Related Research Articles
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
Warez is a common computing and broader cultural term referring to pirated software that is distributed via the Internet. Warez is used most commonly as a noun, a plural form of ware, and is intended to be pronounced like the word wares. The circumvention of copy protection (cracking) is an essential step in generating warez, and based on this common mechanism, the software-focused definition has been extended to include other copyright-protected materials, including movies and games. The global array of warez groups has been referred to as "The Scene", deriving from its earlier description as "the warez scene". Distribution and trade of copyrighted works without payment of fees or royalties generally violates national and international copyright laws and agreements. The term warez covers supported as well as unsupported (abandonware) items, and legal prohibitions governing creation and distribution of warez cover both profit-driven and "enthusiast" generators and distributors of such items.
The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data connections between the client and the server. FTP users may authenticate themselves with a plain-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS) or replaced with SSH File Transfer Protocol (SFTP).
An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.
XDCC is a computer file sharing method which uses the Internet Relay Chat (IRC) network as a host service.
Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. During the second half of 2007, XSSed documented 11,253 site-specific cross-site vulnerabilities, compared to 2,134 "traditional" vulnerabilities documented by Symantec. XSS effects vary in range from petty nuisance to significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner network.
Nmap is a network scanner created by Gordon Lyon. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.
Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.
Topsite is a term used by the warez scene to refer to underground, highly secretive, high-speed FTP servers used by release groups and couriers for distribution, storage and archiving of warez releases. Topsites have very high-bandwidth Internet connections, commonly supporting transfer speeds of hundreds to thousands of megabits per second; enough to transfer a full Blu-ray in seconds. Topsites also have very high storage capacity; a total of many terabytes is typical. Early on these warez sites were mainly distributing software such as games and applications after the release groups removed any protections. Now they are also a source of other copyright protected works such as movies and music. It is strictly prohibited for sites to charge for access to the content, due to decreased security, and sites found doing so are shunned by the topsite community.
File eXchange Protocol is a method of data transfer which uses FTP to transfer data from one remote server to another (inter-server) without routing this data through the client's connection. Conventional FTP involves a single server and a single client; all data transmission is done between these two. In the FXP session, a client maintains a standard FTP connection to two servers, and can direct either server to connect to the other to initiate a data transfer. The advantage of using FXP over FTP is evident when a high-bandwidth server demands resources from another high-bandwidth server, but only a low-bandwidth client, such as a network administrator working away from location, has the authority to access the resources on both servers.
A warez group is a tightly organised group of people involved in creating and/or distributing warez such as movies, music or software ("warez") in The Scene. There are different types of these groups in the Scene: release groups and courier groups. Groups often compete, as being the first to bring out a new quality release can bring status and respect – a type of "vanity contest". The warez groups care about the image others have of them.
File Service Protocol (FSP) is a UDP-based replacement for the File Transfer Protocol, designed for anonymous access with lower hardware and network requirements than FTP. In particular, because it uses UDP, it avoids the problems that many FTP servers have had with requiring a separate process for each client, and because it is built to use an unreliable protocol, it can more easily handle resuming a transfer after a network failure.
The Warez scene, often referred to as The Scene, is a worldwide, underground, organized network of pirate groups specializing in obtaining and illegally releasing digital media for free before their official sale date. The Scene distributes all forms of digital media, including computer games, movies, TV shows, music, and pornography. The Scene is meant to be hidden from the public, only being shared with those within the community. However, as files were commonly leaked outside the community and their popularity grew, some individuals from The Scene began leaking files and uploading them to filehosts, torrents and ed2k.
Norton Internet Security, developed by Symantec Corporation, is a discontinued computer program that provides malware protection and removal during a subscription period. It uses signatures and heuristics to identify viruses. Other features include a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after 14 years as the chief Norton product. It was superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.
FlashFXP is a proprietary FTP client with a simple Windows-based GUI. FlashFXP supports both client-to-server and server-to-server (FXP) transfers, in addition to SCP/SFTP.
An FXP board is an internet forum composed of members which distribute access to FTP servers or "pubstros". These forums are used to provide access to servers usually containing warez. FXP boards generally differ from other forums by having a very selective membership, typically opening public registration for a limited time and then closing until further notice.
glFTPd is a freely available FTP server which runs on Unix, Linux, and BSD operating systems. It has number of features, like logins restricted by a particular set of IP addresses, transfer quotas per-user and per-group basis, and user/groups not stored in the system files, which make it attractive to private warez servers, including topsites. It does have legitimate uses though—a number of web development books recommend it amongst other general purpose FTP servers, and some Linux certification exams of SAIR required knowledge of it. It can integrate with Eggdrop through IRC channels.
Max Ray Vision is a former computer security consultant and hacker who served a 13-year prison sentence, the longest sentence ever given at the time for hacking charges in the United States. He was convicted of two counts of wire fraud, including stealing nearly 2 million credit card numbers and running up about $86 million in fraudulent charges.
Endian Firewall is an open-source router, firewall and gateway security Linux distribution developed by the South Tyrolean company Endian. The product is available as either free software, commercial software with guaranteed support services, or as a hardware appliance.
A web shell is a shell-like interface that enables a web server to be remotely accessed, often for the purposes of cyberattacks. A web shell is unique in that a web browser is used to interact with it.
References
- Braithwaite, Richard, "The ‘pubstro’ phenomenon: Robin Hoods of the Internet" (2003). ACIS 2003 Proceedings. 104.
- Jelver, P.: Pubstro-hacking – Systematic Establishment of Warez Servers on Windows Internet Servers, Verified: July 24 (2003), July 23 (2002)
- Stefan, Axelsson; Sands, David (2006). "Visualization for Intrusion Detection—Hooking the Worm". Understanding Intrusion Detection Through Visualization. Advances in Information Security. Vol. 24. Springer Verlag. pp. 111–127. CiteSeerX 10.1.1.2.3933 . doi:10.1007/0-387-27636-X_7. ISBN 0-387-27634-3.
- Pubstro and pubbing explanations on aboutthescene.com.