This paper is an analysis of a common sort of targeted attack per-formed nowadays against many organizations. As it turns out, publicly
available remote administration tools (which we usually call trojans )
are frequently used to maintain control over the victim after a success-ful penetration. The paper does not focus on particular exploitation
techniques used in these attacks. Instead, it aims to get a closer look
at one of such trojans. First chapters describe a way to gure out
which trojan has been used. The following chapters describe in brief
the architecture, capabilities and techniques employed by developers
of the identi ed trojan, including mechanisms to hide its presence in
the system, and to cover its network trace. The paper presents all the
techniques used to perform the analysis. In the nal chapters, a quick
vulnerability analysis has been performed to show that such intruders
could also be an object of an attack. .
http://dl.dropbox.com/u/43748161/blog/pdf/targeted_2010.pdf
b958dd2e25299c0220d07fe1d6c278fc
沒有留言:
張貼留言