RPC/DCOM exploits detection and notification
Nowadays, the usages of the internet have grown rapidly. But internet also is exposed to any kind threat that can cause to many kind of damage. One (1) example of the internet threat is the network worm. The famous example of network worm is msblaster worm. Msblaster attack the Microsoft windows ope...
Saved in:
| Main Author: | |
|---|---|
| Format: | Undergraduates Project Papers |
| Language: | English |
| Published: |
2005
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/3582/1/HALIM_BIN_AYUB.PDF http://umpir.ump.edu.my/id/eprint/3582/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Nowadays, the usages of the internet have grown rapidly. But internet also is exposed to any kind threat that can cause to many kind of damage. One (1) example of the internet threat is the network worm. The famous example of network worm is msblaster worm. Msblaster attack the Microsoft windows operating system especially Windows XP and Windows 2000. Msblaster used the vulnerabilities in RPC DCOM architecture to exploits to the operating system. The main problem of the Msblaster is it can craft the victim's IP addresses and try to exploits the computer with that IP
addresses. This has made the network traffic become high and make the internet become unreachable in certain organization's network. Although the attack of Msblaster
worm have decreased, but there is a potential of the worm to attack again in the future if the worm is not fully remove in the network. The purpose of this project is to detect the
computer that have been infected by this worm and ask the user to remove the worm.The research and analysis of current type of attacks was done to get better understanding
of the system. The SDLC methodology was used as the project development methodology. This project was developed using Microsoft Visual Basic 6.0 and using the design of client server model as the project architecture. As the result of the successful of this project, we can ensure that the worm is totally removed from our network.
|
|---|