Gray Pigeon, a since the birth, has been each anti-virus manufacturer unanimously Shanta Trojan program, although its author in the software license to argue that they are remote management software.
"A three-foot machete, with jagged blades, there is a blood groove on the side, the handle is hidden in dozens of of heavy rain pear needles, but also with the knife to quench the need for all materials and equipment, now put a label to sell, said he is a kitchen knife, you really have only ~ ~ ~" This is a netizen of gray pigeon 2007 evaluation
February 21, 2007, Gray Pigeon 2007beta2 version released. This version can perform the following actions on a remote computer: Edit the registry, upload the download file, view the system information, process, service, view the Operation window, record the keyboard, modify the sharing, open the proxy server, command line operation, monitor the remote screen, manipulate the remote voice video device, shut down, restart the machine, and so on.
Functionally, the software does meet the needs of remote management. The question is, as a webmaster, would you use it as a remote management software? The author telephone visited 10 network management friends, of which 5 are using pcanywhere,3 for Remote Desktop, 2 with Radmin. Then you will not use the gray pigeon to do remote management, all said "No", one of the friends also said that the net Works Gray Pigeon tube server, that is the head of water.
This article simply enumerates the Gray pigeon client and the service side function, and the real network management software makes a comparison, tries to give the reader to expose the gray pigeon software The real intention, see this software is really as the author has argued, is only a remote management software.
The remote management software generally has the service end (is controlled) and the client (the control end) two parts compose. The administrator first installs the server-enabled programs on the servers that need to be managed, the service side opens the corresponding network port, waits for the client's instructions, and the client connects to the service-side specified port to complete the Remote administration task. All administrators are aware of the risks of remote administration, and only clients with remote administrative privileges can establish connections properly. And, all management operations, on the server side, will provide connectivity logs for administrators to manage maintenance. Interested friends can take Windows Remote Desktop and pcanywhere to test.
and gray Pigeon service, not waiting for the client to connect, but the system started, the server will go to the automatic on-line connection control, the control of the operator at any time can complete the operation he wants, and all this, the server side of the administrator may not know.
Configure service-side automatic online
Figure 1
Server-side programs to delete themselves, and can choose to completely hide the server-side icon, even if there is a server-side icon, and other normal remote management software, this icon is completely useless, you just know it exists, want to close also difficult to do.
Configure the virus name that will be planted on the broiler
Figure 2
Configure the virus to automatically load Startup items
The name of the service can be arbitrarily customized, which means that a lot of people will be deceived by false information, this can be canceled, so configured to come out of the service side, run Msconfig to start management, will not find the traces of the Trojan horse.
Figure 3
Configuring proxy servers
In this way, the gray pigeon machine on the unclear for the third party to provide network connectivity services. Using a proxy server as a springboard to attack third party targets, the hacker's favorite thing to do, once someone is traced, these proxy servers become the scapegoat for real hackers.
Figure 4