Backdoor2008 - Backdoors, Trojans, Rootkits. The Spread...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Backdoors, Trojans, Rootkits…
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
The Spread ( US ) At its peak, Witty flooded the Internet with more than 90 Gbits/second of traffic . Locations infected within the first 60 seconds are shown in red, while locations infected after the first 60 seconds are shown in yellow. ( Slammer )
Background image of page 2
Virus damage Kama Sutra virus threat LA Blackworm distribution 79610 54878 22710 15516 15270 7615 7176 4716 50758 India Peru Italy Turkey United States Egypt Malaysia Greece Rest of the world
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Telescope Data collection on the Internet today is a formidable task. It is either impractical or impossible to collect data in enough locations to construct a global view of this dynamic, amorphous system. Network telescopes have emerged as the predominant mechanism for quantifying Internet wide security phenomena such as denial-of-service attacks and network worms. Network telescopes infer remote network behavior and events in an entirely passive manner by examining spurious traffic arriving for non-existent hosts at a third- party network.
Background image of page 4
Rootkits
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
IAT = Import Address Table SSDT= System Service Dispatch Table
Background image of page 6
cDc
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Back Orifice was publicly released by the Cult of the Dead Cow ( cDc ) on 3 August 1998. It has reportedly been downloaded by well over 100,000 people since then . Coded by the Cult of the Dead Cow (cDc). "Back Orifice" is a hacker's dream, and a Netizen's nightmare. Back orifice is probably the most well known Trojan available today. Back Orifice - Also known as BO. "Back Orifice" (BO) suite ,
Background image of page 8
Rootkits A rootkit is a program (or combination of several programs) designed to take fundamental control (in Unix terms "root" access, in Windows terms "Administrator" access) of a computer system, without authorization by the system's owners and legitimate managers. A rootkit is intended to seize control of the operating system running on the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms. Often, they are also Trojans as well, thus fooling users into believing they are safe to run on their systems.
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Windows User-Land vs. Kernel-Land Executive Device Drivers Hardware Abstraction Layer (HAL) Kernel User Kernel Win32 User Apps Subsystem DLL Processes POSIX OS/2 Win32 User/GDI Environment Subsystems
Background image of page 10
In August 2000, statements by Sony Pictures Entertainment US senior VP Steve Heckler told attendees at the Americas Conference on Information Systems "The industry will take whatever steps it needs to protect itself and protect its revenue streams. .. It will not lose that revenue stream, no matter what. .. Sony is going to take aggressive steps to stop this.
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/12/2008 for the course EPP 19601 taught by Professor Morel during the Spring '08 term at Carnegie Mellon.

Page1 / 52

Backdoor2008 - Backdoors, Trojans, Rootkits. The Spread...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online