|
Beast (Trojan Horse)
Beast is a Windows-based backdoor trojan horse, more commonly known in the hacking community as a Remote Administration Tool or a "RAT". It is capable of infecting versions of Windows from 95 to XP. Written in Delphi and released first by its author Tataye in 2002, it became quite popular due to its unique features. It used the typical client–server model where the client would be under operation by the attacker and the server is what would infect the victim. Beast was one of the first trojans to feature a reverse connection to its victims, and once established it gave the attacker complete control over the infected computer. The virus would be harmless until opened. When opened, the virus would use the code injection method to inject itself into other applications. On a machine running Windows XP, removal of these three files in safe mode with system restore turned off would disinfect the system. Usage The default ports used for the direct and reverse connections were ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Server (computing)
In computing, a server is a piece of computer hardware or software (computer program) that provides functionality for other programs or devices, called " clients". This architecture is called the client–server model. Servers can provide various functionalities, often called "services", such as sharing data or resources among multiple clients, or performing computation for a client. A single server can serve multiple clients, and a single client can use multiple servers. A client process may run on the same device or may connect over a network to a server on a different device. Typical servers are database servers, file servers, mail servers, print servers, web servers, game servers, and application servers. Client–server systems are usually most frequently implemented by (and often identified with) the request–response model: a client sends a request to the server, which performs some action and sends a response back to the client, typically with a result or acknowledg ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
List Of Computer Viruses
The compilation of a unified list of computer viruses is made difficult because of naming. To aid the fight against computer viruses and other types of malicious software, many security advisory organizations and developers of anti-virus software compile and publish lists of viruses. When a new virus appears, the rush begins to identify and understand it as well as develop appropriate counter-measures to stop its propagation. Along the way, a name is attached to the virus. As the developers of anti-virus software compete partly based on how quickly they react to the new threat, they usually study and name the viruses independently. By the time the virus is identified, many names denote the same virus. Another source of ambiguity in names is that sometimes a virus initially identified as a completely new virus is found to be a variation of an earlier known virus, in which cases, it is often renamed. For example, the second variation of the Sobig worm was initially called "Paly ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ILOVEYOU
ILOVEYOU, sometimes referred to as Love Bug or Love Letter for you, is a computer worm that infected over ten million Windows personal computers on and after 5 May 2000. It started spreading as an email message with the subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.TXT.vbs." At the time, Windows computers often hid the latter file extension (" VBS," a type of interpreted file) by default because it is an extension for a file type that Windows knows, leading unwitting users to think it was a normal text file. Opening the attachment activates the Visual Basic script. First, the worm inflicts damage on the local machine, overwriting random files (including Office files and image files; however, it hides MP3 files instead of deleting them), then, it copies itself to all addresses in the Windows Address Book used by Microsoft Outlook, allowing it to spread much faster than any other previous email worm. Onel de Guzman, a then-24-year-old resident of Manila, Philip ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
File Binder
File binders are utility software that allow a user to "bind" multiple files together resulting in a single executable. They are commonly used by hackers to insert other programs such as Trojan horses into otherwise harmless files, making them more difficult to detect. Malware builders (such as keyloggers or stealers) often include a binder by default. A polymorphic packer is a file binder with a polymorphic engine. It thus has the ability to make its payload mutate over time, so it is more difficult to detect and remove. See also *Dendroid (malware) * MiniPanzer and MegaPanzer – Trojan horses that used file binders for distribution *Potentially unwanted program A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted or unnecessary. It is used as a subjective tagging criterion by security and parental control products. Such software ma ... – sometimes have used file binders for distribution References ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Anti-Virus
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other malware, antivirus software started to protect from other computer threats. In particular, modern antivirus software can protect users from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraud tools, adware, and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, advanced persistent threat (APT), and botnet DDoS attacks. History 1949–1980 period (pre-antivirus days) Although the roots of the computer viru ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Firewall (computing)
In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet. History The term ''firewall'' originally referred to a wall intended to confine a fire within a line of adjacent buildings. Later uses refer to similar structures, such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. The term was applied in the late 1980s to network technology that emerged when the Internet was fairly new in terms of its global use and connectivity. The predecessors to firewalls for network security were routers used in the late 1980s. Because they already segregated networks, routers could apply filtering to packets crossing them. Before it was used in real-life computing, the term appeared in the 1983 computer-hacking movie ' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Port Number
In computer networking, a port is a number assigned to uniquely identify a connection endpoint and to direct data to a specific service. At the software level, within an operating system, a port is a logical construct that identifies a specific process or a type of network service. A port is identified for each transport protocol and address combination by a 16-bit unsigned number, known as the port number. The most common transport protocols that use port numbers are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). A port number is always associated with an IP address of a host and the type of transport protocol used for communication. It completes the destination or origination network address of a message. Specific port numbers are reserved to identify specific services so that an arriving packet can be easily forwarded to a running application. For this purpose, port numbers lower than 1024 identify the historically most commonly used services a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Code Injection
Code injection is the exploitation of a computer bug that is caused by processing invalid data. The injection is used by an attacker to introduce (or "inject") code into a vulnerable computer program and change the course of execution. The result of successful code injection can be disastrous, for example, by allowing computer viruses or computer worms to propagate. Code injection vulnerabilities occur when an application sends untrusted data to an interpreter. Injection flaws are most often found in SQL, LDAP, XPath, NoSQL queries, OS commands, XML parsers, SMTP headers, program arguments, etc. Injection flaws tend to be easier to discover when examining source code than via testing. Scanners and fuzzers can help find injection flaws. Injection can result in data loss or corruption, lack of accountability, or denial of access. Injection can sometimes lead to complete host takeover. Certain types of code injection are errors in interpretation, giving special meaning to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SC Magazine
Haymarket Media Group is a privately held media company headquartered in London. It has publications in the consumer, business and customer sectors, both print and online. It operates exhibitions allied to its own publications, and previously on behalf of organisations such as the BBC. The company expanded outside the UK in 1999. History Haymarket began in the 1950s, under the name Cornmarket Press. Clive Labovitch and Michael Heseltine – later a Cabinet minister under Margaret Thatcher and Deputy Prime Minister under John Major – who had met at university, started out with the 1957 ''Directory of Opportunities for Graduates'', and in 1959 relaunched ''Man About Town'', which was to become an influential (if unprofitable) men's consumer magazine. The company failed in its relaunch of the British news weekly ''Topic'', the title closing at the end of 1962, within three months of the takeover. The partners split in 1965, with Heseltine renaming his half of the business Haymarke ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reverse Connection
A reverse connection is usually used to bypass firewall restrictions on open ports. A firewall usually blocks incoming connections on open ports, but does not block outgoing traffic. In a normal forward connection, a client connects to a server through the server's open port, but in the case of a reverse connection, the client opens the port that the server connects to. The most common way a reverse connection is used is to bypass firewall and router security restrictions. For example, a backdoor running on a computer behind a firewall that blocks incoming connections can easily open an outbound connection to a remote host on the Internet. Once the connection is established, the remote host can send commands to the backdoor. Remote administration tools (RAT) that use a reverse connection usually send SYN packets to the client's IP address. The client listens for these SYN packets and accepts the desired connections. If a computer is sending SYN packets or is connected to th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
