翻訳と辞書
Words near each other
・ MyEnvironment
・ Myeolchijeot
・ Myeon
・ Myeon (administrative division)
・ Myeonbok
・ Myeong-dong
・ MyDirectives
・ MyDirtyHobby
・ Mydlita
・ Mydlovary
・ MyDLP
・ Mydnight's Hero
・ MyDOL
・ Mydolls
・ Mydon
Mydoom
・ Mydriase
・ Mydriasis
・ MyDrink Beverages
・ Mydrodoxa
・ Mydromera
・ Mydromera carmina
・ Mydromera notochloris
・ Mydukur
・ Mydukur (Assembly constituency)
・ Mydłów
・ MYE
・ Myebon
・ Myebon Township
・ Myechyslaw Hryb


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Mydoom : ウィキペディア英語版
Mydoom
Mydoom, also known as W32.MyDoom@mm, Novarg, Mimail.R and Shimgapi is a computer worm affecting Microsoft Windows. It was first sighted on January 26, 2004. It became the fastest-spreading e-mail worm ever (), exceeding previous records set by the Sobig worm and ILOVEYOU.
Mydoom appears to have been commissioned by e-mail spammers so as to send junk e-mail through infected computers. The worm contains the text message ''"andy; I'm just doing my job, nothing personal, sorry,"'' leading many to believe that the worm's creator was paid. Early on, several security firms expressed their belief that the worm originated from a programmer in Russia.〔(Virulent MyDoom computer virus created in Russia - The St. Petersburg Times )〕 The actual author of the worm is unknown.
Speculative early coverage held that the sole purpose of the worm was to perpetrate a distributed denial-of-service attack against SCO Group. 25 percent of Mydoom.A-infected hosts targeted www.sco.com with a flood of traffic. Trade press conjecture, spurred on by SCO Group's own claims, held that this meant the worm was created by a Linux or open source supporter in retaliation for SCO Group's controversial legal actions and public statements against Linux. This theory was rejected immediately by security researchers. Since then, it has been likewise rejected by law enforcement agents investigating the virus, who attribute it to organized online crime gangs.
Initial analysis of Mydoom suggested that it was a variant of the Mimail worm—hence the alternate name Mimail.R—prompting speculation that the same people were responsible for both worms. Later analyses were less conclusive as to the link between the two worms.
Mydoom was named by Craig Schmugar, an employee of computer security firm McAfee and one of the earliest discoverers of the worm. Schmugar chose the name after noticing the text "mydom" within a line of the program's code. He noted: "It was evident early on that this would be very big. I thought having 'doom' in the name would be appropriate."
==Technical overview==
Mydoom is primarily transmitted via e-mail, appearing as a transmission error, with subject lines including "Error", "Mail Delivery System", "Test" or "Mail Transaction Failed" in different languages, including English and French. The mail contains an attachment that, if executed, resends the worm to e-mail addresses found in local files such as a user's address book. It also copies itself to the “shared folder” of peer-to-peer file-sharing application KaZaA in an attempt to spread that way.
Mydoom avoids targeting e-mail addresses at certain universities, such as Rutgers, MIT, Stanford and UC Berkeley, as well as certain companies such as Microsoft and Symantec. Some early reports claimed the worm avoids ''all'' .edu addresses, but this is not the case.
The original version, Mydoom.A, is described as carrying two payloads:
* A backdoor on port 3127/tcp to allow remote control of the subverted PC (by putting its own SHIMGAPI.DLL file in the system32 directory and launching it as a child process of the Windows Explorer); this is essentially the same backdoor used by Mimail.
* A denial of service attack against the website of the controversial company SCO Group, timed to commence 1 February 2004. Many virus analysts doubted if this payload would actually function. Later testing suggests that it functions in only 25% of infected systems.
A second version, Mydoom.B, as well as carrying the original payloads, also targets the Microsoft website and blocks access to Microsoft sites and popular online antivirus sites by modifying the hosts file, thus blocking virus removal tools or updates to antivirus software. The smaller number of copies of this version in circulation meant that Microsoft's servers suffered few ill effects.〔http://abcnews.go.com/Technology/ZDM/story?id=97385〕

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Mydoom」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.