O'Reilly logo

Computer Forensics: Incident Response Essentials by Warren G. Kruse, Jay G. Heiser

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Hostile Code

A friend once confided to us his concern that they had a hacker working for their company. They were observing port scanning coming from a machine whenever the user was logged on. After examining the system and interviewing the user, it seemed unlikely that he was hacking, and they didn’t know what to do next. We asked them to run a full antivirus scan on the computer, and it took only a few seconds to find a hostile executable, Ataka. A quick check of the antivirus software vendor’s Web page provided the helpful information that the executable was a Trojan designed to flood specific Internet servers with TCP connection requests. The site also included instructions on removing Ataka.

Possession of some types of burglar ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required