|
Blaster Worm
Blaster (also known as Lovsan, Lovesan, or MSBlast) was a computer worm that spread on computers running operating systems Windows XP and Windows 2000 during August 2003. The worm was first noticed and started spreading on August 11, 2003. The rate that it spread increased until the number of infections peaked on August 13, 2003. Once a network (such as a company or university) was infected, it spread more quickly within the network because firewalls typically did not prevent internal machines from using a certain port. Filtering by ISPs and widespread publicity about the worm curbed the spread of Blaster. In September 2003, Jeffrey Lee Parson, an 18-year-old from Hopkins, Minnesota, was indicted for creating the B variant of the Blaster worm; he admitted responsibility and was sentenced to an 18-month prison term in January 2005. The author of the original A variant remains unknown. Creation and effects According to court papers, the original Blaster was created after secur ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hex Dump
In computing, a hex dump is a hexadecimal view (on screen or paper) of computer data, from memory or from a computer file or storage device. Looking at a hex dump of data is usually done in the context of either debugging, reverse engineering or digital forensics. In a hex dump, each byte (8 bits) is represented as a two-digit hexadecimal number. Hex dumps are commonly organized into rows of 8 or 16 bytes, sometimes separated by whitespaces. Some hex dumps have the hexadecimal memory address at the beginning. Some common names for this program function are hexdump, hd, od, xxd and simply dump or even D. Samples A sample text file: 0123456789ABCDEF /* ********************************************** */ Table with TABs (09) 1 2 3 3.14 6.28 9.42 as displayed by Unix hexdump: 0000000 30 31 32 33 34 35 36 37 38 39 41 42 43 44 45 46 0000010 0a 2f 2a 20 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 0000020 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a * 0000040 2a 2a 20 2a 2 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reverse Engineering
Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accomplishes a task with very little (if any) insight into exactly how it does so. It is essentially the process of opening up or dissecting a system to see how it works, in order to duplicate or enhance it. Depending on the system under consideration and the technologies employed, the knowledge gained during reverse engineering can help with repurposing obsolete objects, doing security analysis, or learning how something works. Although the process is specific to the object on which it is being performed, all reverse engineering processes consist of three basic steps: Information extraction, Modeling, and Review. Information extraction refers to the practice of gathering all relevant information for performing the operation. Modeling refers to th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Windows XP Professional X64 Edition
Microsoft Windows XP Professional x64 Edition, released on April 25, 2005, is an edition of Windows XP for x86-64 personal computers. It is designed to use the expanded 64-bit memory address space provided by the x86-64 architecture. The primary benefit of moving to 64-bit is the increase in the maximum allocatable random-access memory (RAM). 32-bit editions of Windows XP are limited to a total of 4 gigabytes. Although the theoretical memory limit of a 64-bit computer is about 16 exabytes (17.1 billion gigabytes), Windows XP x64 is limited to 128GB of physical memory and 16 terabytes of virtual memory. Windows XP Professional x64 Edition uses the same kernel and code tree as Windows Server 2003 and is serviced by the same service packs. However, it includes client features of Windows XP such as System Restore, Windows Messenger, Fast User Switching, Welcome Screen, Security Center and games, which Windows Server 2003 does not have. Windows XP Professional x64 Edition is not t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Windows Server 2003
Windows Server 2003 is the sixth version of Windows Server operating system produced by Microsoft. It is part of the Windows NT family of operating systems and was released to manufacturing on March 28, 2003 and generally available on April 24, 2003. Windows Server 2003 is the successor to the Server editions of Windows 2000 and the predecessor to Windows Server 2008. An updated version, Windows Server 2003 R2, was released to manufacturing on December 6, 2005. Windows Server 2003 is based on the consumer operating system, Windows XP. Windows Server 2003's kernel has also been used in Windows XP 64-bit Edition and Windows XP Professional x64 Edition, and was the starting point for the development of Windows Vista. Overview Windows Server 2003 is the follow-up to Windows 2000 Server, incorporating compatibility and other features from Windows XP. Unlike Windows 2000, Windows Server 2003's default installation has none of the server components enabled, to reduce the attack surface ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Windows NT
Windows NT is a proprietary graphical operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ... produced by Microsoft, the first version of which was released on July 27, 1993. It is a processor-independent, multiprocessing and multi-user operating system. The first version of Windows NT was Windows NT 3.1 and was produced for workstations and server computers. It was a commercially focused operating system intended to complement consumer versions of Microsoft Windows, Windows that were based on MS-DOS (including Windows 1.0 through Windows 3.1x). Gradually, the Windows NT family was expanded into Microsoft's general-purpose operating system product line for all personal computers, deprecating the Windows 9x family. "NT" was formerly expanded to "New Technology" but no ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Anti-worm
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on the law of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. Many worms are designed only to spread, and do not attempt to change the systems they pass through. However, as th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Welchia
Welchia, also known as the "Nachi worm", is a computer worm that exploits a vulnerability in the Microsoft remote procedure call (RPC) service similar to the Blaster worm. However, unlike Blaster, it first searches for and deletes Blaster if it exists, then tries to download and install security patches from Microsoft that would prevent further infection by Blaster, so it is classified as a helpful worm. Welchia was successful in deleting Blaster, but Microsoft claimed that it was not always successful in applying their security patch. This worm infected systems by exploiting vulnerabilities in Microsoft Windows system code ( TFTPD.EXE and TCP on ports 666–765, and a buffer overflow of the RPC on port 135). Its method of infection is to create a remote shell and instruct the system to download the worm using TFTP.EXE. Specifically, the Welchia worm targeted machines running Windows XP. The worm used ICMP, and in some instances flooded networks with enough ICMP traffic to cause ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Co-founder
An organizational founder is a person who has undertaken some or all of the formational work needed to create a new organization, whether it is a business, a charitable organization, a governing body, a school, a group of entertainers, or any other type of organization. If there are multiple founders, each can be referred to as a co-founder. If the organization is a business, the founder is usually an entrepreneur. If an organization is created to carry out charitable work, the founder is generally considered a philanthropist. Issues arising from the role A number of specific issues have been identified in connection with the role of the founder. The founder of an organization might be so closely identified with that organization, or so heavily involved in its operations, that the organization can struggle to exist without the founder's presence. "One practical way to cope with overreliance on a founder is to distribute management duties so that others are clearly responsible for im ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Distributed Denial Of Service Attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. More sophisticated strategies are required to mitigate this type of attack, as simply attempting to block a single source is insufficient because there are multiple sources. A DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, thus disrupting trade. Criminal perpetrators of DoS attacks oft ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Microsoft Update
Windows Update is a Microsoft service for the Windows 9x and Windows NT families of operating system, which automates downloading and installing Microsoft Windows software updates over the Internet. The service delivers software updates for Windows, as well as the various Microsoft antivirus products, including Windows Defender and Microsoft Security Essentials. Since its inception, Microsoft has introduced two extensions of the service: Microsoft Update and Windows Update for Business. The former expands the core service to include other Microsoft products, such as Microsoft Office and Microsoft Expression Studio. The latter is available to business editions of Windows 10 and permits postponing updates or receiving updates only after they have undergone rigorous testing. As the service has evolved over the years, so has its client software. For a decade, the primary client component of the service was the Windows Update web app that could only be run on Internet Explorer. Star ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
