. Usage The Kad network uses a UDP-based protocol to: * Find sources for eD2k hashes. * Search for eD2k hashes based on keywords in the file name. * Find comments and ratings for files (hashes). * Provide buddy services for firewalled ( Low ID) nodes. * Store locations, comments and (keywords out of) filenames. Note that the Kad network is not used to actually transfer files across the P2P network. Instead, when a file transfer is initiated, clients connect directly to each other (using the standard public IP network). This traffic is susceptible to blocking/shaping/tracking by an ISP or any other opportunistic middle-man. As with all decentralized networks ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trojan Horse (computing)
In computing, a Trojan horse is any malware that misleads users of its true intent. The term is derived from the Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy. Trojans generally spread by some form of social engineering; for example, where a user is duped into executing an email attachment disguised to appear innocuous (e.g., a routine form to be filled in), or by clicking on some fake advertisement on social media or anywhere else. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller who can then have unauthorized access to the affected computer. Ransomware attacks are often carried out using a Trojan. Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves into other files or otherwise propagate themselves. Use of the term It's not clear where or when the concept, and this term for it, was first used, but by 1971 the first Unix manual assumed its r ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Russia
Russia (, , ), or the Russian Federation, is a List of transcontinental countries, transcontinental country spanning Eastern Europe and North Asia, Northern Asia. It is the List of countries and dependencies by area, largest country in the world, with its internationally recognised territory covering , and encompassing one-eighth of Earth's inhabitable landmass. Russia extends across Time in Russia, eleven time zones and shares Borders of Russia, land boundaries with fourteen countries, more than List of countries and territories by land borders, any other country but China. It is the List of countries and dependencies by population, world's ninth-most populous country and List of European countries by population, Europe's most populous country, with a population of 146 million people. The country's capital and List of cities and towns in Russia by population, largest city is Moscow, the List of European cities by population within city limits, largest city entirely within E ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Estonia
Estonia, formally the Republic of Estonia, is a country by the Baltic Sea in Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the sea across from Sweden, to the south by Latvia, and to the east by Lake Peipus and Russia. The territory of Estonia consists of the mainland, the larger islands of Saaremaa and Hiiumaa, and over 2,200 other islands and islets on the eastern coast of the Baltic Sea, covering a total area of . The capital city Tallinn and Tartu are the two largest urban areas of the country. The Estonian language is the autochthonous and the official language of Estonia; it is the first language of the majority of its population, as well as the world's second most spoken Finnic language. The land of what is now modern Estonia has been inhabited by '' Homo sapiens'' since at least 9,000 BC. The medieval indigenous population of Estonia was one of the last " pagan" civilisations in Europe to adopt Ch ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Windows Recovery Console
The Recovery Console is a feature of the Windows 2000, Windows XP and Windows Server 2003 operating systems. It provides the means for administrators to perform a limited range of tasks using a command-line interface. Its primary function is to enable administrators to recover from situations where Windows does not boot as far as presenting its graphical user interface. The recovery console is used to provide a way to access the hard drive in an emergency through the command prompt. As such, the Recovery Console can be accessed either through the original installation media used to install Windows, or it can also be installed to the hard drive and added to the NTLDR menu. However, relying on the latter is much more risky because it requires that the computer can boot to the point that NTLDR loads, or else it would not work at all. Abilities The Recovery Console has a simple command-line interpreter (or CLI). Many of the available commands closely resemble the commands that a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
WinPE
Windows Preinstallation Environment (also known as Windows PE and WinPE) is a lightweight version of Windows used for the deployment of PCs, workstations, and servers, or troubleshooting an operating system while it is offline. It is intended to replace MS-DOS boot disks and can be booted via USB flash drive, PXE, iPXE, CD-ROM, or hard disk. Traditionally used by large corporations and OEMs (to preinstall Windows client operating systems on PCs during manufacturing), it is now widely available free of charge via Windows Assessment and Deployment Kit (WADK) (formerly Windows Automated Installation Kit (WAIK)). Overview WinPE was originally intended to be used only as a pre-installation platform for deploying Microsoft Windows operating systems, specifically to replace MS-DOS in this respect. WinPE has the following uses: * Deployment of workstations and servers in large corporations as well as pre-installation by system builders of workstations and servers to be sold to end ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Netstat
In computing, netstat (''network statistics'') is a command-line network utility that displays network connections for Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics. It is available on Unix, Plan 9, Inferno, and Unix-like operating systems including macOS, Linux, Solaris and BSD. It is also available on IBM OS/2 and on Microsoft Windows NT-based operating systems including Windows XP, Windows Vista, Windows 7, Windows 8 and Windows 10. It is used for finding problems in the network and to determine the amount of traffic on the network as a performance measurement. On Linux this program is mostly obsolete, although still included in many distributions. On Linux, netstat (part of "net-tools") is superseded by ss (part of iproute2). The replacement for netstat -r is ip route, the replacement for netstat -i is ip -s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Packet Analyzer
A packet analyzer, also known as packet sniffer, protocol analyzer, or network analyzer, is a computer program or computer hardware such as a packet capture appliance, that can intercept and log traffic that passes over a computer network or part of a network. Packet capture is the process of intercepting and logging traffic. As data streams flow across the network, the analyzer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications. A packet analyzer used for intercepting traffic on wireless networks is known as a wireless analyzer or WiFi analyzer. While a packet analyzer can also be referred to as a network analyzer or protocol analyzer these terms can also have other meanings. Protocol analyzer can technically be a broader, more general class that includes packet analyzers/sniffers. However, the terms are frequently used interch ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. By contrast, software that causes harm due to some deficiency is typically described as a software bug. Malware poses serious problems to individuals and businesses on the Internet. According to Symantec's 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 669,947,865 in 2017, which is twice as many malware variants as in 2016. Cybercrime, which includes malware attacks as well as other crimes committed by computer, was predicted to cost the world economy $6 trillion USD in 2021, and is increasing at a rate of 15% per year. Many types of malware exist, including computer viruses, worms, Trojan horses, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Encrypt
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor. For technical reasons, an encryption scheme usually uses a pseudo-random A pseudorandom sequence of numbers is one that appears to be statistically random, despite having been produced by a completely deterministic and repeatable process. Background The generation of random numbers has many uses, such as for rando ... encryption Key (cryptography), key generated by an algorithm. It is possible to decrypt the message without possessing the key but, for a well-designed encryption scheme, considerable computational resources and skills are required. An au ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
