People who have suffered from Trojans and backdoors (hereinafter collectively referred to as the back door) will not forget the tragedy after the machine was destroyed, so people started active. Defensive work, from patches to firewalls, I can't wait to add a validator to the network cable. Under a variety of defensive techniques, a large number of backdoors have fallen, and the rookies don't have to worry about surfing the Internet... But will the backdoor stop? The answer is of course no. I don't see you, in the calm land, a new back door is darkly crossing Chen Cang...
1, anti-customer-oriented intruder
Hacker A is connected to the network, but he does not see any action, what is he doing? What? We can only see him igniting a cigarette, it seems to be in a daze... After a while, he suddenly dropped the cigarette butt his hands and quickly tapped the keyboard. Through the screen, we learned that he had entered an internal server. A server with a firewall installed and deep inside... How did he do it? Could he be a god? Please take the lens back to the scene just now. The hacker A stared at a program interface in the smoke smoke. Suddenly, the interface changed a bit. At the same time, the hacker A also began to type the keyboard, followed by the familiar control interface. You may not believe your eyes: Is the machine looking for him? Impossible... But this is the truth, it is really the server itself to find it. Hacker A is not high-tech, he just uses a backdoor-based back-up.
It is well known that the invasion is usually an intruder's initiative to launch an attack. This is a similar way of hunting. In the face of vigilant prey, they are already unable to do so; but for intruders using rebound technology. They said that they were a lot easier, and the rebounding Trojan was like a wolf grandmother, waiting for Little Red Riding Hood to personally deliver it to the door. The general intrusion is that the intruder operates the control program to find the connected victim computer, and the bounce intrusion does the opposite. It opens a port on the intruder's computer, but allows the victim to contact the intruder and let the intruder control it. Since most firewalls only process external data, they close their eyes to internal data, so the tragedy occurs.
The working mode of the rebounding Trojan is as follows: the victim (the computer implanted in the rebounding Trojan server) sends a request to connect to the control terminal every time interval, and the request is looped until it successfully connects with the control terminal; The terminal accepts the connection request from the server, and the trust transmission channel between the two is established; finally, the thing done by the control terminal is very common - obtaining the control of the victim. Because the victim initiates the connection, the firewall will not alarm in most cases, and this connection mode can also break through the internal network to establish a connection with the outside, and the intruder can easily enter the internal computer.
Although the rebounding Trojan is more terrible than the average Trojan, it has a natural Achilles heel: the concealment is not high enough because it has to open a random port locally, as long as the victim has a little experience and recognizes the rebounding Trojan. Not difficult. So another Trojan was born.
2, restless normal connection
Now many users have installed a personal HTTP server, which is destined to open the port 80, which is normal, but who knows this It is a new technology that brings pain to countless network administrators. It makes a normal service a weapon for intruders.
When a machine is planted with a tunnel, its HTTP port is re-bound by the tunnel - the data transmitted to the WWW server is also transmitted to the tunnel behind it, and the intruder pretends to browse the web. (The machine thinks), but sent a special request data (in accordance with the HTTP protocol), the Tunnel and WWW services receive this information, because the requested page does not usually exist, the WWW service will return an HTTP 404 response, and the Tunnel is busy ......
When people use broadband Internet access, there are often some error messages, all of which are num
Normally, a computer on the LAN must pass through the port if it wants to successfully access the sh
XP system comes with the boot music listening for a long time will be tired, so many users want to s
Recently, many users have reported that the XP system browser opens the webpage prompts and cannot b
The new Windows computer will also have a virus
The system is indispensable for the introduction of skills
System software needs to pay attention to hardware is also important
Automated maintenance of Win XP with .inf files
The system plug-in is interrupted from time to time. The shielding method is open
Clear tray garbage to speed up system speed
How to redirect the Favorites folder in Vista system [Group]
Three steps to easily adjust the XP system mouse sensitivity
How to change the address bar font
Tianya Mingyue knife and five poisons officially launched on August 18th update content to see first
Syskey command: XP and 2000 systems are not commonly used but powerful commands
Win7 enforces traditional control panel styles
The hidden method of deleting unnecessary files in Vista system
If Windows 9 wants to succeed, you need to lobby the big company
How to retrieve the navigation pane in the Win10 folder.
Win7 error when writing to the registry
People abroad, how to use the win8 system to see the domestic Asian Cup?
What are you doing in Microsoft? Little comment on Windows 8
Photo: WP8.1 and WP8 contrast between old and new interfaces