■It is a legitimate program that has been altered by the placement of unauthorized code within it; this code performs functions unknown (and probably unwanted) by the user.
■Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.
Working of Trojans
■Attacker gets access to the trojaned system as the system goes online
■By way of the access provided by the trojan attacker can stage attacks of different types.
Various Trojan Types
■Remote Access Trojans
■Password Sending Trojans
■Keyloggers
■Destructive
■Denial Of Service (DoS) Attack Trojans
■Proxy/Wingate Trojans
■FTP Trojans
■Software Detection Killers
Modes of Transmission
■Attachments
■Physical Access
■Browser And E-mail Software Bugs
■NetBIOS (File Sharing)
■Fake Programs
■Un-trusted Sites And Freeware Software
Backdoor Countermeasures
■Most commercial ant-virus products can automatically scan and detect backdoor programs before they can cause damage (Eg. before accessing a floppy, running exe or downloading mail)
■An inexpensive tool called Cleaner (http://www.moosoft.com/cleanet.html) can identify and eradicate 1000 types of backdoor programs and trojans.
■Educate your users not to install applications downloaded from the internet and e-mail attachments.
0 comments:
Post a Comment