A Trojan may infect any system through Trojan vectors. The most common Trojan vectors are as follows: * Email attachments * Social engineering * NetBIOS remote installation * Physical access
In the pre-attack phase, there are seven steps, which have been defined by the EC-Council, as follows: 1. Information gathering 2. Determining network range 3. Identifying active machines 4. Finding
The various modes of system security testing are as follows: 1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be
In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and
The countermeasures to a buffer overflow are as follows: * Perform manual auditing of the code. * Stack execution should be disabled. * Take the support of the functions which
Snort has the following features: * It detects threats, such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors
The SSH-2 protocol supports the following user authentications: * Public key authentication (DSA, RSA*, OpenPGP) * Host-based authentication * Password-based authentication Note: SSH-1 supports a wider range of user authentications,