remote control and advanced techniques
Download
Skip this Video
Download Presentation
Remote Control and Advanced Techniques

Loading in 2 Seconds...

play fullscreen
1 / 4

Remote Control and Advanced Techniques - PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on

Remote Control and Advanced Techniques. Remote Control Software. What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local machine ( graphical ) Allow running graphical, text-based application in remote machine, displaying the results in the local machine.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Remote Control and Advanced Techniques' - vidal


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
remote control software
Remote Control Software
  • What do they do?
    • Connect through dial-in and/or TCP/IP.
    • Replicate remote screen on local machine (graphical)
    • Allow running graphical, text-based application in remote machine, displaying the results in the local machine.
  • A variety of applications, most with free download as demo.
    • pcAnywhere is one of the pioneers and very popular.
    • VNC is also very popular because it is cross-platform and free.
  • Discovering and connecting to remote control software
    • Use Nmap or Superscan to search for ports 22, 799, 800, 1494, 2000, 2001, 5631, 5632, 5800, 5801, 5900, 5901, 43188, 65301
    • Once software is identified download free demo and try brute force.
    • Major weakness: only password is encrypted, traffic is compressed, only.
  • Countermeasures: strong password (again), encrypt traffic (SSL, SSN, etc.), limit and log login attempts, change default listening port. In dial-in use: logoff user with call completion.
advanced techniques
Advanced Techniques
  • Adding to what we have seen before:
    • Trojans: we have seen that BO, NetBus and SubSeven are the most common Trojan, backdoor hacker tools.
      • TCP/IP ports: official , Internet services. Different from protocol ports.
      • Trojan ports: list , more details, and resources.
      • Port listening software: netstat, Active Ports (example), BackOfficer Friendly (example).
      • Checking and removing Trojans: Symantec on-line check (example), Moosoft Cleaner shareware.
      • Weeding out rogue processes: Windows Task Manager, Linux ps –aux
      • Be aware of traps: Whack-A-Mole (pseudo game), BoSniffer (BO in disguise), eLiTeWrap (packs Trojans as exe). Generic: download, scan for virus, then execute, do not run from Internet.
    • Rootkits: Difficult to detect
      • keep a record of your files using Tripwire,
      • create image of your hard-drive: hardware and software solutions (Norton Ghost, Drive Image).
other techniques
Other Techniques
  • TCP hijacking
    • Juggernaut: spy on a TCP connection and issue commands as the logged user.
    • Hunt: spy on a TCP connection (works with shared and switched nets).
    • Countermeasures: encrypted protocols such as IPSec, SSH.
  • TFTP: Trivial File Transfer Protocol.
    • Used by routers, and there are free servers for Windows.
    • Standard client in Windows 2000: tftp.exe protected by Windows File Protection so it can\'t be removed. See use here.
    • Prevent its use by Nimda :
      • Edit the services file: %systemroot%/system32/drivers/etc/services
      • Find this line: tftp 69/udp
      • Replace it with: tftp 0/udp
  • Social Engineering
    • Help desk information: on the Web, e-mail, voice
    • User information: on the Web, e-mail, voice
ad