Virus writers use other techniques to distribute computer worms, including:
* Copying the worm to networked resources
* Exploiting operating system vulnerabilities to penetrate computers and/or networks
* Penetrating public networks
* Piggy-backing: using other malware to act as a carrier for the worm.
In the first case, the worms locate remote machines and copy themselves into folders which are open for read and write functions. These network worms scan all available network resources using local operating system services and/or scan the Internet for vulnerable machines. They will then attempt to connect to these machines and gain full access to them.
In the second case, the worms scan the Internet for machines that have not been patched, i.e. have operating systems with critical vulnerabilities still open to exploitation. The worm sends data packets or requests which install either the entire body of the worm or a section of the worm's source code containing downloader functionality. If this code is successfully installed the main worm body is then downloaded. In either case, once the worm is installed it will execute its code and the cycle continues.
Worms that use Web and FTP servers fall into a separate category. Infection is a two-stage process. These worms first penetrate service files on the file server, such as static web pages. Then the worms wait for clients to access the infected files and attack individual machines. These victim machines are then used as launch pads for further attacks.
Some virus writers use worms or Trojans to spread new worms. These writers first identify Trojans or worms that have successfully installed backdoors on victim machines. In most cases this functionality allows the master to send commands to the victim machine: such zombies which have backdoors installed can be commanded to download and execute files - in this case copies of the new worm.
Many worms use two or more propagation methods in combination, in order to more efficiently penetrate potential victim machines.
skip to main |
skip to sidebar
Masukkan Code ini K1-6212DB-3
untuk berbelanja di KutuKutuBuku.com
Information all About dildo , vibrator, pump penis, women and men sex toys, lingerie,etc.
Blog Archive
-
▼
2008
(226)
-
▼
July
(69)
- Ten Ways to Avoid Spam
- Types of Spam
- Evolution of Spam
- Spammer Technologies
- Spam - What exactly is it?
- Software Vulnerabilities
- How to Detect a Hacker Attack
- An Analysis of Hacker Mentality
- History of Hacking-related Events
- Major Hackers Personalities
- Hackers and Law
- DoS.Linux.Chass
- DoS.Linux.Front
- DoS.Linux.IISuxor
- DoS.Linux.Octopus
- DoS.Linux.SinkSlice
- DoS.Perl.Avirt
- DoS.Perl.Chopsui
- DoS.Perl.Fusion
- DoS.Perl.Httux
- DoS.Perl.Imesh.102
- DoS.Perl.Nertt
- DoS.Perl.Raden
- DoS.Perl.Shafolder
- DoS.Perl.Tedla
- DoS.Perl.Vqserver
- DoS.Win32.DieWar
- DoS.Win32.VB.y
- DoS.Win32.VB.z
- DoS.Win32.VB.aa
- Denial-of-Service Attack Tools
- Other Malware
- Trojan Programs
- Classic Viruses
- File-sharing Networks or P2P Worms
- IRC Worms
- Internet Worms
- Instant Messaging (ICQ and MSN) Worms
- Email worms
- Network Worms
- Three Criteria for Malware Existence
- If Your Computer Is Infected
- Worms - Trend in 2003
- tahun 2003
- tahun 2002
- tahun 2001
- tahun 2000
- tahun 1999
- tahun 1998
- tahun 1997
- tahun 1996
- tahun 1993 - 1995
- tahun 1991- 1992
- 1990
- tahun 1989
- tahun 1988
- tahun 1987
- tahun 1980
- tahun 1970
- History of Malicious Programs - beginning
- History of Malicious Programs
- Who Writes Malicious Programs and Why
- Hasil dari analisanya SysAnalizer terhadap worm
- Virus.Win32.VB.dl
- URLCASH
- Sang Legenda Hacker " the COndor "
- Serangan Virus Januari – April 2008
- All About Tongji JS New Trojan From China
- ide ide dan peluang masa depan
-
▼
July
(69)
Masukkan Code ini K1-6212DB-3
untuk berbelanja di KutuKutuBuku.com
No comments:
Post a Comment