Attacker

· Overview ·
· Origins ·
· Distribution ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Summary:

 Monitors Ports.

Vendor Notes:

 From the code: 'Attacker - a TCP/UDP port listening program Click on the PORTS button to set up a list of TCP and UDP ports you want the program to listen on. Click the START button to begin listening. When the program detects a TCP connection request or receives a UDP datagram it displays a message in the top window pane. The IP address sending the data will be displayed and resolved in the bottom window pane (if it is not already there Double-clicking on an item in the top pane will highlight the IP address that the request came from in the bottom pane.' from the doc: 'Version 3.0 does not represent any additional functionality to previous versions of Attacker, it simply signifies the fact that Attacker has been acquired by Foundstone (http://www.foundstone.com).'

Category:

Misc Tool: Any tool that might be used in planning an attack on a system, developing tools for such an attack, or performing it.

Variants:
  • Attacker 2.01
  • Attacker 3.00
    		•

    Similar Pests:

    		 Misc Tool

    Origins

    Author:

    		 Foundstone, Inc., http://www.foundstone.com ,

    By This Author:

    		 Analogx Denial of service through multiple buffer overflows · Attacker 2.01 · Attacker 3.00 · Boping · Boping 1.02 · Boping 2.0 · DDoSPing · DDoSPing 1.01 · DDoSPing 2.0 · Firehole · Shed 1.01 · Super Scan · Super Scan 2.01 · Super Scan 2.03 · Super Scan 2.05 · Super Scan 2.06 · Super Scan 3.0 · UDPFlood · UDPFlood 2.00

    URL:

    		 http://www.foundstone.com/resources/proddesc/attacker.htm

    Date of Origin:

    		 Variants from February, 2000 to September, 2001

    Distribution

    Prevalence:
  • Attacker 2.01: < 0.00005%
  • Attacker 3.00: < 0.00005%
    • More Info

    Clot Factor:
  • Attacker 2.01: < 1

    • The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone.

    Operation

    Storage Required:
  • Attacker 2.01: at least 5 KB
  • Attacker 3.00: at least 9 KB
    		•

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove Attacker from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 April 25, 2005