Saturday, February 12, 2011

Trojans and Backdoors


A Trojan horse is an unauthorized program contained within a legitimate program. This unauthorized program performs functions unknown (and probably unwanted) by the user.

* It is a legitimate program that has been altered by the placement of unauthorized code within it; this code performs functions unknown (and probably unwanted) by the user.
* Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.





Working of Trojans
* Attacker gets access to the trojaned system as the system goes online.
* By way of the access provided by the trojan attacker can stage attacks of different types.


Various Trojan Types
* Remote Access Trojans
* Password Sending Trojans
* Keyloggers
* Destructive
* Denial Of Service (DoS) Attack Trojans
* Proxy/Wingate Trojans
* FTP Trojans
* Software Detection Killers


Modes of Transmission
* Attachments
* Physical Access
* Browser And E-mail Software Bugs
* NetBIOS (File Sharing)
* Fake Programs
* Un-trusted Sites And Freeware Software


Backdoor Countermeasures
* Most commercial ant-virus products can automatically scan and detect backdoor programs before they can cause damage (Eg. before accessing a floppy, running exe or downloading mail).
* An inexpensive tool called Cleaner can identify and eradicate 1000 types of backdoor programs and trojans.
* Educate your users not to install applications downloaded from the internet and e-mail attachments.

No comments:

Post a Comment