Worms are programs that replicate themselves from one system to another without using a host file. Although in most cases worms exist inside files, such as Word or Excel documents,
Whois queries are used to determine the IP address ranges associated with clients. A whois query can be run on most UNIX environments. In a Windows environment, the tools such
A Trojan may infect any system through Trojan vectors. The most common Trojan vectors are as follows: * Email attachments * Social engineering * NetBIOS remote installation * Physical access
In the pre-attack phase, there are seven steps, which have been defined by the EC-Council, as follows: 1. Information gathering 2. Determining network range 3. Identifying active machines 4. Finding
The various modes of system security testing are as follows: 1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be
In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and
The countermeasures to a buffer overflow are as follows: * Perform manual auditing of the code. * Stack execution should be disabled. * Take the support of the functions which