Friday, February 4, 2011

Know More About Trojans and Backdoors

A Trojan horse is an unauthorized program contained within a legitimate program. This unauthorized program performs functions unknown (and probably unwanted) by the user.

  • It is a legitimate program that has been altered by the placement of unauthorized code within it; this code performs functions unknown (and probably unwanted) by the user.
  • Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.
Working of Trojans
  • Attacker gets access to the trojaned system as the system goes online
  • By way of the access provided by the trojan attacker can stage attacks of different types.
Various Trojan Types
  • Remote Access Trojans
  • Password Sending Trojans
  • Keyloggers
  • Destructive
  • Denial Of Service (DoS) Attack Trojans
  • Proxy/Wingate Trojans
  • FTP Trojans
  • Software Detection Killers
Modes of Transmission
  • Attachments
  • Physical Access
  • Browser And E-mail Software Bugs
  • NetBIOS (File Sharing)
  • Fake Programs
  • Un-trusted Sites And Freeware Software
Backdoor Countermeasures
  • Most commercial ant-virus products can automatically scan and detect backdoor programs before they can cause damage (Eg. before accessing a floppy, running exe or downloading mail)
  • An inexpensive tool called Cleaner (http://www.moosoft.com/cleanet.html) can identify and eradicate 1000 types of backdoor programs and trojans.
  • Educate your users not to install applications downloaded from the internet and e-mail attachments.


No comments: