SEMINAR REPORT

ON
TROJAN HORSE

Submitted by:D.Sreekanth
Roll no.14FE1A1248
III B.TECH IT I SEMISTER
Department of Information Technology
VIGNANS LARA INSTITUTION OF TECHNOLOGY AND
SCIENCE

CONTENTS

1. ACKNOWLEDGEMENT

2. COMPUTER VIRUSES

3. PREMILINARIES

11

4. TROJAN HORSES

19

5. LIST OF TROJAN HORSES

6. TYPES OF TROJAN HORSE PAYLOADS

24
28

7. TROJAN HORSE ATTACKS

30

8. COMBATING TROJAN HORSES

36

9. CONCLUSION

37

10. BIBILOGRAPHY

38

COMPUTER VIRUSES

Computer viruses are small software programs that are designed to spread from one
computer to another and to interfere with computer operation.
A virus might corrupt or delete data on your computer, use your e-mail program to spread
itself to other computers, or even erase everything on your hard disk.
Viruses are most easily spread by attachments in e-mail messages or instant messaging
messages. That is why it is essential that you never open e-mail attachments unless you
know who it's from and you are expecting it.
Viruses can be disguised as attachments of funny images, greeting cards, or audio and
video files.
Viruses also spread through downloads on the Internet. They can be hidden in illicit
software or other files or programs you might download.
To help avoid viruses, it's essential that you keep your computer current with the latest
updates and antivirus tools, stay informed about recent threats, and that you follow a few
basic rules when you surf the Internet, download files, and open attachments.
Once a virus is on your computer, its type or the method it used to get there is not as
important as removing it and preventing further infection.

Key Terms To Understanding Computer Viruses:

Virus
A program or piece of code that is loaded onto your computer without your knowledge
and runs against your wishes.

Trojan Horse
A destructive program that masquerades as a benign application. Unlike viruses, Trojan
horses do not replicate themselves

Worm
A program or algorithm that replicates itself over a computer network and usually
performs malicious actions

Blended Threat
Blended threats combine the characteristics of viruses, worms, Trojan Horses, and
malicious code with server and Internet vulnerabilities .

Antivirus Program
A utility that searches a hard disk for viruses and removes any that are found.

The internet consists of hundreds of millions of computers distributed around the world.
Millions of people use the internet daily, taking full advantage of the available services at
both personal and professional levels. The internet connectivity among computers on
which the World Wide Web relies, however renders its nodes on easy target for malicious
users who attempt to exhaust their resources or damage the data or create a havoc in the
network. Computer Viruses, especially in recent years, have increased dramatically in
number. One of the most highprofile threats to information integrity is the Computer
Virus.
Surprisingly, PC viruses have been around for two-thirds of the IBM PCs lifetime,
appearing in 1986. With global computing on the rise, computer viruses have had more
visibility in the past few years. In fact, the entertainment industry has helped by
illustrating the effects of viruses in movies such as Independence Day, The Net, and
Sneakers. Along with computer viruses, computer worms are also increasing day by
day. So, there is a need to immunise the internet by creating awareness in the people
about these in detail. In this paper I have explained the basic concepts of viruses and
worms and how they spread.
.

Techniques for Creating Secure Systems

The following techniques can be used in engineering secure systems. These techniques,
whilst useful, do not of themselves ensure security. One security maxim is "a security

Trojan Horse Attacks

If you were referred here, you may have been "hacked" by a Trojan horse attack. It's
crucial that you read this page and fix yourself immediately. Failure to do so could result
in being disconnected from the IRC network, letting strangers access your private files, or
worst yet, allowing your computer to be hijacked and used in criminal attacks on others.

Trojan horse attacks pose one of the most serious threats to computer security. If you
were referred here, you may have not only been attacked but may also be attacking others
unknowingly. This page will teach you how to avoid falling prey to them, and how to
repair the damage if you already did. According to legend, the Greeks won the Trojan war
by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy. In
today's computer world, a Trojan horse is defined as a "malicious, security-breaking
program that is disguised as something benign". For example, you download what
appears to be a movie or music file, but when you click on it, you unleash a dangerous
program that erases your disk, sends your credit card numbers and passwords to a
stranger, or lets that stranger hijack your computer to commit illegal denial of service
attacks like those that have virtually crippled the DALnet IRC network for months on
end.
The following general information applies to all operating systems, but by far most of the
damage is done to/with Windows users due to its vast popularity and many weaknesses.
(Note: Many people use terms like Trojan horse, virus, worm, hacking and cracking all
interchangeably, but they really don't mean the same thing. If you're curious, here's a
quick primer defining and distinguishing them. Let's just say that once you are "infected",
trojans are just as dangerous as viruses and can spread to hurt others just as easily!)

II. How can one get infected?

Trojans are executable programs, which means that when you open the file, it will
perform some action(s). In Windows, executable programs have file extensions like
"exe", "vbs", "com", "bat", etc. Some actual trojan filenames include: "dmsetup.exe" and
"LOVE-LETTER-FOR-YOU.TXT.vbs" (when there are multiple extensions, only the last
one counts, be sure to unhide your extensions so that you see it

Trojans can be spread in the guise of literally ANYTHING people find desirable, such as
a free game, movie, song, etc. Victims typically downloaded the trojan from a WWW or
FTP archive, got it via peer-to-peer file exchange using IRC/instant messaging/Kazaa
etc., or just carelessly opened some email attachment. Trojans usually do their damage
silently. The first sign of trouble is often when others tell you that you are attacking them
or trying to infect them!

III. How do one avoid getting infected in the future?

You must be certain of BOTH the source AND content of each file you download! In
other words, you need to be sure that you trust not only the person or file server that gave
you the file, but also the contents of the file itself.
.
1. NEVER download blindly from people or sites which you aren't 100% sure
about. In other words, as the old saying goes, don't accept candy from strangers.
If you do a lot of file downloading, it's often just a matter of time before you fall
victim to a trojan.

2. Even if the file comes from a friend, you still must be sure what the file is
before opening it, because many trojans will automatically try to spread
themselves to friends in an email address book or on an IRC channel. There is
seldom reason for a friend to send you a file that you didn't ask for. When in
doubt, ask them first, and scan the attachment with a fully updated anti-virus
program.

3. Beware of hidden file extensions! Windows by default hides the last extension of
a file, so that innocuous-looking "susie.jpg" might really be "susie.jpg.exe" - an
executable trojan! To reduce the chances of being tricked, unhide those pesky
extensions.

4. NEVER use features in your programs that automatically get or preview

files. Those features may seem convenient, but they let anybody send you
anything which is extremely reckless. For example, never turn on "auto DCC get"
in mIRC, instead ALWAYS screen every single file you get manually. Likewise,
disable the preview mode in Outlook and other email programs.

5. Never blindly type commands that others tell you to type, or go to web
addresses mentioned by strangers, or run pre-fabricated programs or scripts
(not even popular ones). If you do so, you are potentially trusting a stranger with
control over your computer, which can lead to trojan infection or other serious
harm.

6. Don't be lulled into a false sense of security just because you run anti-virus
programs. Those do not protect perfectly against many viruses and trojans, even
when fully up to date. Anti-virus programs should not be your front line of
security, but instead they serve as a backup in case something sneaks onto your
computer.

7. Finally, don't download an executable program just to "check it out" - if it's a

trojan, the first time you run it, you're already infected!

IV. How can one get rid of trojans?!?

Here are your many options, none of them are perfect. I strongly suggest you read
through all of them before rushing out and trying to run some program blindly.
Remember - that's how you got in this trouble in the first place. Good luck!
1. Clean Re-installation: Although arduous, this will always be the only sure way
to eradicate a trojan or virus. Back up your entire hard disk, reformat the disk, reinstall the operating system and all your applications from original CDs, and
finally, if you're certain they are not infected, restore your user files from the
backup. If you are not up to the task, you can pay for a professional repair service
to do it.

2. Anti-Virus Software: Some of these can handle most of the well known trojans,
but none are perfect, no matter what their advertising claims. You absolutely
MUST make sure you have the very latest update files for your programs, or else
they will miss the latest trojans. Compared to traditional viruses, today's trojans
evolve much quicker and come in many seemingly innocuous forms, so anti-virus
software is always going to be playing catch up. Also, if they fail to find every
trojan, anti-virus software can give you a false sense of security, such that you go
about your business not realizing that you are still dangerously compromised.
There are many products to choose from, but the following are generally
effective: AVP, PC-cillin, and McAfee VirusScan. All are available for immediate
downloading typically with a 30 day free trial. For a more complete review of all
major anti-virus programs, including specific configuration suggestions for each,
see the HackFix Project's anti-virus software page [all are ext. links]. When you
are done, make sure you've updated Windows with all security patches [ext. link].

3. Anti-Trojan Programs: These programs are the most effective against trojan
horse attacks, because they specialize in trojans instead of general viruses. A
popular choice is The Cleaner, $30 commercial software with a 30 day free trial.
To use it effectively, you must follow hackfix.org's configuration suggestions
[ext. link]. When you are done, make sure you've updated Windows with all
security patches [ext. link], then change all your passwords because they may
have been seen by every "hacker" in the world.

4. IRC Help Channels: If you're the type that needs some hand-holding, you can
find trojan/virus removal help on IRC itself, such as EFnet #dmsetup or DALnet
#NoHack. These experts will try to figure out which trojan(s) you have and offer
you advice on how to fix it. The previous directions were in fact adapted from
advice given by EFnet #dmsetup.

Combating Trojan Horses

The first steps to protecting your computer are to ensure your operating system (OS) is
up-to-date. This is essential if you are running a Microsoft Windows OS. Secondly, you
should have anti-virus software installed on your system and ensure you download
updates frequently to ensure your software has the latest fixes for new viruses, worms,
and Trojan horses. Additionally, you want to make sure your anti-virus program has the
capability to scan e-mail and files as they are downloaded from the Internet. This will
help prevent malicious programs from even reaching your computer. You should also
install a firewall as well.

A firewall is a system that prevents unauthorized use and access to your computer. A
firewall can be either hardware or software. Hardware firewalls provide a strong degree
of protection from most forms of attack coming from the outside world and can be
purchased as a stand-alone product or in broadband routers. Unfortunately, when battling
viruses, worms and Trojans, a hardware firewall may be less effective than a software
firewall, as it could possibly ignore embedded worms in out going e-mails and see this as
regular network traffic. For individual home users, the most popular firewall choice is a
software firewall. A good software firewall will protect your computer from outside
attempts to control or gain access your computer, and usually provides additional
protection against the most common Trojan programs or e-mail worms. The downside to
software firewalls is that they will only protect the computer they are installed on, not a
network.

It is important to remember that on its own a firewall is not going to rid you of your
computer virus problems, but when used in conjunction with regular operating system
updates and a good anti-virus scanning software, it will add some extra security and
protection for your computer or network.

CONCLUSION

The seminar preperation period was really a very enriching and

informative experience for me .. The making of the seminar has enhanced my practical
knowledge and taught me about a very interesting yet a new topic to me.. The regular
guidance and constant watch never let us frivolous and kept me aware of what was going
on in other parts of the department and the world. In the end, we would once again thank,
all the persons who made such kind of project work possible for us.

BIBILOGRAPHY

1) Google.com
2) Symantec.com
3) Wikipedia