【求助】發現udpflood程式



贊助商連結


tony8liu
2002-11-22, 04:14 PM
最近在server發現有一個程式為udpflood 這因該是駭客程式
請問要怎麼移除他

贊助商連結


siliva
2002-11-24, 06:33 AM
dear tony8liu:
UDPFLOOD這支程式是支HACKER通常用來大量傳送UDP封包給不特定PORT程式, 一般而言具有以下幾種特徵(節錄SYMANTEC資訊)
Hacktools are programs that are used by hackers for various purposes. Examples of such tools include:

Port scanners.
Network sniffers and spoofers.
Computer vulnerability scanners and exploiters. These can be used over networks or the Internet.
Password stealers, which save the stolen passwords locally (that is, they do not send them out).
Mail spammers that attack one victim by flooding the mailbox with mail.
News group flooders that flood Usenet newgroups with messages.

These programs are in themselves, nonviral and generally do not cause harm to the hacker who deploys them. However, deployment of these utilities is usually harmful to the victims of the attacks, and they are usually considered a threat by network administrators.

NOTE: As these are tools that are used to create threats, rather than threats themselves, they do not have their own spreading mechanism. If you find one of these tools on your computer or network, in most cases it is there because someone download it or copied it there.

Symantec Security Response suggests that if your Symantec antivirus product detects Hacktool.Flooder (or variations such as Hacktool.Spammer or Hacktool) that you just delete it. If you see a message that it cannot be deleted, it may be running in memory. In this case, restart the computer in Safe mode, run a full system scan, and delete the threat when it is detected. All Windows 32-bit operating systems, except Windows NT, can be restarted in Safe mode. For instructions on how to do this, read the document How to start the computer in Safe Mode.
解決方法請使用防毒軟體對系統做一全系統掃描,因為此一檔案唯一單純之EXE執行檔,防毒軟體都認得他可隔離之