Monthly Archive:: November 2012

Sort Posts by:

Identifying Malicious Code

Malicious Scripts Some time ago, this page contained a list of scripts which we had determined through examination to contain malicious code. That list could never be exhaustive, new scripts (often nothing more than trivially editied copies of older versions) appeared every day and, despite many warnings

Detecting and Removing Trojan Horses

  Detection – How to find a Trojan. In this page you are going to learn about¬†Detecting and Removing Trojan Horses. By their very nature trojan horses are difficult to find. Unlike viruses they won’t corrupt files or delete things you might notice, they do their best

Recovering from a system compromise

What to do if you’ve been hacked. If you find you’ve been hacked, simply deleting the troajn horse or closing the open share is often not enough. Using the initial security breach as an entry point, an attacker could easily have created other backdoors into your system

Blaster Worm Removal

Blaster Worm Detection and Removal What is the Blaster Worm? Blaster is a type of computer program which spreads automatically across network connections. Programs of this type are called worms and are distinct from viruses in that they do not require any action on the part of

Nkie Worm Removal

IRC/Nkie Worm Description: The IRC/Nkie worm is among the top five most common IRC worms today. It is also the least documented worm on the internet. This worm is commonly called the $decode worm on IRC. The original $decode is a mIRC script named nkie.txt. It is

Aplore Worm Removal

32/Aplore-A Also Known As: W32.Aphex@mm, Bloodhound.VBS.Worm, I-Worm.Aphex, W32/Aplore-A, W32/Aplore@MM, Win32.Aphex, WORM_APLORE.A, Aphex, I-Worm.Aphex, Psec, Win32/Aphex.Worm, W32.Aphex@mm Infection Length: 319,488 bytes (varies) Article by Golcor Description Aplore is a mixture of tried and tested exploits in which all the code used was previously available. It was simply cobbled

VBS/Karma Hotel Worm

VBS/Karma Hotel Worm Description: This worm exploits a vulnerability in Internet Explorer that allows a script to run malicious code without prompting the user. When a computer running a vulnerable version of IE visits any web page that contains this exploit, the code is run and the

Autostart Methods

:: All Known and (so called) Unknown Autostart Methods :: Last updated, please email me at munir@nohack.net if there are any updates By tuya #NoHack / Dal.Net Contact: tuya70@yahoo.com In the following pages you’ll see that this article contains most, (I guess it has all) autostart methods

Port Numbers & Associated Services

Here are all the Port Numbers & Associated Services : Name Port/Prot. Service # 0/tcp Reserved # 0/udp Reserved tcpmux 1/tcp TCP Port Service Multiplexer tcpmux 1/udp TCP Port Service Multiplexer compressnet 2/tcp Management Utility compressnet 2/udp Management Utility compressnet 3/tcp Compression Process compressnet 3/udp Compression Process

System Security

In todays world, every machine on the internet is a potential target for attackers. Whether they are looking for a drone to use in a denial of service attack or to steal personal information from your system they are a threat you cannot ignore. Unfortunately many of