| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Stärke von PolymorphismusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.03.2003, 04:18
| #10 |
 |  Stärke von Polymorphismus </font><blockquote>Zitat:</font><hr />Original erstellt von cruz: </font><blockquote>Zitat:</font><hr />Original erstellt von vampire: freut euch nicht zu früh, es sind trojaner server in arbeit ( polymorph natürlich) die undetectable bleiben werden...</font>[/QUOTE]kühne these...und wieso nimmst du das an? weil es die programmierer derselbigen gesagt haben? .cruz</font>[/QUOTE]ist vielleicht nicht die *passende* antwort, bin aber heute über einen interessanten artickel bei securityfocus gestolpert. handelt um (kommende) root kits unter windows (war bisher eher eine unix domäne). Windows Root Kits a Stealthy Threat Hackers are using vastly more sophisticated techniques to secretly control the machines they've cracked, and experts say it's just the beginning. By Kevin Poulsen, SecurityFocus Mar 5 2003 5:12AM Barron Mertens admits to being puzzled last January when a cluster of Windows 2000 servers he runs at an Ontario university began crashing at random. The only clue to the cause was an identical epitaph carved into each Blue Screen of Death, a message pointing the blame at a system component called "ierk8243.sys." He hadn't heard of it, and when he contacted Microsoft, he found they hadn't either. "We were pretty baffled," Mertens recalls. "I don't think that cluster had bluescreened since it was put into production two years ago." Mertens didn't know it at the time, but the university network had been compromised, and the mysterious crashes were actually a lucky break -- they gave away the presence of an until-then unknown tool that can render an intruder nearly undetectable on a hacked system. Now dubbed "Slanret", "IERK," and "Backdoor-ALI" by anti-virus vendors, experts say the tool is a rare example of a Windows "root kit" -- an assembly of programs that subverts the Windows operating system at the lowest levels, and, once in place, cannot be detected by conventional means. Also known as "kernel mode Trojans," root kits are far more sophisticated than the usual batch of Windows backdoor programs that irk network administrators today. The difference is the depth at which they control the compromised system. Conventional backdoors like SubSeven and BO2K operate in "user mode", which is to say, they play at the same level as any other application running on the compromised machine. That means that other applications -- like anti-virus scanners -- can easily discern evidence of the backdoor's existence in the Window's registry or deep among the computer's files. ... mehr auf http://www.securityfocus.com/news/2879 Heiko |
| Themen zu Stärke von Polymorphismus |
| analyse, antworten, chance, dauert, frage, gefunde, gescannt, gesuch, gesucht, länger, nicht, normale, normalen, polymorpher, schlüssel, snooby, stark, variante, vielen dank, viren, virus, worte |
Baum-Darstellung