Packet Peeper 2014-06-15 Free Download For Mac
Mac users interested in Packet sniffer mac osx generally download: Cocoa Packet Analyzer 1.51 Free Cocoa Packet Analyzer is a native Mac OS X implementation of a network protocol analyzer and packet sniffer.
Doctor Web exposes 550 000 strong Mac botnet April 4, 2012 Doctor Web—the Russian anti-virus vendor—conducted a research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X. Now BackDoor.Flashback botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada. This once again refutes claims by some experts that there are no cyber-threats to Mac OS X. Systems get infected with after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web's virus analysts discovered a large number of web-sites containing the code. The recently discovered ones include:.
godofwar3.rr.nu. ironmanvideo.rr.nu. killaoftime.rr.nu. gangstasparadise.rr.nu. mystreamvideo.rr.nu. bestustreamtv.rr.nu.
ustreambesttv.rr.nu. ustreamtvonline.rr.nu. ustream-tv.rr.nu. ustream.rr.nu According to some sources, links to more than four million compromised web-pages could be found on a Google SERP at the end of March. In addition, some posts on Apple user forums described cases of infection by BackDoor.Flashback.39 when visiting dlink.com. Attackers began to exploit CVE-2011-3544 and CVE-2008-5353 vulnerabilities to spread malware in February 2012, and after March 16 they switched to another exploit (CVE-2012-0507). The vulnerability has been closed by Apple only on April 3 2012.
The exploit saves an executable file onto the hard drive of the infected Mac machine. The file is used to download malicious payload from a remote server and to launch it. Doctor Web found two versions of the Trojan horse: attackers started using a modified version of around April 1. Doctor Web is the Russian developer of Dr.Web anti-virus software. We have been developing our products since 1992. The company is a key player on the Russian market for software that meets the fundamental need of any business — information security. Doctor Web is one of the few anti-virus vendors in the world to have its own technologies to detect and cure malware.
Our anti-virus protection system allows the information systems of our customers to be protected from any threats, even those still unknown. Doctor Web was the first company to offer an anti-virus as a service and, to this day, is still the undisputed Russian market leader in Internet security services for service providers. Doctor Web has received state certificates and awards; our satisfied customers spanning the globe are clear evidence of the high quality of the products created by our talented Russian programmers.
First off, I am a new Mac user, so bear with me. I opened Disk Utility and noticed that a seemingly strange file was showing up. Underneath the name of my hard drive and SuperDrive is 'decryptedFile.dmg' and underneath that on a sub-level is 'Flash Player.' I researched online and found that 'decryptedFile.dmg' is a sign of the Flashback trojan, but I've also read that it is a harmless 'leftover' from installing Flash Player.
I bought my iMac in July of this year. Can someone please calm my nerves and confirm what this file is and does? Here is a screenshot. You haven't filled out your profile yet, so I don't know a lot about your setup. Since you are posting to the iMac (Intel) forum, I know that much, but what OS X are you running. It makes a big difference on how we approach this.
ABuck wrote: First off, I am a new Mac user, so bear with me. I opened Disk Utility and noticed that a seemingly strange file was showing up.
Underneath the name of my hard drive and SuperDrive is 'decryptedFile.dmg' and underneath that on a sub-level is 'Flash Player.' I researched online and found that 'decryptedFile.dmg' is a sign of the Flashback trojan, but I've also read that it is a harmless 'leftover' from installing Flash Player. Not necessarily. If it's actually still on your hard drive then it is capable of installing/reinstalling one of the older variants of Flashback.
It should have been downloaded to a temp area which is normally emptied of everything on reboot, but it sounds to me like something may have gone wrong with that. Disk Utility has a habit of remembering files that it has mounted in the past and displaying them in an unmounted state. If you highlight the.dmg it should tell you next to 'Write Status:' if it's not mounted. Since you say you see 'Flash Player' underneath, it sounds like it's mounted and the Trojan is ready for installation. I bought my iMac in July of this year. As far as I know that variant of Flashback has not been seen in the wild since late last year.
If you bought it used there is no telling what is there and you should quickly back up any user files you have, erase the drive and install the OS from the original disks. Past my bed time, so I'll have to pick this back up in the AM. ABuck wrote: since posting my question, I ran the Flashback detection tool from F-Secure and a tool from.
Both came up clean. That's good news, as it means the Flashback Trojan was not installed. I know for a fact that the F-Secure tool does not check for the presence of the Flashback download/installer and I'm currently looking into the mashable script to see if it does. The reason for that is as I said before, that file is normally destroyed during the installation process or upon reboot and as you said is technically not a threat in and of itself. I recommend you download and search for 'decryptedFile.dmg' (hold the option key down when clicking the 'Find' button and supply your admin password to search everywhere on your hard drive). If you find it come back here and I'll make arrangements to have it tested. I restarted my computer only to find that the 'decryptedFile.dmg' and 'Flash Player' had disappeared.
Restarting may well have erased it if it was, in fact, a temp file. Could be something new but I did think of another possibility. Effective with the latest versions of Flash, users have the option of allowing Flash Player to update itself in the background. That is done by selecting that option in the Flash pane of System Preferences.
If you have done that then it's possible you happened to observe that process when you opened Disk Utility. I find it hard to believe that Adobe would have picked that name for the.dmg file given it's history, but currently have no way of checking it out. I finished evaluating those two mashable scripts and they only check for a few variants of Flashback with the following terminal commands: do shell script 'defaults read /Applications/Safari.app/Contents/Info LSEnvironment' do shell script 'defaults read /.MacOSX/environment DYLDINSERTLIBRARIES' Not enough to find the file you saw. ABuck wrote: Considering that I purchased my new iMac in July of this year and that the Flashback Trojan was widely made public in April, don't you think that my computer should have had the latest security updates that fixed the vulnerability associated with the Flashback Trojan? As I mentioned before, the use of the 'decryptedFile.dmg' was well know in October of 2011 and wasn't even in part of the Java installer in April.
I'm thoroughly familiar with all the signatures in use by Apple's XProtect system and don't believe that any of them protect against that particular file, although I would have to obtain a sample of it to be certain. Again, I'm primarily concerned that this could be something new.After reading other support threads, I'm leaning towards the file simply being tied to the Adobe Flash Player Updater and not the trojan. I'm just paranoid when it comes to not knowing what's on my computer. And to some extent, you should be.
I have to admit at this point I would be. I see that Adobe updated Flash Player to v11.3.300.269 on or about Aug 2nd, so the timing would be right for an update. Do you have auto updates enabled? Another thing you can do is inspect the install log to see what files were installed where and when. Launch the Console app by typing Command-Space to bring up the Spotlight search box and typing the first few letters of console then hit return when it shows up. Under 'LOG FILES' (make sure the disclosure triangles point down) and '/var/log' look for 'install.log'.
In the 'String Matching' box type 'flash' without quotes. If you don't find it there look in one of the older 'install.log.n.bz2' files where n is 0-5. Apple Footer. This site contains user submitted content, comments and opinions and is for informational purposes only.
Packet Peeper 2014-06-15 Free Download For Mac
Apple may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Apple can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site.
All postings and use of the content on this site are subject to the.