Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Troj_mutant.ew

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Troj_mutant.ew
# 1  
Old 07-25-2008
Troj_mutant.ew
This Trojan may be downloaded from remote site(s) by TROJ_AGENT.AYZO. It may be downloaded from certain remote sites.

It hides files, processes, and/or registry entries.

It drops component files. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.

It deletes itself after execution.



More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT SUSE

send-uucp

SEND-UUCP(8)						    InterNetNews Documentation						      SEND-UUCP(8)

NAME

       send-uucp - Send Usenet articles via UUCP

SYNOPSIS

       send-uucp [site ...]

DESCRIPTION

       The send-uucp program processes batch files written by innd(8) to send Usenet articles to UUCP sites.  It reads a configuration file to
       control how it behaves with various sites.  Normally, it is run periodically out of cron to put together batches and send them to remote
       UUCP sites.

       It makes it possible to reduce bandwidth usage and to send news to remote UUCP sites which cannot receive a real-time feed (for instance if
       they are over dial-up connections).

OPTIONS

       Any arguments provided to the program are interpreted as a list of sites specified in send-uucp.cf for which batches should be generated.
       If no arguments are supplied then batches will be generated for all sites listed in that configuration file.

CONFIGURATION

       The sites to which articles are to be sent must be configured in the configuration file send-uucp.cf in pathetc as set in inn.conf.  Each
       site is specified with a line of the form:

	   site[:host[:funnel]] [compressor [maxsize [batchtime]]]

       site
	   The news site name being configured.  This must match a site name from newsfeeds(5).

       host
	   The UUCP host name to which batches should be sent for this site.  If omitted, the news site name will be used as the UUCP host name.

       funnel
	   In the case of a site configured as a funnel, send-uucp needs to flush the channel (or exploder) being used as the target of the funnel
	   instead of flushing the site.  This is the way to tell send-uucp the name of the channel or exploder to flush for this site.  If not
	   specified, default to flushing the site.

       compressor
	   The compression method to use for batches.  This should be one of "bzip2", "compress", "gzip" or "none".  Arguments for the compression
	   command may be specified by using "_" instead of spaces.  For example, "gzip_-9".  The default value is "gzip".

       maxsize
	   The maximum size in bytes of a single batch before compression.  The default value is 500000 bytes.

       batchtime
	   A comma separated list of hours during which batches should be generated for a given site.  When send-uucp runs, a site will only be
	   processed if the current hour matches one of the hours in batchtime.  The default is no limitation on when to generate batches.

       Fields are separated by spaces and only the site name needs to be specified, with defaults being used for unspecified values.  If the first
       character on a line is a hash sign ("#") then the rest of the line is ignored.

EXAMPLE

       Here is an example for the send-uucp.cf configuration file:

	   zoetermeer	   gzip 	   1048576	   5,18,22
	   hoofddorp	   gzip 	   1048576	   5,18,22
	   pa3ebv	   gzip 	   1048576	   5,18,22
	   drinkel	   bzip2	   1048576	   5,6,18,20,22,0,2
	   manhole	   compress	   1048576	   5,18,22
	   owl		   compress	   1048576
	   able
	   pern::MYFUNNEL!

       This defines eight UUCP sites.  The first three and the last two use "gzip" compression, the fourth site ("drinkel") uses "bzip2" and the
       remaining sites ("manhole" and "owl") use "compress".  The first six use a batch size of 1 MB, and the two last sites ("able" and "pern")
       use the default of 500,000 bytes.  The "zoetermeer", "hoofddorp", "pa3ebv", and "manhole" sites will only have batches generated for them
       during the hours of 05:00, 18:00, and 22:00, and the "drinkel" site will only have batches generated during those hours and 06:00, 20:00,
       00:00, and 02:00.  There are no restrictions on when batches will be generated for "owl", "able" and "pern".

       The "pern" site is configured as a funnel into "MYFUNNEL!".  send-uucp will issue "ctlinnd flush MYFUNNEL!" instead of "ctlinnd flush
       pern".

       As for the newsfeeds file, the usual flags used for a UUCP feed are "Tf,Wnb".  Here is a typical entry for "zoetermeer", where the batching
       is kept between 4 KB and 1 KB:

	   zoetermeer
	       :*,!junk,!control,!control.*/!foo
	       :Tf,Wnb,B4096/1024:

FILES

       pathbin/send-uucp
	   The Perl script itself used to create news batches from the outgoing files.

       pathetc/send-uucp.cf
	   The configuration file which specifies a list of sites to be processed.

HISTORY

       This program was originally written by Edvard Tuinder <ed@elm.net> and then maintained and extended by Miquel van Smoorenburg
       <miquels@cistron.nl>.  Marco d'Itri <md@linux.it> cleaned up the code for inclusion in INN.  This manual page was written by Mark Brown
       <broonie@sirena.org.uk>.

SEE ALSO

       innd(8), newsfeeds(5), uucp(8).

INN 2.5.2							    2009-08-16							      SEND-UUCP(8)