ddos
FortGuard DDoS Attack Monitor 1.3
Have you ever encountered the following situations? Your website access is suddenly very slow or even unreachable. Your online game players disconnected all of a sudden more>>
FortGuard DDoS Attack Monitor 1.3 is an effective monitoring software which is useful for your PC. Have you ever encountered the following situations? Your website access is suddenly very slow or even unreachable. Your online game players disconnected all of a sudden. Inetinfo.exe, w3wp.exe or database process made CPU occupation rate very high. FortGuard provides reliable and fast DDoS protection for online enterprises, public and media services, essential infrastructure and Internet service providers.
Enhancements:
- Includes unspecified updates
Best tools to monitor and analyze DDoS attacks . FortGuard DDoS Attack Monitor (free) 1.2 - FortGuard softwareFortGuard Anti-DDoS Firewall v2.2 Basic 2.2
The most accurate, highest performance protection against DDoS attacks with built-in Intrusion Prevention System. more>>
FortGuard Anti-DDoS Firewall v2.2 Basic 2.2 offers you an accurate and high performance protection against DDoS attacks with built-in Intrusion Prevention System.
Major Features:
- The most accurate, highest performance protection against DDoS attacks.
- Built-in Intrusion Prevention System.
- Protection against SYN, TCP Flooding and other types of DDoS attacks.
- Real-time visibility of attack packets.
- TCP flow control. (Maximum connections restriction per IP)
- Attack packets filtering; UDP/ICMP/IGMP packets rate management.
- IP blacklist and whitelist.
- Disable/Enable proxy access on the application Layer.
- Stop over 2,000 types of hacker activities, such as Port scan, SQL injection etc.
- Protection against arp spoofing.
- Compact & Comprehensive Log Files.
WareSeeker Editor
Mydoom.A Remover 3.5.1.11
A useful tool that enbales you to erase the Mydoom.A virus more>> A useful tool that enbales you to erase the Mydoom.A virus
Mydoom.A is a worm that spreads via e-mail in a message with variable characteristics and through the peer-to-peer (P2P) file sharing program KaZaA.
Mydoom.A launches DDoS (Distributed Denial of Service) attacks against the website www.sco.com if the system date is between February 1 and February 12, 2004. It does this by launching GET/ HTTP/ 1.1 requests every 1,024 milliseconds. On February 12, 2004, the worm finishes its payload, ending its execution whenever it is activated.
Mydoom.A drops the DLL (Dynamic Link Library) SHIMGAPI.DLL, which creates a backdoor, opening the first available TCP port in the range from 3127 to 3198. This backdoor component allows to download and run an executable file, and acts as a TCP proxy server, allowing a hacker to gain remote access to network resources.
The Mydoom.A Remover will help you easily clean the virus from your computer.
Gaobot.S Remover 3.5.1.10
Clean the Gaobot.S virus from your computer with this tool more>> Clean the Gaobot.S virus from your computer with this tool
Gaobot.S is a worm with backdoor characteristics that exploits the RPC DCOM and WebDAV vulnerabilities to spread to as many computers as possible.
Gaobot.S also spreads by attempting to copy itself to network shared resources. It gains access to these shared resources by using passwords that are typical or easy to guess.
Once it is run, Gaobot.S connects to a specified IRC server through the port 6667 and waits for control commands. As a backdoor, it allows to obtain information on the affected computer, run files, launch distributed denial of service (DDoS) attacks, upload files by FTP, etc.
Gaobot.S ends processes belonging to antivirus programs, firewalls and system monitoring tools. This leaves the affected computer vulnerable to the attack of other viruses or worms. It also ends the processes of Nachi.A, Autorooter.A, Sobig.F and several variants of Blaster.
The Gaobot.S Remover will enable you to easily get rid of the virus infection from your PC.
MetaTrader 4.00 Build 225
MetaTrader is an excellent online trading platform designed for financial institutions dealing with Forex, CFD, and Futures markets. more>>
MetaTrader 4.00 Build 225 is an excellent online trading platform designed for financial institutions dealing with Forex, CFD, and Futures markets. The platform includes all necessary components for brokerage services via internet including the back office and dealing desk. Currently, over 250 brokerage companies and banks worldwide have chosen this solution to meet their high standards of business performance.
Major Features:
- Coverage of financial markets: The trading platform MetaTrader 4 covers all brokerage and trading activities at Forex, Futures and CFD markets.
- Multicurrency basis: The system is designed on a multicurrency basis. It means that any currency can serve as a general currency used in the operation of the whole complex in any country and with any national currency.
- Economy and productivity: Implemented data transfer and processing protocols are notable for their economy. It makes it possible to support several thousands of traders through a single server with the following configuration: Pentium 4 2 GHz, 512 DDR RAM, 80 GB HDD. New protocols reduce both the demands on datalink and their operational cost.
- Reliability: In the case of damage to the historical data, the complex has backup and restoration systems. Also, the implemented synchronization allows to restore damaged historical databases within several minutes with the help of another MetaTrader 4 server.
- Safety: To provide safety, all the information exchanged between parts of the complex is encripted by 128-bit keys. Such solution guarantees safekeeping of information transferred and leaves no chance for a third person to use it. A built-in DDoS-attacks guard system raises the stability of operation of the server and the system as a whole.
- A new scheme of system working operation was created especially for DDoS-attacks resistance. With its help, you can hide the real IP-address of the server behind a number of access points (Data Centers). Data Centers also have a built-in DoS-attacks protection system; they can recognize and block such attacks. During distributed attacks at the system, only Data Centers are attacked; MetaTrader 4 Server continues its operation in regular mode. Thus, Data Centers increase the system's stability to DoS and DDoS attacks.
- The implemented mechanisms of rights sharing make it possible to organize the security system with more effectiveness and to reduce the probability of ill-intentioned actions of company staff.
- Multilingual support: MetaTrader 4 supports different languages, and a MultiLanguage Pack program is included into distributive packages. It provides translation of all program interfaces into any language. With the help of MultiLanguage Pack you can easily create any language and integrate it into the program. This feature of the system will bring MetaTrader 4 nearer to end-users in any country of the world.
- Application Program Interfaces: MetaTrader 4 Server API makes it possible to customize the work of platform to meet your requirements. API can solve a wide range of problems:
- creating additional analyzers for finding a trend of monthly increase of traders;
- creating applications of integration into other systems
- extending the functionality of the server;
- implementing its own system work control mechanisms
- and do much more.
- Integration with web-services: To provide traders with services of higher quality, the system supports the integration with web services (www, wap). This feature allows realtime publishing of quotations and charts on your site, dynamic tables containing contest results and much more.
- Flexibility of the system: The platform possesses a wide range of customizable functions. You can set all parameters, from trade session time to detailed properties of financial instruments of each user groups.
- Subadministration: Subadministration mechanisms allow leading many Introducing Brokers on one server quite easily. For processing all accounts and orders of the clients of your IBs, you will need one server only.
Doomjuice.A Remover 3.5.1.11
This utility will allow you to get rid of the Doomjuice worm from your computer more>> This utility will allow you to get rid of the Doomjuice worm from your computer
Doomjuice.A is a worm that spreads via Internet. It uses the backdoor created by Mydoom.A and Mydoom.B in order to make a copy of itself to the computers affected by these worms.
Doomjuice.A launches DDoS (Distributed Denial of Service) attacks against the website www.microsoft.com.
Doomjuice.A Remover will enable you to clean the virus infection from your PC in a flash!
FortGuard Firewall 2.2
The most accurate, highest performance protection against DDoS attacks with built-in Intrusion Prevention System more>>
FortGuard Firewall 2.2 represents you a wonderful software with many outstanding features! The most accurate, highest performance protection against DDoS attacks with built-in Intrusion Prevention System.
Major Features:
- The most accurate, highest performance protection against DDoS attacks.
- Built-in Intrusion Prevention System.
- Protection against SYN, TCP Flooding and other types of DDoS attacks.
- Real-time visibility of attack packets.
- TCP flow control. (Maximum connections restriction per IP)
- Attack packets filtering; UDP/ICMP/IGMP packets rate management.
- IP blacklist and whitelist.
- Disable/Enable proxy access on the application Layer.
- Stop over 2,000 types of hacker activities, such as Port scan, SQL injection etc.
- Protection against arp spoofing.
- Compact & Comprehensive Log Files.
Requirements:
- Microsoft Windows 2000/2003 Server.
MiMail worm free removal tool
MiMail worm free removal tool more>>
MiMail.C has a DDoS component to attack DarkProfits domains and theres likely to be increased activity on Port 80, according to Ken Dunham a security officer at the firm.
He says its dangerous for corporation, many of which allow people to transfer ZIP files to each other using email.
That means, he says, that MiMail.C "has the upper hand when infiltrating networks configured to allow ZIP attachments".
Symptoms:
Presence of the following file in Windows System directory: SMVC32.EXE
Presence of the following registry key:
HKEY_LOCAL_MACHINESoftwareMicrosoftCurrentVersionRun
with the value:
SMVC = %SYSDIR%SMVC32.EXE
Technical description:
When ran, the worm does the following:
Copies itself to Windows System directory as SMVC32.EXE.
Creates the following registry keys:
- HKLMSoftwareMicrosoftCurrentVersionRunSMVC = %SYSDIR%SMVC32.EXE, so it will be executed every time Windows starts up;
- HKCUSoftwaresocks ;
- HKCUSoftwareserv;
HKCUSoftwarechan;
Connects to an predefined IRC server and listens for commands (such as "execute", shutdown" etc.).
Harvests e-mai addresses from the infected computer, stores them in "c:cyclop.bin" file and periodically sends them to the attacker through e-mail.
W32/Gaobot.BKE Remover 3.5.1.11
This utility helps you get rid of the Gaobot virus more>> This utility helps you get rid of the Gaobot virus
Gaobot.BKE is a worm with backdoor characteristics that belongs to the Gaobot worm family.
This family has the following common characteristics:
- It attempts to exploit the LSASS, RPC DCOM and WebDAV vulnerabilities to spread to as many computers as possible. These vulnerabilities only affect the operating systems mentioned above.
- It spreads by attempting to copy itself to network shared resources it accesses.
- Once it is run, it connects to a specified IRC server and waits for control commands. As a backdoor, it allows to obtain information on the affected computer, run and download files, launch distributed denial of service (DDoS) attacks, upload files by FTP, etc.
In addition, certain variants of Gaobot:
- Take advantage of the backdoors opened by the worms Bagle.A and Mydoom.A, in order to spread to those computers affected by these worms.
- End processes belonging to antivirus programs, firewalls and system monitoring tools, among others. This leaves the affected computer vulnerable to the attack of other viruses or worms.
- End the processes belonging to Nachi.A, Autorooter.A, Sobig.F and several variants of Blaster.
With the W32/Gaobot.BKE Remover utility youll be able to easily clean the virus infection fom your computer.
Resolve for W32/Apribot-C 1.06
A tool that removes W32/Apribot-C more>> A tool that removes W32/Apribot-C
Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms.
They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.
W32/Apribot-C is an IRC backdoor with spreading capability.
Each time the worm is run it tries to connect to a remote IRC server and join a specific channel. The backdoor component then runs in the background as a server process, listening for commands to execute. The infected computer can be used to perform several functions: W32/Apribot-C is an IRC backdoor with spreading capability.
Each time the worm is run it tries to connect to a remote IRC server and join a specific channel. The backdoor component then runs in the background as a server process, listening for commands to execute. The infected computer can be used to perform any of the following functions:
Proxy server (SOCKS4)
FTP server
SMTP server
File system Manipulation
Port scanner
DDoS floods (TCP,UDP,SYN)
Remote shell (RLOGIN)
Key logger
When first run the worm copies itself to the Windows System folder under a randomly generated name. The copy may have some random data appended to it. In order for the copy to be run on startup, registry entries are created under random names in the following locations:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices
HKCUSoftwareMicrosoftWindowsCurrentVersionRun
The worm chooses from one or two of the following strings to form the filename:
SERV
DISK
STAT
LOAD
INI
SCAN
INIT
SRV
DSK
CONF
CFG
MON
DLL
VXD
CHK
REG
DRV
WIN
SYS
Stat
Load
Scan
Init
Service
Disk
Config
Monitor
Check
Reg
Drive
Win
System
The following entry is also created:
HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon
Shell = "Explorer.exe,[filename] -shell"
Many additional registry entries may be created, changed or deleted. In particular, many entries are created in the following registry locations:
HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer
DisallowRun
HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem
DisableRegistryTools
HKLMSOFTWAREMicrosoftConnect
The following entries are set:
HKLMSYSTEMControlSet001ControlLsarestrictanonymous = 1
HKLMSYSTEMCurrentControlSetControlLsarestrictanonymous = 1
W32/Apribot-C may also attempt to disable debugging and firewall software.
The worm appends several lines to the HOSTS file, found in the driversetc subfolder of the Windows System folder. Each line consists of a randomly chosen IP address beginning with "127" and a web address. The worm appends this data in order to prevent access to a number of anti-virus and Microsoft web sites.
W32/Apribot-C can be removed from Windows computers automatically with the following Resolve tools:
Windows disinfector
APRIBGUI is a disinfector for standalone Windows computers. To use it you have to do the following:
- Open APRIBGUI.com file from your desktop after downloading it.
- Click on the Start Scan Button.
- Wait for the process to complete.
Command line disinfector
APRIBSFX.EXE is a self-extracting archive containing APRIBCLI, a Resolve command line disinfector for use on Windows networks.
Scrutinizer NetFlow & sFlow Analyzer 7.2
Scrutinizer NetFlow & sFlow Analyzer uses Cisco NetFlow technology and the sFlow standard to provide incredibly detailed network utilization information for the hosts and applications causing the most traffic. more>>
Scrutinizer NetFlow & sFlow Analyzer is a free software application that provides incredibly detailed network utilization information for the hosts and applications using the most bandwidth.
Using Cisco NetFlow Technology and the sFlow standard, Scrutinizer is able to retrieve the traffic details you need and present them in a detailed graphical view. Version 7.2 adds full NetFlow support for Cisco ASA gear, more behavioral analysis gadgets, additional languages and much more.
New in version 7.2:
+ Users can migrate their existing v6 data (contact Plixer for more information)
+ Custom reports beyond 1 minute intervals are now available for Cisco ASA
+ Cisco ASA interfaces are available in the Interface Summary
+ Users can specify on the login page whether to remember login credentials
+ Japanese Documentation is now available
+ German Documentation is now available
+ Each user can specify his/her own look and feel of Scrutinizer
- Fixed geocode lookup from recent Google API changes
+ Can configure interfaces with EGRESS/BOTH in the NetFlow Configuration Wizard
- Fixed issue where users could save the same custom name to multiple IPs
+ There is now a new report type called FLOWS
+ Denika Connections are available from the Mapping Interface
- Fixed formatting issue when viewing AS to AS reports in bi-directional mode
+ A new DDoS Algorithm is available in Flow Analytics
+ And more...
System Requirements: 2.0 GHz+ 2GB ram 80Gig IDE or SATA HDD
<<lesseEye patch for the IE createTextRange() vulnerability
eEye patch for the IE createTextRange() vulnerability is a patch which can solve the IE createTextRange() vulnerability. more>>
eEye patch for the IE createTextRange() vulnerability is a patch which can solve the IE createTextRange() vulnerability. eEye Digital Security is advising customers to the existence of exploit code that targets a critical security vulnerability in Microsoft Internet Explorer. The exploit pertains to an unpatched vulnerability that has been released on various public mailing lists.
This issue affects any Windows operating system running Internet Explorer versions 5.01 SP4 through 6.0 SP1. The vulnerability results from the method in which Internet Explorer handles HTML Objects. This flaw allows for remote code to be executed on the target system. If successfully exploited, an attacker will only have the rights of the currently logged on user. System Administrators should be careful to not use Administrator accounts for general system use.
There have been numerous reports of this vulnerability being used on various websites in attempts to install Spyware and remote control ""bot"" software for use in Distributed Denial of Service (DDoS) attacks.
The recommended action required to protect systems against this attack is to disable Active Scripting from within Internet Explorer.
Additionally, eEye Digital Security s Research Team has released a workaround for the vulnerability as a temporary measure for customers who have not yet installed Blink, eEye's host-based intrusion prevention solution. This workaround is not meant to replace the forthcoming Microsoft patch, rather it is intended as a temporary protection against this flaw.
HexHub 5.04
An IOCP-based file-sharing hub with anti-flood protection, anti-spam protection, DDoS filtering more>>
HexHub 5.04 is created to be a powerful IOCP-based file-sharing hub with anti-flood protection, anti-spam protection, DDoS filtering / source locator, content filtering and more. The HexHub server also features (as much as the configuration options permit) an easy to use graphical interface that should get your hub up and running in no time.
Enhancements
- Corrected: error while allocating cache buffers (thanks to Takel for reporting this error)
- Corrected: if securepass was enabled, it was always required when registering on website
- Added: new setting to re-scan plugins: !set ext rescan (requested by Maximum)
- Added: support for Keep-Alive connections
- Added: new parameter "post" that is used to prevent IE from reposting form data
- The !seen command can be forced to search for a nick in case the nick starts with a number if a "." is appended to it !seen. nick (requested by RoLex)
- The right adm6 is needed to see copyright information for installed plugins with !about
Albu Cristian Laurentiu - An IOCP-based file-sharing hub with anti-flood protection, anti-spam protection, DDoS filtering. HexHub. An IOCP-based file-sharing hub with anti-floodAlbu Cristian Laurentiu - file-sharing hub with anti-flood protection, anti-spam protection, DDoS filtering. HexHub. HeXHub is an IOCP-based file-sharing hub with anti-flood protection- Page: 1 of 1
- 1
