
	Where results make sense

Topic: Agent handler

Related Topics

The Secret Agent

agent provocateur

mail transfer agent

double agent

free agent

The Nerve Agents

Antiarrhythmic agents

Agent Orange

user agent

oxidizing agent

Agents of Fortune

Agent Cody Banks

In the News (Sun 27 May 12)

EXECUTIVE POWER

Iran

ANALYSIS

Pakistan

Family compact

	Agent handling - Wikipedia, the free encyclopedia
		Agent handler is a generic term common to many intelligence organizations which can be applied to Case Officers, those who aspire to be Case officers, "controllers", contacts, couriers and other assorted trainees.
		Agents are typically under the direction of an agent handler or controller.
		In some forms of infiltration, the agent may be provided with a false identity, which CIA calls a cover or legend, that might aid in their access and operability in regards to the target.
	en.wikipedia.org /wiki/Agent_Handling (1970 words)

	netsnmp_handler(3): basic theory goes something ... - Linux man page
		Net-SNMP Agent handler and extensibility API - The basic theory goes something like this: In the past, with the original mib module api (which derived from the original CMU SNMP code) the underlying mib modules were passed very little information (only the truly most basic information about a request).
		With the rewrite of the agent internals for the net-snmp 5.0 release, we introduce a modular calling scheme that allows agent modules to be written in a very flexible manner, and more importantly allows reuse of code in a decent way (and without the memory and speed overheads of OO languages like C++).
		Functionally, the notion of what a handler does is the same as the older api: A handler is created and then registered with the main agent at a given OID in the OID tree and gets called any time a request is made that it should respond to.
	www.die.net /doc/linux/man/man3/netsnmp_handler.3.html (2183 words)

	Observer \| British 'agent handler' lifts lid on Nelson story
		The man, known only as 'Geoff', is the first agent handler to break the official silence surrounding allegations that Britain has waged a 'dirty war' against IRA sympathisers.
		Nelson was meant to save lives by passing details of planned 'hits' to his handlers, who were supposed to pass it on so the operation could be thwarted.
		Nelson was unmasked as an army agent involved in murder in 1990 after John Stevens, then the Deputy Chief Constable of Cambridgeshire, investigated collusion between the security forces and the loyalist paramilitaries.
	observer.guardian.co.uk /print/0,3858,4023084-102285,00.html (573 words)

	[No title]
		The handler resolves the hostname to an IP address and sends the command "mstream/arg1:arg1/arg2" to all agents, where "arg1" is the resolved hosts' IP address twice with a colon between (this simplifies argument parsing in the agent) and "arg2" is the duration in seconds.
		The handler sends the command "mstream/arg1/arg2" to all agents, where "arg1" is the list of colon separated IP addresses, and "arg2" is the duration in seconds.
		Even though the agent "in the wild" had two options for accepting DDoS commands, namely "stream" and "mstream" as in the published source, only the mstream command is used in the handler to agent protocol.
	staff.washington.edu /dittrich/misc/mstream.analysis.txt (8404 words)

	CERT Incident Note IN-2000-05: mstream Distributed DoS
		The handler can be controlled remotely by one or more intruders using a password-protected interactive login to a running handler.
		The communications between intruder and handler, and the handler and agents, are configurable at compile time and have varied significantly from incident to incident.
		The apparent intent for 'stream' is to cause the handler to instruct all known agents to launch a TCP ACK flood against a single target IP address for a specified duration.
	www.cert.org /incident_notes/IN-2000-05.html (1348 words)

	[No title]
		Switch the agent to a new handler and handler port Generates a "switching" reply.
		Whereas the source port spoofing only works if the agent is running as a root privileged process, the author has added provisions for packet flooding using the UDP protocol and with the correct source address in the case the process is running as a simple user process.
		A better means of detecting "Shaft" handlers and agents would be to use a program like "rid", which uses a more flexible configuration file mechanism to define ports, protocols, and payloads.
	www.geocities.com /davevandal/DDoS/shaftddos.txt (2591 words)

	Answers for the Reverse Challenge
		The IP address of the handler is needed when replying to a status report query, or returning the output of an executed command.
		Each time the agent is to send a packet to a handler, the packet is sent to each of these 10 IP addresses.
		If the agent is performing a slow action, and a request to perform a different slow action arrives, the first action is terminated immediately, before starting the second.
	www.honeynet.org /reverse/results/sol/sol-06/answers.html (2900 words)

	Net-SNMP (Site not responding. Last check: 2007-10-11)
		creates a table handler given the netsnmp_table_registration_info object, inserts it into the request chain and then calls netsnmp_register_handler() to register the table into the agent.
		By creating a table handler and injecting it into your calling chain, or by using the netsnmp_register_table() function to register your table, you get access to some pre-parsed information.
		A netsnmp_table_registeration_info structure that is passed to the table handler should contain the asn index types for the table as well as the minimum and maximum column that should be used.
	net-snmp.sourceforge.net /dev/agent/group__table.html (963 words)

	Chimera - Details
		Chimera is based on a very clean architecture, in which agents react to events and respond by posting further events, and where these events may be generated or posted locally or across a network.
		An "agent", so far as Chimera is concerned, is a named software entity which reacts to events, generated both within itself and from elsewhere on a distributed network.
		This closes the agent of the given Name (atom), as well as any links that have been set up to or from the agent, and is effectively the reverse action of agent_create/3 with or without automatic calls to agent_close/2 as needed.
	www.lpa.co.uk /chi_det.htm (2745 words)

	SecuriTeam™ - Analysis of the Shaft distributed Denial of Service tool
		Switch the agent to a new handler and handler port.
		There is quite some activity between the handler and the agent, as they go through the command request and acknowledgement phases.
		The handler issues an "alive" command, and says "hi" to its agent, assigning a socket number of "5" and a ticket number of 8170.
	www.securiteam.com /securitynews/5AP0F000IM.html (2593 words)

	[No title]
		Agent Commands ============== The handler communicates to agents using string based commands in the data portion of UDP packets.
		Bugs in the source code for both handler and agent result in an increasing number of raw sockets and UDP sockets in the agent (three each are were witnessed on this agent), and an increasing number of open file handles and UDP sockets in the handler (hundreds were shown by Andrew Korty).
		If a rootkit is in place (as it was on both handler and agent systems), you cannot trust the standard operating system commands to show you the running handler or agent, or their network connections.
	stone.backrush.com /exploit/mUNIXes/dos8.html (5203 words)

	dod1.htm: denial of service attack tools (Site not responding. Last check: 2007-10-11)
		Stacheldraht agents were originally found in binary form on a number of Solaris 2.x systems, which were identified as having been compromised by exploitation of buffer overrun bugs in the RPC services "statd", "cmsd" and "ttdbserverd".
		The mass-instrusion phase is followed by the actual denial of service attack phase, in which these compromised systems which constitute the handlers and agents of the distributed attack network are used to wage massive denial of service attacks against one or more sites.
		In addition to finding an active handler, the agent performs a test to see if the network on which the agent is running allows packets to exit with forged source addresses.
	www.searchlores.org /dod1.htm (11098 words)

	Emotionally Attached - SD-1.net: Alias Discussion (Site not responding. Last check: 2007-10-11)
		Summary: Vaughn meets with the agency's psychiatrist to discuss his relationship with Sydney, then has the unpleasant task of informing Sydney that he may be removed as her handler.
		She then clears her throat and speaks in a tone that is completely professional, "Well, then, Agent Vaughn, it was very nice to have made your acquaintance.
		He pauses for a moment before continuing, "As you are aware, I was concerned that you're relationship with Agent Bristow has extended beyond purely professional and that you have developed an emotional attachment to her.
	sd-1.net /index.php?showtopic=3918 (3847 words)

	SANS Institute - Malware FAQ: Analysis on DDOS tool Stacheldraht v1.666
		Between the handler and the agent, ICMP and/or TCP are used (In the version 1.666 that I am analyzing, the TCP is disabled).
		Originally used to stop all agents, now it is removed to prevent intrusion analyst to identify the present of agents and stop it.
		Use rcp on the agent to copy to another machine, or download a new version to the agent, it is removed in version 1.666 due to insecure design.
	www.sans.org /resources/malwarefaq/stacheldraht.php (6737 words)

	MStream Agent to Handler Pong on Alternate Ports
		From the handler servers, the agents are given the go ahead to perform stream attacks against one or more target systems.
		Handler servers use User Datagram Protocol (UDP) port 7983 or 10498 to communicate with the agents.
		The agents respond via UDP port 9325 or 6838.
	www.juniper.net /security/auto/vulnerabilities/vuln800.html (206 words)

	MASH - Microsoft Agent Scripting Helper
		MASH is an easy-to-use program that lets you record and playback entertaining Microsoft Agent character presentations by simply dragging characters around the screen and directing what they say and do.
		Microsoft Agent is a technology that provides a foundation for more natural ways for people to communicate with their computers.
		Microsoft and the Microsoft Agent Logo are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries.
	www.bellcraft.com /mash (360 words)

	memorial2001 (Site not responding. Last check: 2007-10-11)
		Nikko and his Special Agent handler were dispatched to the Portland Division of the FBI on August 5, 2002 to assist in the ongoing search of kidnap victims in the Portland area.
		Bloodhounds provide virtually no protection for their handler, yet will usually trail for a much longer period of time and may be used effectively on a "cold trail".
		The canine handler may allow his dog to bite if the handler or dog is assaulted, to stop a felon from escaping, or to prevent a subject from injuring another citizen.
	members.dandy.net /~lulu/mem2004-12.html (1085 words)

	Shaft Agent to Handler Packet
		To communicate with the agents, the handler uses User Data Protocol (UDP) port 18753, while the agents responds using UDP port 20433.
		After the connections are made, the handler requests a password.
		For an ICMP flood attack, the agent broadcasts a large number of ICMP ECHO request packets to the target system, causing the target system to stop responding to incoming network requests.
	www.juniper.net /security/auto/vulnerabilities/vuln791.html (295 words)

	Bug ID: 4176736 -Xdebug hangs in 1.2fcs-K
		The class loader has thrown an exception (it does this as part of normal processing) so it must send an exception event to the event handler (but to do this it must get an event lock notification, which will never come because the event handler is waiting for the class loader lock).
		The traces provided by licensees show this scenario with the event handler and main threads in a variety of states.
		Proposed workaround: This problem is the result of an architectural flaw in sun.tools.debug: the back-end agent is written in Java and thus competes with the user program for resources.
	bugs.sun.com /bugdatabase/view_bug.do?bug_id=4176736 (545 words)

	israelinsider: politics: Mossad officer vows to free Pollard, but jailed agent says handler wanted to kill him
		Rafi Eitan, a legendary Israeli intelligence officer and the recruiter and handler of imprisoned spy Jonathan Pollard, said here yesterday if elected to a Knesset seat he would work for Pollard's release.
		But when Pollard arrived at the embassy, he was received at first then expelled into the custody of FBI agents waiting outside.
		Pollard's wife Esther told WND she was "stunned" by Eitan's recent statements about helping her husband, explaining she and attorney Larry Dub previously held a meeting in which Eitan said he would have killed Pollard if he had been present at the Israeli Embassy when Pollard sought sanctuary.
	web.israelinsider.com /Articles/Politics/7864.htm (1248 words)

	<tagset pia-xhtml> (Site not responding. Last check: 2007-10-11)
		Determine whether a given agent is currently running (installed in the PIA).
		It was once thought that this should be renamed ``agent'', but nothing else uses that, so it would be a mistake.
		Must be the same as the name of the entity in the AGENT namespace and the
	www.risource.org /PIA/Doc/Tagsets/tsdoc/pia-xhtml.html (428 words)

	Analysis of "stacheldraht"
		For more information on trinoo and TFN, see: http://staff.washington.edu/dittrich/misc/trinoo.analysis http://staff.washington.edu/dittrich/misc/tfn.analysis In late June and early July of 1999, one or more groups were installing and testing trinoo networks and waging medium to large scale denial of service attacks employing networks of over 2000 compromised systems.
		Once the agent has determined a list of potential handlers, it then starts at the beginning of the list of handlers and sends an ICMP ECHO_REPLY packet with an ID field containing the value 666 and data field containing the string "skillz".
		Dirty works fine for me. I found three agents when I ran it "live."] The strings "skillz", "spoofworks", "sicken", "niggahbitch", and "ficken" -- all sent in ICMP data segments -- are not encrypted, so are visible in the data portion of ICMP ECHO_REPLY packets.
	www.liquidmatrix.org /stacheldraht.htm (3271 words)

	[No title]
		The prompt shows the number of agents that are believed to be active ("a!") and dead ("d!") at the time.
		When each agent starts up, it attempts to read a master server configuration file to learn which handler(s) may control it.
		There is also a code in the agent to perform an ID test, sending an ICMP_ECHOREPLY packet with an ID field value of 669, and the string "sicken\n" in the data field.
	www.securitybugware.org /mUNIXes/4206.html (3486 words)

	handler - OneLook Dictionary Search
		Handler, handler : LookWAYup Translating Dictionary/Thesaurus [home, info]
		Phrases that include handler: baggage handler, a20 handler, agent handler, animal handler, daniel handler, more...
		Words similar to handler: coach, manager, animal trainer, more...
	www.onelook.com /?w=handler (211 words)

	Sun ONE Integration Server, Secure Trading Agent 1.0 User's Guide: Chapter 4 Secure Trading Agent Tools and ...
		Secure Trading Agent provides tools and utilities to all users that can help you configure your system and monitor performance.
		The Secure Trading Agent Communications Center provides a page that allows you to monitor the status of the Secure Trading Agent message handler.
		When you send a message, Secure Trading Agent creates a Message Key and a longer Message Id. The Message Key and the Message Id are available when viewing details about a conversation.
	docs.sun.com /source/816-6462-10/utilities.html (621 words)

	[No title] (Site not responding. Last check: 2007-10-11)
		Recently a distributed denial of service (DDoS) attack tool known as "mstream" has surfaced inside the cracker and security communities.
		This tool allows malicious individuals to perform denial of service attacks against target hosts in a large-scale fashion, using a number of centrally controlled attacker agents.
		Source code for the "mstream" DDoS tool was posted to both the vuln-dev and BUGTRAQ mailing lists on April 29, 2000.
	www.megasecurity.org /Dos/Turner.mstream.txt (749 words)

	[No title]
		Handler is responsible for calling a specific method //.
		bind the Agent to the Dispatcher, which increments the ref counter, and //.
		release the Agent from the Dispatcher, which decrements the ref counter.
	lists.spi-inc.org /pipermail/fresco-changes/2003-November.txt (3698 words)

	Novell Documentation: ZENworks for Servers 3.0.2 - Inventory Agent Error Messages on NetWare Servers
		2095: The previous instance of the Inventory Agent is still active.
		2097: Unable to set the state for the Inventory Agent.
		2098: Unable to reset the state for the Inventory Agent.
	www.novell.com /documentation/zfs302/zfs_trouble/data/agb2kyh.html (312 words)

	Interesting title - SD-1.net: Alias Discussion (Site not responding. Last check: 2007-10-11)
		yeah, maybe there's a reference to one of the books jack gave syd's mom...by the way, maybe it's a code of conduct for sd-6 members or cia agents and it's in a book....
		you never know...there probably is something in the code of conduct about personal involvement between a handler and agent.
		a book, BUT what if "page" didn't mean a page in a book - but like page agent 47.
	sd-1.net /index.php?showtopic=672 (555 words)

	[No title]
		In late August/early September of 1999, focus began to shift from trinoo to TFN, presumed to be the original code by Mixter.
		http://staff.washington.edu/dittrich/ Appendix A - Perl script "gag" to detect stacheldraht agents ------------------------------------------------------------ ------------------------------- cut here ----------------------------------- #!/usr/bin/perl # # gag v.
		# # Send an ICMP_ECHOREPLY packet with ID of 668 to a stacheldraht # agent, causing it to reply to the sending host with an # ICMP_ECHOREPLY packet with an ID of 669 and the string "sicken\n" # in the data field of the packet.
	staff.washington.edu /dittrich/misc/stacheldraht.analysis (3381 words)

Try your search on: Qwika (all wikis)