3. •حمله انجام سهوپر لطودر تالفی(Massive Retaliation)
• Honeynets, NSM’s, Redirect Attacks, DrDoSs
•از انتقامیسایبرمجرمان(Striking back against adversaries)
• Hacking the Hacking Team in UK
• Hacking the NSA
• Hacking the DarkWebs
• HoneyTraps
Active Defense (Cont.)
19. •بود؟ خواهیم موفق چه تا
هارازبداف باجنگ آینده
Network
File System
Physical Memory
Inspection Point
20. •کنید یافتردار ها نمونه
• Private logs, Setting up Honeypots, Infected machines, Private
Security Mailing lists
• Open Malware - http://offensivecomputing.net/
• Myself and another researcher are working on an API…
• Research websites e.g. malr, zeustracker, Crysis
• DMZ’d / replicated network
• Establish a role for Security Architect
• Hire a Consulting Firm to architect a security framework for your
organization
Test defenses on your network
The key difference between polymorphic code and metamorphic code is whether the code that is actually executed changes or not. A polymorphic virus decrypts its code, runs that code, and then when propagating itself encrypts the decrypted code with a different key. When run on a different machine the decrypted code is the same. A metamorphic virus simply runs its code and then when propagating itself mutates its code into different but functionally identical code. The executed code is different on every machine its propagated to.
A metamorphic virus simply runs its code and then when propagating itself mutates its code into different but functionally identical code. The executed code is different on every machine its propagated to.