When the Trojan attachment is opened, it downloads a copy of the email worm component. The email component is encrypted. It drops and installs wincom32.sys, which loads and infects a dll into the memory process of services.exe. The dll contains the capability to scan various UDP ports to create a peer-to-peer (P2P) network with other infected computers for the purpose of downloading and updating. The P2P network can then be used by a malicious user to retrieve information on what files to download and execute. It also retrieves information of additional peers and updates its own peer list file with the gathered information
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...