Worm_autorun.boj

05-19-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Worm_autorun.boj

This worm may be downloaded from remote sites or dropped by other malware.
It drops copies of itself in all physical and removable drives.
It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
It uses the following icon similar to a legitimate application to entice users into clicking it.

It connects to a possibly malicious URL. However the said URL is inaccessible as of this writing.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

KF(1) BSD General Commands Manual KF(1) NAME
kf -- securely forward tickets SYNOPSIS
kf [-p port | --port=port] [-l login | --login=login] [-c ccache | --ccache=ccache] [-F | --forwardable] [-G | --no-forwardable] [-h | --help] [--version] host ... DESCRIPTION
The kf program forwards tickets to a remote host through an authenticated and encrypted stream. Options supported are: -p port, --port=port port to connect to -l login, --login=login remote login name -c ccache, --ccache=ccache remote cred cache -F, --forwardable forward forwardable credentials -G, --no-forwardable do not forward forwardable credentials -h, --help --version kf is useful when you do not want to enter your password on a remote host but want to have your tickets one for example AFS. In order for kf to work you will need to acquire your initial ticket with forwardable flag, i.e. kinit --forwardable. telnet is able to forward tickets by itself. SEE ALSO
kinit(1), telnet(1), kfd(8) Heimdal July 2, 2000 Heimdal

Malware Advisories (RSS)

Worm_autorun.boj

LEARN ABOUT DEBIAN

kf