Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
3Activity

Table Of Contents

3.2 What We Did
3.3 The State of Worms
4.1 Worm Analysis
4.2 Selected Worms
4.3 Classifying Worms
4.4.1.1.1 An Exploitable Portion of Network Aware Code
4.4.1.1.2 A Vulnerable Configuration of a Network Aware Component
4.4.1.1.3 A User's Action
4.4.1.1.4 An Existing Backdoor
4.4.1.2 Attributes Associated with Infection
4.4.1.3 State of Infection Vectors
4.4.2.1.1 Modify Startup Files
4.4.2.1.2 Job Scheduling Utility
4.4.2.1.3 File Infection or Replacement
4.4.2.1.4 Registry Changes
4.4.2.1.5 Changing File Type Handler
4.4.2.2 Evading Detection
4.4.2.3 Disabling Detection Software
4.4.2.4 Preventing Reverse Engineering
4.4.3 Attributes Associated with Survival
4.4.4.1.1 Sending Infected Email
4.4.4.1.2 Inserting Copies on Peer-to-Peer (P2P) Networks
4.4.4.1.3 Placing Copies on File Shares
4.4.4.1.4 Scanning for and Exploiting Remote Vulnerabilities
4.4.4.2 Attributes Associated with Propagation
4.4.4.3 State of Propagation
4.4.5.1.1 Establish Backdoor Control
4.4.5.1.2 Establish a Denial-of-Service Agent
4.4.5.1.3 Harvesting Information
4.4.5.1.4 Causing Destruction
4.4.5.2 Attributes Associated with Payloads
4.4.5.3 State of Worm Payloads
5.1 Exploits Vulnerable Network Code
5.2 Tricks the User
5.3 Exploits Vulnerable Configuration
5.4 Exploits Previously Installed Backdoors
5.5 Changes File System
5.6 Changes System Settings
5.7 Modifies a Process
5.8 Accesses the Network
5.9 Requires Advanced Privilege
5.10 Performs Anomalous Queries
5.11 Invokes Crucial APIs
5.12 Causes Network Flooding
5.13 Slows Local System
5.14 Contains Worm Signatures
6.1 Firewalls – Packet Filtering
6.2 Firewalls - Stateful
6.3 Firewalls - Application Proxy
6.4 Intrusion Detection Systems (IDS)
6.5 Host Firewalls
6.6 Virtual Machines
6.7 Configuration
6.8 Anti-virus Heuristics
6.9 Host-based Intrusion Prevention Systems
6.10 Integrity Checking
6.11 Stackguarding
7.1 The Defense Matrix
7.2.1 Packet Filtering Firewalls
7.2.2 Stateful Firewalls
7.2.3 Application Proxy Firewalls
7.2.4 Intrusion Detection Systems
7.2.5 Host Firewalls
7.2.6 Virtual Machines
7.2.7 Configuration
7.2.8 Anti-virus with Heuristics
7.2.9 Host-based Intrusion Prevention Systems
7.2.10 Integrity Checkers
7.2.11 Stackguarding
8.1.1.1 Description
8.1.1.2 Defenses
8.1.2.1 Description
8.1.2.2 Defenses
8.1.3.1 Description
8.1.3.2 Defenses
8.1.4.1 Description
8.1.4.2 Defenses
8.2.1.1 Description
8.2.1.2 Defenses
8.2.2.1 Description
8.2.2.2 Defenses
8.2.3.1 Description
8.2.3.2 Defenses
8.2.4.1 Description
8.2.4.2 Payload
8.3.1.1 Description
8.3.1.2 Defenses
8.3.2.1 Description
8.3.2.2 Defenses
8.3.3.1 Description
8.3.3.2 Defenses
8.3.4.1 Description
8.3.4.2 Defenses
8.4.1.1 Description
8.4.1.2 Defenses
8.4.2.1 Description
8.4.2.2 Defenses
8.4.3.1 Description
8.4.3.2 Defenses
8.4.4.1 Description
8.4.4.2 Defenses
8.5.1.1 Description
8.5.1.2 Defenses
8.5.2.1 Description
8.5.2.2 Defenses
8.5.3.1 Description
8.5.3.2 Defenses
8.5.4.1 Description
8.5.4.2 Defenses
0 of .
Results for:
No results containing your search query
P. 1
Worm Paper

Worm Paper

Ratings: (0)|Views: 38 |Likes:
Published by Robert Tapia

More info:

Published by: Robert Tapia on Sep 09, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

10/20/2011

pdf

text

original

You're Reading a Free Preview
Pages 5 to 47 are not shown in this preview.

Activity (3)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
ratedxxx liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->