Presentation is loading. Please wait.

Presentation is loading. Please wait.

Remote Control and Advanced Techniques. Remote Control Software What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local.

Published byWillis Richards Modified over 8 years ago

Similar presentations

Presentation on theme: "Remote Control and Advanced Techniques. Remote Control Software What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local."— Presentation transcript:

1 Remote Control and Advanced Techniques

2 Remote Control Software What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local machine (graphical)graphical Allow running graphical, text-based application in remote machine, displaying the results in the local machine. A variety of applications, most with free download as demo.download pcAnywherepcAnywhere is one of the pioneers and very popular. VNCVNC is also very popular because it is cross-platform and free. Discovering and connecting to remote control software Use Nmap or Superscan to search for ports 22, 799, 800, 1494, 2000, 2001, 5631, 5632, 5800, 5801, 5900, 5901, 43188, 65301 Once software is identified download free demo and try brute force. Major weakness: only password is encrypted, traffic is compressed, only. Countermeasures: strong password (again), encrypt traffic (SSL, SSN, etc.), limit and log login attempts, change default listening port. In dial-in use: logoff user with call completion.

3 Advanced Techniques Adding to what we have seen before: TrojansTrojans: we have seen that BO, NetBus and SubSeven are the most common Trojan, backdoor hacker tools. TCP/IP ports: official, Internet services. Different from protocol ports.officialInternet servicesprotocol ports Trojan ports: list, more details, and resources.listmore detailsresources Port listening software: netstat, Active Ports (example), BackOfficer Friendly (example).netstatActive PortsexampleBackOfficer Friendly example Checking and removing Trojans: Symantec on-line check (example), Moosoft Cleaner shareware.on-line checkexampleMoosoft Cleaner Weeding out rogue processes: Windows Task Manager, Linux ps – auxTask Managerps – aux Be aware of traps: Whack-A-Mole (pseudo game), BoSniffer (BO in disguise), eLiTeWrap (packs Trojans as exe). Generic: download, scan for virus, then execute, do not run from Internet. Rootkits: Difficult to detectDifficult to detect keep a record of your files using Tripwire,Tripwire create image of your hard-drive: hardware and software solutions (Norton Ghost, Drive Image).hardwareNorton GhostDrive Image

4 Other Techniques TCP hijacking JuggernautJuggernaut: spy on a TCP connection and issue commands as the logged user. HuntHunt: spy on a TCP connection (works with shared and switched nets). Countermeasures: encrypted protocols such as IPSec, SSH. TFTPTFTP: Trivial File Transfer Protocol. Used by routers, and there are free servers for Windows.free servers Standard client in Windows 2000: tftp.exe protected by Windows File Protection so it can't be removed. See use here.clienthere Prevent its use by Nimda :Nimda 1) Edit the services file: %systemroot%/system32/drivers/etc/services 2) Find this line: tftp 69/udp 3) Replace it with: tftp 0/udp Social Engineering Help desk information: on the Web, e-mail, voice User information: on the Web, e-mail, voice

Download ppt "Remote Control and Advanced Techniques. Remote Control Software What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local."

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
COEN 250 Computer Forensics Unix System Life Response.

COEN 250 Computer Forensics Unix System Life Response.
Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.

Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.

Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.
Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.

Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
SSH: An Internet Protocol By Anja Kastl IS 373 - World Wide Web Standards.

SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.

Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
MIS 5211.001 Week 7 Site:

MIS Week 7 Site:
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Similar presentations

Ads by Google