目录
摘要
随着互联网的日益流行,各种病毒木马也猖厥起来,几乎每天都有新的病毒产生,大肆传播破坏,给广大互联网用户造成了极大的危害,几乎到了令人谈毒色变的地步。各种病毒,蠕虫,木马纷至沓来,令人防不胜防,苦恼无比。
我们所研究的震荡波病毒本质是属于蠕虫病毒,是依靠网络信息交互利用后门漏洞来进行传播的一种颇具杀伤力的病毒。中该病毒的电脑出现机器 CPU 资源被消耗殆尽、系统反复重启等症状。我们可以通过研究该病毒的特性,来了解蠕虫病毒对目标计算机的侵入、传播、下一目标选择方式、有效载荷的释放等手段,以期达到能够找出有效的主动防范方法而不是被动查杀。
通过研究震荡波病毒,我们希望了解其病毒结构、传播方式、驻留方式、作用触发原理、源代码、破坏方式及结果,以达到预防在前,即使没有有效预防,也能迅速的找出问题症结,在病毒爆发前删除病毒根治问题。
关键词:震荡波病毒;访问控制列表;网络安全;路由器;防火墙
Abstract
With the growing popularity of the Internet, various virus Trojan has plague, almost every day a new virus, spread damage, caused great harm to the vast number of Internet users, almost to the point of poison is about color change. All kinds of viruses, worms, trojans, a small-scale operations, distress and clinking.
We studied the sasser essence belongs to the worm, depend on the spread of the network information interaction using the back door hole for a very lethal virus. The virus of computer in the machine CPU resources are exhausted, the symptom such as repeated system restart. We can study the characteristics of the virus, to understand the worm on the target computer intrusion, spread, the next target selection method, the release of the payload, in order to reach to find out the effective active method to prevent rather than passive killing.
Sasser through research, we want to know the structure of the virus, the transmission way, reside mode, the action principle of trigger, source code, failure mode, and as a result, in order to achieve the prevention in the former, even if there is no effective prevention, can also quickly find out the question crux, delete virus effect a radical cure problems before the outbreak.
Key words: sasser; Access control list; Network security; The router. A firewall