Results 1 to 1 of 1
09-14-2011, 10:55 AM #1BannedThis user has no status.I am:----
- Join Date
- Sep 2011
infected system will start scanning the network
One or more systems are infected by users accessing compromised websites, downloading malware, opening infected email attachments or using storage media containing malware. In some networks a worm can be introduced by users bringing their own devices to work.
The infected system will start scanning the network looking for other systems to infect. Network scanning is where a single host attempts to make connections to other systems on a specific port number. In the case of Morto, this was TCP port 3389 which is used by the Microsoft Windows Remote Desktop Protocol (RDP). If it finds a host listening on this port it then tries a long list of passwords to try and gain access to the system.
Infected machines will then try and connect to external websites and download updates.
09-14-2011 10:55 AM # ADSAdvertise here Circuit advertisement
- Join Date
- My Birthday
- Million and counting
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)