摘要
端口反弹型木马是一种新的特洛伊木马,它能够轻而易举地穿透局域网的防火墙,而且能入侵到局域网内部没有公网IP地址的主机,这类木马对计算机网络安全带来了严重的威胁。文章比较了端口反弹型木马与传统木马的通信方式,指出了端口反弹型木马通信技术的优点,研究了两种典型端口反弹型木马的通信过程,即半反弹连接方式和完全反弹连接方式,并对它们进行了比较。最后,为验证端口反弹通信连接,设计了一个原型木马。
The Port Recall Trojan Horse (PRTH) is a new kind of Trojan Horse (TH). It can pass through not only the firewall of LAN, but also intrude the intranet hosts without public network IP address. This kind of TH has caused the great harm to computer networks, In this paper, communication techniques between traditional TH and the PRTH are compared, and the advantages of PRTH communication are pointed out. Two typical communication connection methods, semi-recaLl connection mode and full-recall connection mode, are also studied. Finally, a prototype PRTH is designed to validate the port recall communication connection.
出处
《微电子学与计算机》
CSCD
北大核心
2006年第2期193-197,共5页
Microelectronics & Computer
基金
航空科学基金(01F53031)
教育部博士点基金(20020699026)
