Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Troj_proxy.li

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Troj_proxy.li
# 1  
Old 02-05-2008
Troj_proxy.li
This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
Upon execution, this Trojan drops a copy of itself in the Windows system folder. It then registers itself as a system service to ensure its automatic execution at every system startup.
This Trojan opens random ports and acts as a proxy server which is an intermediary between a user and a server. A proxy usually listens to a port, and when it receives an incoming request, it forwards the said request to the target server. When the proxy receives a reply, it forwards the reply to the original user.
As a proxy server, this Trojan allows a remote malicious user to use the affected system in concealing the said author's identity when performing malicious activities.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

grid-proxy-destroy

GRID-PROXY-DESTROY(1)						  Globus Commands					     GRID-PROXY-DESTROY(1)

NAME

       grid-proxy-destroy - Destroy the default proxy certificate

SYNOPSIS

       grid-proxy-destroy [-help] [-usage] [-version]

       grid-proxy-destroy [-debug] [-dryrun] [-default] [-all] [--] [FILENAME...]

DESCRIPTION

       The grid-proxy-destroy program removes X.509 proxy files from the local filesystem. It overwrites the data in the files and removes the
       files from the filesystem. By default, it removes the current user's default proxy (either /tmp/x509up_uUID where UID is the current POSIX
       user id, or the file pointed to by the X509_USER_PROXY environment variable) unless a list of proxy file paths are included as part of the
       command line.

       Use the -- command-line option to separate a list of proxy paths from command line options if the proxy file begins with the - character.

       The full list of command-line options to grid-proxy-destroy are:

       -help, -usage
	   Display the command-line options to grid-proxy-destroy.

       -version
	   Display the version number of the grid-proxy-destroy command

       -debug
	   Display verbose error messages.

       -dryrun
	   Do not remove the proxy, but display the path of the files that would have been removed, or the directory where they would have been
	   removed from if the -all command-line option is used.

       -default
	   Remove the default proxy in addition to the files included on the command-line. Only needed if other paths are included on the
	   command-line.

       -all
	   Remove the default proxy and all delegated proxies in the temporary file directory.

ENVIRONMENT VARIABLES

       The following environment variables affect the execution of grid-proxy-destroy:

       X509_USER_PROXY
	   Path to the default user proxy.

SEE ALSO

       grid-proxy-init(1), grid-proxy-info(1)

AUTHOR

       University of Chicago

Globus Toolkit 5.0.2						    04/25/2011						     GRID-PROXY-DESTROY(1)