View open ports: Let Trojan True Features

Currently the most common Trojan is usually based on TCP / UDP protocol for client-side and server-side communication between, since the use of the two agreements will, inevitably, to the server-side (that is, the machine is kind of a Trojan horse was) open listening port to wait for the connection. For example, using the famous glaciers listen port is 7626, Back Orifice 2000 is the use of 54320 and so on. So, we can use the view of the machine open ports to check whether they have been kind of a Trojan horse or other hacker programs. The following is a detailed method description.

1. Windows itself comes with the netstat command

On the netstat command, we first look at windows help file description:

Netstat

Display protocol statistics and current TCP / IP network connection. This command is only installed TCP / IP protocol before they can use.

netstat [-a] [-e] [-n] [-s] [-p protocol] [-r] [interval]

Parameter

-A

Show all connections and listening ports. Server connection does not usually.

-E

Display Ethernet statistics. This parameter can be used in conjunction with the-s option.

-N

In digital format address and port number (instead of trying to find the name).

-S

Show the statistics for each protocol. By default, the display TCP, UDP, ICMP and IP statistics. -P option can be used to specify the default subset.

-P protocol

Protocol specified by the agreement shows the connection; protocol can be tcp or udp. If used in conjunction with the-s option to display statistics for each protocol, protocol can be tcp, udp, icmp, or ip.

-R

Display routing table contents.

interval

Re-display the selected statistics, pausing between each display interval seconds. Press CTRL + B to stop re-display statistics. If this parameter is omitted, netstat will print the current configuration information once.

Well, read the help file, we should understand to use the netstat command. Let us now study the current use, use this command to look at open ports on your machine. Access to the command line, use the netstat command of a and n are two parameters:

C:> netstat-an

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING
TCP 0.0.0.0:7626 0.0.0.0:0 LISTENING
UDP 0.0.0.0:445 0.0.0.0:0
UDP 0.0.0.0:1046 0.0.0.0:0
UDP 0.0.0.0:1047 0.0.0.0:0

Explain, Active Connections is the current active connection of the machine, Proto is the protocol used to connect the name, Local Address is the local computer's IP address and port number being used to connect, Foreign Address is connected to the port of the remote computer's IP address and port number, State is that the state of TCP connections, you can see three rows behind the listening port is UDP protocol, so there is no State that state. Look! My machine's 7626 port is already open, is listening to wait for connections, like this case very likely have been infected with the ice! Quickly disconnected from the network, killing the virus with anti-virus software is the right approach.




[Next]



2. Work under the command line in windows2000 tool fport

Using windows2000 friend than use windows9X lucky, because you can use fport this program to display open ports and process the native correspondence.

Fport is FoundStone produced a system to list all open TCP / IP and UDP ports, and their corresponding application's full path, PID logos, names and other information of the software process. Use the command line, see example:

D:> fport.exe
FPort v1.33 - TCP / IP Process to Port Mapper
Copyright 2000 by Foundstone, Inc.
http://www.foundstone.com

Pid Process Port Proto Path
748 tcpsvcs -> 7 TCP C: WINNTSystem32 tcpsvcs.exe
748 tcpsvcs -> 9 TCP C: WINNTSystem32tcpsvcs.exe
748 tcpsvcs -> 19 TCP C: WINNTSystem32tcpsvcs.exe
416 svchost -> 135 TCP C: WINNTsystem32svchost.exe

Is not readily seen. This time, what is the procedure in all ports open to all under the eyes of you. If there is a suspicious program opens a suspicious port, be sure not to the effect that Oh, maybe that is a sly Trojan Horse!

Fport the latest version is 2.0. In many sites available for download, but for safety reasons, of course, it is best to go home under: http://www.foundstone.com/knowledge/zips/fport.zip

3. Fport function with graphical interface tools like Active Ports

Active Ports produced as SmartLine, you can use to monitor the computer all open TCP / IP / UDP port, not only will you be shown all the ports, all ports are also shown where the path corresponding procedures, the local IP and remote IP (attempting to connect to your computer IP) whether it is activities.

Is not very intuitive? Even better, it also provides a closed port function, use it to find your horse in the open port, you can immediately shut down the port. The software work in Windows NT/2000/XP platforms. You can get it in http://www.smartline.ru/software/aports.zip.

In fact, users do not use windows xp with other software that can be correspondence between the port and the process, because the windows xp brought the netstat command more than the previous version of an O parameter, this parameter can be obtained using the port and the corresponding process years.

See above description of several local open ports, and the corresponding relationship between the port and process methods, these methods can be easily found based on TCP / UDP protocol Trojans hope that I can help you bring the love machine. But the emphasis on the Trojans against, and if the Trojans run into a rebound port, use the driver and dynamic link library technical production of a new Trojan horse, the above method is difficult to identify traces of a Trojan. Therefore, we must develop good surfing habits, do not run email attachments free, install a antivirus software, such as domestic Rising killing viruses and Trojan horses is a good helper. Download the software from the Internet first, again with antivirus software and re-use, open the network when the Internet firewall and virus real-time monitoring, to protect their machines are not hateful Trojan invasion.






Recommended links:



After Loading The 6.1 User Rights Can Not Be Set Back



Customer is not his wife is a lover of God is



How TO send a dynamic image JSP page



On the Subject of internal control and internal control environment



AVI to Zune



Lightweight portable dual-core books - Amoi T515 Experience



VOB to Zune



Next-generation iPhone were reviewed by the Ministry of Industry



Compare Kids Education



3G2 to MOV



ASP.NET 2.0 at THE same time to prevent the same user login



deleted email Recovery using a hex editor to



How to get all the SCREEN colors red, green and blue values



Compare Casino And Gambling

Foreign general manager of Intel low-key arrival in shaping China's power structure

Intel, the former Asia Pacific Marketing Director Jane Angel has a low profile last week as China, a joint general manager of Intel China's history as the first foreign female general manager.

Intel spokesman told reporters the company confirmed that the company has announced the appointment, but so far has not officially released the news to the outside world.

Jane Angel reporter's interview revealed that she will be specifically responsible for marketing, but six months before she became general manager of China will be mainly in charge of sales Lai Yit Loong.

Intel completed the transfer of power in China

Analysts believe that China simply as joint general manager Angel means that Intel's new power structure in China has basically formed.

From October 1, 2000 start time in more than four years, Yang has sole power in charge of Intel China, China's regional and solely responsible for sales, marketing departments concerned.

Earlier this year, Malaysian Lai Yit Loong Yang started with the common position as General Manager of China, which is "TwoInOneBox" (dual-in-one) mode for the first time applied in China, but also seen as Yang fade a power core Intel China signal.

In mid-last month, Yang was jointly announced the appointment of General Manager of Asia Pacific, and John Antone, general manager of Asia-Pacific region together with the original charge of Asia-Pacific region. The outside world once thought that Lai Yit Loong will monopolize power in China.

The simple representation of Angel once again confirmed a pattern of dictatorial power in the Intel China has become history. Her previous job as director of marketing for Intel's Asia-Pacific region, has 11 years at Intel as a variety of marketing positions, including: Intel's director of global marketing strategy, marketing director of Intel Japan, the company channels and product marketing managers, and is responsible for channel activities, global business development manager.

The new brand slogan also appeared

According to Intel insiders, in addition to CEO, COO and other posts, Intel in many key management positions in other practice "double-in-one" model is the general trend.

Intel began two years ago decided to except Europe, Japan emerging markets outside the mature markets to implement its unique management style. In Intel's view, emerging markets such as China, India, Russia occupying the proportion of Intel's overall sales increased year by year, overall sales of Intel's contribution also will increase.

Concern is with the simple appearance of the Angel at the same time also includes Intel's new brand slogan "I have a Intel." Jane Angel said, is a popular slogan of "Intelinside" will be complemented by efforts to highlight the feeling of a private-owned.

Jane Angel in talking about knowledge of the Chinese market when our reporter that China has become the world's second largest market for Intel, she will work within the shortest time in China surpassed the U.S. as Intel, the world's largest market.






Recommended links:



Doubt Take Time For IPTV License



Pay up to see three major areas of someone's fastest



3GPP to WMV



VBScript ReDim statement



Laptop troubleshooting



8 questions With 6 way



The World's Richest Man Bill Gates: The Battle Of Retirement Started Empire



Synthesis Of Light Effects Photoshop



XviD to iPhone



Casino And Gambling Report



Lists Vertical Market Apps



Management And Distribution Specialist



Decade of EMBARRASSING the Chinese game



TOD Converter

Zack Rusin interviewed the beauty and magic of KDE

This year's KDE World Summit (KDE World Summit, more well-known name is aKademy) at the University of Malaga in Spain, the conference is the most anticipated KDE developer Zack Rusin fascinating presentation "Beauty and Magic for KDE developers . " He has long been the main KDE developer, recently admitted to the Qt graphical user interface library of developer Trolltech, employ full-time developers. With the deepening of the meeting, participants heard more and more Zack will demonstrate the amazing visual effects. So a lot of the audience crowded in a lecture theater, the wait for this exciting presentation. But they are disappointed that speech to be delayed due to technical problems two days, we are anxious heart itching. Finally solved the problem, Zack made a whirlwind presentation on Unix / Linux graphical development status and future direction.

Zack during the meeting accepted the KDE organization's "comrades in arms with the trenches" Daniel Molkentin interview, detailing his KDE development.

1) Please briefly introduce myself.

Today, I and a friend whom I respect a conversation, he said I unique is that things can not become a reality. This is what I heard the most flattering words. So my self-description is: I can not let things become a real person.

2) Your company has recently entered the Trolltech, the concrete is done about it?

I Trolltech's job is to create something that others can only dream of. Of course, the main interest in computer graphics, but not limited to - research and development company has given me full freedom.

3) the contribution of your past X.org What?

Main is a new acceleration architecture Render and Exa. Render is a new rendering model for X, it has a shadow, translucent, font anti-aliasing capabilities.

4) Exa in aKademy Assembly into focus, you can specifically tell us?

Exa is based on the KAA (Kdrive Acceleration Architecture, KDrive accelerating structure) of the simplified acceleration architecture. KDrive Keith Packard is a modular X server implementation, KAA KDrive can get. And before the old XAA (XFree86 Acceleration Architecture, XFree86 acceleration architecture) different, Exa has been designed to speed up the XRender, it is small, simple, flexible, and allows X developers to create various special effects.

5) before and Exa graphics acceleration technology to accelerate XRender What's the difference?

XRender developed by Keith Packard's new rendering technology, before that X can only rely on very limited primitive. In order to catch up with development needs, now or in the client application, rendering, and not to use these primitives (they only had to render the image transmitted to the X server), or by XRender. Unfortunately, XAA is mainly used to accelerate those old and unused primitives. The Exa the new model-specific acceleration, will no longer bother the old primitive.

6) everyone can benefit from Exa it?

Yes. Of course the premise that their drivers to support Exa (We have transplanted most of the driver).

7) You use Xgl demonstrates an astounding results. Do you think Xgl have a future?

Yes, Xgl promising. This is our long-term solution. I'm still not finished Xegl because I have a lot of work. With OpenGV and some new plug-ins, OpenGL has become very attractive to all of our 2D solution to the problem.

8) Please tell us about Xgl and Xegl difference.

Xegl is an independent server, but need to run the Xgl X server to start (set the modeline option and processing input are the two most important aspects). They share the same graphics acceleration code, but Xgl the modeline and enter the settings to do the work to another X server, which provides the OpenGL graphics acceleration to determine Xegl test basis.

9) KDE's cube effect of more and more like Apple's OS X, is not inspired by OS X?

I want to clarify that cube effect designed by Dave Reveman, I do not want to claim credit. As for your question, my answer is: I hope not.

Optical design of special effects is easy, but easy to use yet beautiful design of special effects is difficult. Effect on the desktop design, the excellent design and poor design is but one step away, KDE 4's Plasma one of the biggest challenges is to weigh the tradeoff between the two.

If you just copy the design, we can not be the best. Innovation is not dead, Plasma is our answer. In KDE's history, designers, developers and usability experts together for the first time to conduct an organized development. Three teams working in parallel, so graphic design and usability will not be like other open source projects as well just have to wait until additional software design up. They are now the core of our development model components.

10) You work in X.org to when they could be completed?

The new X.org Render and Exa has entered the. The next step is Xgl, then Xegl. Until X.org 7.0 is completed, we will start Xgl and Xegl project.

11) Since the X11 launch, has been a long time. Upcoming X.org 7.0, in which aspects of the revolutionary?

It is the first modular version, so very special. Drivers and servers do not have to integrate, we will release the driver and server.

12) the user can get from the modular X.org What are the benefits?

They do not have to go to upgrade when upgrading drivers the server. Driver upgrade independently. X.org 7.0 will reduce the novice to the development of fear of X, users will experience a significant performance upgrade, which will attract many users to upgrade to X.org 7.0.

13) To take full advantage of the new X.org technology, Qt What adjustment do?

Qt for me is the driving force behind the scenes, while the applications and the desktop environment is the motivation to promote the development server. But the server itself is no fun at all, its only purpose is to meet the needs of desktop development. We have engaged in anti-this time around the relationship between the server hard at solving the problem, we are now back on track, innovation is our real work.

14) you X.org, Qt, KDE, and Linux's future expectations?

I want people to bold innovation - afraid of surprise, fear can not do. We now have sufficiently advanced technology, and only the best ideas. Therefore, on the meaningful exchange and designers.

Obviously, vector graphics will gradually become popular. Qt will support the SVG 1.2 standard, and at different levels make use of this standard (including animation support). At present most of the SVG icon themes are developed with, but for performance reasons are converted to PNG format. This situation will soon change, since the image will not render SVG slower than the raster image rendering.






Recommended links:



The Reliability Of SAS



The "job" into a "job search" strategy



Audio Video TOOLS evaluation



Hot Server APPLICATIONS



MOV to MP4



OGM Converter



Why did the Japanese car manufacturer SCM is better than the U.S.



Are days, as the (ZONTIS) infrared camera prices down across the board



two ways to easily download swf files From



HP means to maintain the integrity of former coach



Produced with the VB Toolbox floating upper normal place of residence



An example of Style



PREMIER File Sharing Or Peer to Peer



ICP license ISSUE processing



Comment INVENTORY And Barcoding



SWF to MP4



RUP ANTI-PATTERN