PC¼¼ÀÌÆÛ ºü¸¥ ¸Þ´º


 PC¼¼ÀÌÆÛ ¸Þ´º ¾È³»
PC¼¼ÀÌÆÛ È¨
·Î±×ÀÎ (À¯·á»ç¿ëÀÚ)
ÇÁ·Î±×·¥ ¼Ò°³
ÇÁ·Î±×·¥ °¡À̵å
 - ±¸¸Å¹æ¹ý
 - »óÇ°±Ç°áÁ¦
 - ÀÚµ¿°áÁ¦ Ãë¼Ò
 - °Ë»ç¤ýÄ¡·á¹æ¹ý
 - ȯ°æ¼³Á¤
 - ÆÄÀϺ¹¿ø
¾Ç¼ºÄÚµå? ¹ÙÀÌ·¯½º?
 - ¾Ç¼ºÄÚµå¶õ?
 - ¹ÙÀÌ·¯½º¶õ?
 - ºÒÇÊ¿äÇÑ Á¤º¸¶õ?
º¸¾ÈÁ¤º¸
 - º¸¾ÈÄ®·³
 - MSº¸¾È±Ç°í¹®
°í°´Áö¿ø
 - °øÁö»çÇ×
 - ÀǽɵǴ ÆÄÀϽŰí
 - ÀæÀº Áú¹®¤ý´äº¯
 - 1:1»ó´ã

¹ÙÀÌ·¯½º À̸§ Worm-W32/Blaster ¹ÙÀÌ·¯½º Á¾·ù Worm
½ÇÇà ȯ°æ NT °è¿­ (nt, 2000, xp, 2003) Á¦ÀÛÁö ºÒºÐ¸í
¹ß°ßÀÏ 20030812 ¹ÙÀÌ·¯½ºÅ©±â 6,176 Bytes
¸ÞÀÏ Á¦¸ñ
÷ºÎÆÄÀÏ
¹ÙÀÌ·¯½º Áõ»ó
NT °è¿­ÀÇ DCOM RPC º¸¾ÈÀÇ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© °¨¿° ÀüÆĵǴ ¿ú ¹ÙÀÌ·¯½ºÀÌ´Ù. ¹ÙÀÌ·¯½º°¡ ½ÇÇàµÇ¸é ÀϹÝÀûÀ¸·Î À©µµ¿ìÁîÀÇ ½Ã½ºÅÛ Æú´õ(c:\winnt\system32)¿¡ msblast.exe ÆÄÀÏÀ» »ý¼ºÇÏ°í ·¹Áö½ºÆ®¸®¸¦ ´ÙÀ½°ªÀ¸·Î ÷ºÎÇÑ´Ù. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Ç׸ñ¿¡ Windows auto update = msblast.exe


À©µµ¿ìÁî ÀÚü°¡ °è¼Ó ÀçºÎÆà µÇ±âµµ Çϸç, ƯÁ¤ Æ÷Æ®(135¹ø)ÀÇ Æ®·¡ÇÈÀÌ °úÁߵȴÙ. ¶ÇÇÑ ½Ã½ºÅÛÀÇ º¹»ç, ÀͽºÇ÷η¯ÀÇ »õâ ¶ç¿ì±â¿Í Áñ°Üã±â¿Í °°Àº ¹Ù·Î°¡±â Çü½ÄÀÇ ¸µÅ©°¡ ½ÇÇàµÇÁö ¾Ê´Â´Ù. ÀÌ Á¤º¸´Â ºÐ¼®ÀÌ ´õ ÀÌ·ç¾îÁö´Â µ¥·Î ¾÷µ¥ÀÌÆ®µÉ ¿¹Á¤ÀÌ´Ù.
Ä¡·á ¹æ¹ý Åͺ¸¹é½ÅÀ¸·Î Áø´Ü Ä¡·á °¡´ÉÇÕ´Ï´Ù.
±Ùº»ÀûÀÎ ÇØ°áÀ» À§ÇØ ´ÙÀ½ÀÇ À©µµ¿ìÁî º¸¾È ÆÐÄ¡¸¦ ¼öÇàÇÏ¿©¾ß ÇÕ´Ï´Ù.

Windows NT 4.0 Server

http://microsoft.com/downloads/details.aspx?FamilyId=2CC66F4E-217E-4FA7-BDBF-DF77A0B9303F&displaylang=ko

Windows NT 4.0 Terminal Server

http://microsoft.com/downloads/details.aspx?FamilyId=6C0F0160-64FA-424C-A3C1-C9FAD2DC65CA&displaylang=en

Windows 2000

http://www.microsoft.com/downloads/details.aspx?FamilyId=C8B8A846-F541-4C15-8C9F-220354449117&displaylang=ko

Windows XP

http://www.microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC-9532-3DE40F69C074&displaylang=ko

Windows Server 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=F8E0FF3A-9F4C-4061-9009-3A212458E92E&displaylang=ko
Á÷Á¢Ä¡·á¹æ¹ý [¹æ¹ý1]


1.[½ÃÀÛ] - [½ÇÇà] ¿¡¼­ Regedit ½ÇÇà ÈÄ, ´ÙÀ½ÀÇ °ªÀ» ã¾Æ »èÁ¦ÇÑ´Ù.


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Ç׸ñ¿¡ Windows auto update ÀÇ °ª msblast.exe ÀÌ ÀÖ´Ù¸é »èÁ¦ÇÑ´Ù.


2. ctrl-alt-del Å°¸¦ ÀÌ¿ëÇÏ¿© ÀÛ¾÷°ü¸®ÀÚ¸¦ ½ÇÇà½ÃŲ´Ù.
msblast.exe ÇÁ·Î¼¼½º¸¦ ã¾Æ [ÇÁ·Î¼¼½º ³¡³»±â]¸¦ Ŭ¸¯ ÇÏ¿©,
ÇÁ·Î¼¼½º¸¦ Á¾·á ÇÑ´Ù.









3. ´ÙÀ½ÀÇ ¸µÅ©¿¡¼­ À©µµ¿ìÁî º¸¾ÈÆÐÄ¡¸¦ ¼³Ä¡ÇÑ´Ù.


Windows NT 4.0 Server



http://microsoft.com/downloads/details.aspx?FamilyId=2CC66F4E-217E-4FA7-BDBF-DF77A0B9303F&displaylang=ko



Windows NT 4.0 Terminal Server



http://microsoft.com/downloads/details.aspx?FamilyId=6C0F0160-64FA-424C-A3C1-C9FAD2DC65CA&displaylang=en



Windows 2000



http://www.microsoft.com/downloads/details.aspx?FamilyId=C8B8A846-F541-4C15-8C9F-220354449117&displaylang=ko



Windows XP



http://www.microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC-9532-3DE40F69C074&displaylang=ko




Windows Server 2003



http://www.microsoft.com/downloads/details.aspx?FamilyId=F8E0FF3A-9F4C-4061-9009-3A212458E92E&displaylang=ko



4. ¸¸¾à ÆÐÄ¡¸¦ ¹Þ´Â µ¿¾È À©µµ¿ì ÀçºÎÆà ī¿îµå°¡ ³ª¿À¸é ´ÙÀ½°ú °°ÀÌ
ÁßÁö½ÃÅ°µµ·Ï ÇÑ´Ù.


[½ÃÀÛ]->[½ÇÇà] -> Shutdown -a ÀÔ·ÂÈÄ [enter]


[¹æ¹ý 2]

1. http://www.everyzone.com ¿¡¼­ Worm-W32/Blaster º¸¾È ÆÐÄ¡¸¦ ¹Þ´Â´Ù.

2. ÄÄÇ»Å͸¦ ÄѼ­ ÀçºÎÆÃÇÑ´Ù.

3. F8Å°¸¦ ´­·¯¼­ ¾ÈÀü¸ðµå·Î ºÎÆÃÇÑ´Ù.

4. ½ÃÀÛ->½ÇÇà->cmd ¸¦ ½ÇÇàÇÑ´Ù.

5. del c:\À©µµ¿ìÁî ½Ã½ºÅÛ Æú´õ\msblast.exe

   ex1) del c:\windows\system32\msblast.exe

   ex2) del c:\winnt\system32\msblast.exe

6. 1 ¿¡¼­ ¹Þ¾Æ³õÀº º¸¾È ÆÐÄ¡¸¦ ½ÇÇàÇÑ´Ù.

7. ÀçºÎÆÃÇÏ¿© ÄÄÇ»Å͸¦ »ç¿ëÇÑ´Ù.

* 4-5 °úÁ¤Àº À©µµ¿ìÁî Ž»ö±â¸¦ ÀÌ¿ëÇÏ¿© Á÷Á¢ ÆÄÀÏÀ» »èÁ¦Çصµ µÈ´Ù.

* Âü°í·Î ·Î±×ÀÎ ¾ÏÈ£°¡ ¼³Á¤µÇ¾î ÀÖÁö ¾Ê´Ù¸é ¹Ýµå½Ã ¼³Á¤À» Çؾ߸¸
´Ù¸¥ ¹ÙÀÌ·¯½ºÀÇ °¨¿°À» ¸·À»¼ö°¡ ÀÖ´Ù.