Hundreds of super weapons of the hacker Empire, Wu Jianrong 01-4-30 09:58:53
How do you look at hackers and hackers? worship? Do not teeth? Still fear? This article will introduce you to eight weapons commonly used in Chinese hackers and their defense methods. It should be noted that these are just a junior hacker, or even a tool used by a hacker's "hacker". These tools are very primitive in real hackers, but these hacking tools are very large for our ordinary users, so it is necessary to introduce their characteristics and defense methods.
1. Ice Download Address: http://yzkzero.51.net. One of the best domestic Trojans and a Trojan that is used. Speaking of the sentence, if this software makes the commercial remote control software for regulatory torque, it will never be inferior to the bulky, complex PCANywhere, but unfortunately, it eventually become a hacker common tool.
The Ice server side (controlled) and client (control terminal) are an executable file, the client's icon is a Swiss army knife, the server side seems to be a negligible program, but it is this program, It is enough to make your computer become someone else's palm. After a computer implements the server-side software, the computer's 7626 port (default) is open to the outside. If you enter this computer's IP address in the client, you can fully control this computer. Since the IP address of the personal computer is randomly assigned, the client software has a "automatic search" feature that automatically scans an IP section infected computer. Once this computer is in hackers. Master it. Since the iceberg propagation is relatively wide, it is generally in a few minutes, and a victim infected with the ice is found within a few minutes.
Defense measures: Do not run unknown software easily, as long as the server is not running, the ice river is also powerful, this is very important; secondly due to the broad popularity of the ice, it makes most anti-virus software can kill the ice river. Therefore, it is necessary to use anti-virus software before running a new software. However, because the software varies, anti-virus software is not upgraded in time, it will inevitably have omissions, so it is necessary to ensure that you use the anti-virus library to keep the latest. It is also possible to kill Trojan software such as Mark Max Star; install and run the firewall, so you can relatively safe.
2.wnuke download address: http://www.521hacker.com. With the vulnerability of the Windows 95 system, send a piece of information to the remote machine through the TCP / IP protocol, causing an OOB error to crash. Phenomenon: A blue-shelf prompt appears on the computer screen: "The system has an abnormal error", and then return to the original state after pressing the ESC button, or crash. It can attack WIN9X, WINNT, WIN2000 and other systems, and can freely set the size and number of packets, which cause the other party to crash through continuous attacks.
Defense measures: Don't click others to tell your website in the forum or chat room, which is likely to detect your IP address (if iPhunter can do this); create a text file with a writing board or other editing software The file name is OOBFIX.REG, the content is as follows:
Regedit4
[HKEY_LOCAL_MACHINE / SYSTEM / CURRENTCONTROLSET / SERVICES / VXD / MSTCP]
"Bsdurgent" = "0"
Start the resource manager, double-click the file; install and run the firewall.
3.Shed Downloads: http://www.cners.com/tools/shed.exe. SHED is based on NetBIOS's software. NetBIOS (Network Basic Input Output System, Network Basic Input Output System) is an application interface (API), which is to add special functions for local area network (LAN), almost all LAN computers work on NetBIOS. In our Windows 95, 99, or ME, NetBIOS is bundled with TCP / IP, which is very dangerous! But when we install the TCP / IP protocol, the NetBIOS and its files are also loaded with the system by default. When NetBIOS is running, your back door opens: Because NetBIOS is not only allowed to access your hard disk resources in the LAN, the hacker on the Internet can also! SHED is using this. Defense measures:
1) Check if the NetBeui appears in the configuration bar. Open the control panel, double-click the "Network" option to open the Network dialog. Check if there is NetBeui in the "Configuration" tab. If not, click the Add button below the list, select the Network Protocol dialog, select Microsoft in the manufacturer list, select NetBeui in the Network Protocol list. Click OK, insert the installation disk according to the prompt, install the NetBeui.
2) Back to the Network dialog box, select the Dial-up Network Adapter, click the "Properties" button in the list of the list. In the Open "Properties" dialog box, select the "Bind" tab, cancel the pair of pairs in the check box except for the "TCP / IP-> Network Adapter"!
3) Back to the Network dialog box, select the "TCP / IP-> Dial-up Network Adapter" Click the "Properties" button in the list, don't be afraid to pop up the warning dialog box, click "OK". Select the "Bind" tab in the TCP / IP Properties dialog box, cancel the pair of all items in the list! Click "OK", then Windows will warn you "The binding drive has not been selected. Do you choose the drive now?" Click "No". After that, the system will prompt to restart your computer and confirm.
4) Re-enter the "TCP / IP Properties" dialog box of "TCP / IP-> Dial Network Adapter", select the "NetBIOS" tab, see "Enabling the NetBIOS" entry through TCP / IP "item! Co-point "Cancel" exits the "Network" dialog (don't click "confirm", so that there is no surprise).
Ok, now you can rest assured.
4. Superscan Download Address: http://go.163.com/ ~leyaya/superscan.zip. It is a powerful scanner, which is very fast, and the IP segment of the Taiwan's total response value is less than 200 ms is only 6 hours. You can view all the online hosts of an IP segment and the port number whose detectable port number is scanned by this IP address and domain name. And you can save and import all detected information.
Defense measures: Timely patch blocked vulnerabilities. Microsoft's endless patches are useful. Many times, these patches can effectively block vulnerabilities to make our system more secure. Although the patch package will always be late than the vulnerability, it is still necessary for the measures for the deceased sheep.
5.Exebind download address: http://go.163.com/ ~leyaya/binder.exe. Running platform: Windows 3.x / Windows 95 / Windows 98 / Windows NT / Windows 2000. Principle: This applet is bundled with the specified hacker program to any popular hot software that enables the host program, and the parasitic program (hacker program) is also performed in the background. When you get online again, you have been controlled in unknown. Do you say this file bundled experts? And it supports multiple bundles. In fact, it is achieved by multiple segmentation files, and the sub-process from the parent process is multiple times. Phenomenon: Almost no. Hazard: Netspy, HDFill, BO 2000 often transmits this form of transmission on the Internet. If one day you receive a good procedure, please check it carefully, because it is not allowed to bundle Trojans with Exebind! Defense measures: Do not perform unknown software, do not download the software from unreliable small sites, any newly downloaded procedure must use the latest anti-virus software and kill Trojans software before the first run. In addition, it is best to know that some common software file size is found, once there is a change in the size of the file, especially if there is significant increase in performance, then we should make our anti-virus software and kill Trojans software. Hackerscan can detect this software, Hackerscan download address: http: ∥ftp.softhouse.com.cn / download3 / 21833hackerscan.exe.
6. Email Terminator Download Address: http://yaya2000.home.chinaren.com/mailbomb.zip. Similar email bombs, their principles are basically consistent, the most fundamental goal is to overcome your mailbox, so you can't send and receive E-mail normally.
Defense measures: Pay attention to your online words and deeds, don't sin; don't leave your E-Mail mail address, especially more important E-mailboxes can not let others know, so as to avoid giving "people" opportunities; apply Larger mailbox (such as China.com 88M, Sina 50M), then enable mailbox filtering, the general website has this service. It can only be so negatively defensive, who has a better way to say everyone?
7. Sports download address: http://www.netxeyes.com. This is the work of Chinese people, when I used this software for the first time, I was deeply hacked. This software can make a person who just use the mouse a professional hacker, which can detect various vulnerabilities on POP3, FTP, HTTP, Proxy, Form, SQL, SMTP, IPC $, and design different vulnerabilities Crackings can easily get detected user passwords on systems with vulnerabilities. The vulnerabilities on Win9x, WinNT, Win2000 can be probably detected, making it one of many prerequisites in many hackers. Some senior hackers have also adopted it.
Defense measures: Because it integrates a variety of scanning methods, it is difficult to prevent it, dealing with it must make a variety of patches in time, while also use firewall. Firewall recommended to use domestic personal firewall - Tianwang, download address: http://sky.net.cn
The Tianwang is a very good firewall software that can effectively block various attacks and have a very flexible rule setting. rule? What is the rule? Let's talk to you, the rule is a series of comparison conditions and actions of packets, which is based on each part of the packet to compare the settings, when meeting the conditions, you can determine the package or Block. you got it? The harmful data can be enclosed outside your machine by reasonable setting rules. If you are not familiar with the network, it is best not to adjust it, you can use the Tianwang to help you design the rules. If you are familiar with your network, you can design the rules you use by your own yourself. Although Tianwang is too sensitive, often transmit alarm for some normal files, but this does not hinder this software to become excellent firewall software. Tianwang is free to register, even if it is not registered, it does not affect the use. 8. Download address of the snow: http://www.netxeyes.com. Still a work of Xiaohuang. The software uses the ASP, CGI to password detection software for free mailboxes, forums, and chat rooms. The password detection is mainly achieved by guessing the birthday method, and the success rate can reach 60% -70%. The operating principle of the trace is by extracting the ASP, CGI page form, the error flag after searching the form, there is an error flag, and then hang the dictionary file to break the encapsulation password. It is really easy to use the snow to detect the mailbox password. Because many people use their own birthday or common English words, this is a large display space. I used my own mailbox to experiment, using birthday as a password, Into the snow only for less than 3 minutes, I successfully crack my password! To know that I have a big dictionary, if the dictionary is small, it will be faster!
Defense measures: Don't easily expose your mailbox address and forum, chat room user name, so as not to cause "people" attention; secondly set your password, don't set it into a pure number or pure letters, less than 7 Bit, otherwise it is really dangerous. The password can be set to the alphabetically coupled type, and the length is greater than 7 or more, such as setting it to this style: G19O74O08D14. This password is a combination of English words Good and birthday 19740814, memory is easy, long and long, it is difficult to crack; if you want to change your password again, a password is not too long; the last point, it is best to make a different mailbox password To avoid being broken by people.
This article lists several representative hacker tools. It is of course not to be able to use these hacking tools, but through them understand the hacker attack method, master the method of preventing hackers, blocking various vulnerabilities that may occur. .