- Juggernaut: spy on a TCP connection and issue commands as the logged user.
- Hunt: spy on a TCP connection (works with shared and switched nets)
- Countermeasures: encrypted protocols such as IPSec, SSH.
TFTP: Trivial File Transfer Protocol.
- Used by routers, and there are free servers for Windows.
- Standard client in Windows 2000: TFTP.EXE protected by Windows File Protection so it can't be removed.
- Prevent its use by Nimda :
- Edit the services file: systemroot/system32/drivers/etc/services
- Find this line tftp 69/udp
- Replace it with tftp 0/udp
- Help desk information: on the Web, e-mail, voice
- User information: on the Web, e-mail, voice