Careful use of backdoor traps with mirror recovery systems

        Nowadays, all kinds of WindowsXP system universal Ghost installation CDs and files are popular in the world and online. It is also very convenient to use. To install a system, you only need to restore the Ghost image file, install the driver, and complete it in just over ten minutes. However, there are fine products in various universal Ghost version system CDs, as well as garbage, and there are hidden traps in the back door! First, WindowsXP universal Ghost system analysis When the universal Ghost system is produced, it is to delete the redundant files that come with Windows after the installation is successful, and delete the hardware information, and then system packaging. If the creator intentionally replaces a system file with a Trojan backdoor before installation, or opens certain ports in the system, opens some dangerous services, and leaves some empty password accounts, then the created Ghost system will exist. Various security vulnerabilities. Users who use these systems after these Ghost systems are circulated may be controlled by the author as "broiler". Second, the Ghost version of the system common vulnerability list 1. Empty password remote desktop vulnerability. You can use the blank password for 3389 remote login, and you can perform the task system operation remotely. Use 3389 vulnerability to brush Q coins, steal ADSL password accounts and so on. 2. Hide shared vulnerabilities. Any user can access the shared, non-default IPC$ share and can see the share permissions for Everyone full control. There are many uses, and the Guest group can also format your hard drive. 3.Administrator user password vulnerability, not much to introduce. 4. Enable dangerous services. Many dangerous services can be found in the service tool and the remote tab allows the user to remotely connect to this computer and start. 5. The firewall has been hand-footed. In the system firewall, you can see that the items that are allowed to pass by default are checked. 6. Rogue software and backdoor Trojans, privately install a lot of rogue software for users. Even more terrifying is to replace the system file with a gray pigeon Trojan! (And now there is software for cloning system file version information, you can camouflage the appearance of the Trojan file as if it were the system file, including the logo size, etc.!)