Scribd

Upload a Document

Search Documents

Explore

Aryan Sahu

Welcome to Scribd - Where the world comes to read, discover, and share...

We’re using Facebook to give you reading recommendations based on what

your friends are sharing and the things you like. We've also made it easy to
connect with your friends: you are now following your Facebook friends who
are on Scribd, and they are following you! In the future you can access your
account using your Facebook login and password.

Learn moreNo thanks

Some of your friends are already on Scribd:

Ravi Sahoo

Orange Aier

Pallabi Joshi

Alok Dash

Rasmita Parida

Om Kumar

Tumbanath Dash

Sibabrata Mantri

Bibhuprasad Samal

Nirmalya Mohapatra

/ 5
Download this Document for Free

in the first place (i.e making the OS do something it wasn't supposed to be

doing).Such security loopholes are called Trojan Horses.

Trojan horses are broken down in classification based on how they breach
systemsand the damage they cause. The seven main types of Trojan horses
are:

REMOTE ACESS TROJANS

Abbreviated as RATs, a Remote Access Trojan is one of seven major typesof

Trojan horses designed to provide the attacker with complete control of the
victim's system. Attackers usually hide these Trojan horses in gamesand
other small programs that unsuspecting users then execute on theirPCs.

ATA SEN

DI

NG TROJANS

A type of a Trojan horse that is designed to provide the attacker withsensitive

data such as passwords, credit card information, log files, e-mailadresses or
IM contact lists. These Trojans can look for specific pre-defineddata (e.g., just
credit card information or passwords), or they could install akeylogger and
send all recorded keystrokes back to the attacker.

ESTRUCT

IV

E TROJANS

A type of Trojan horses designed to destroy and delete files, and is morelike a
virus than any other Trojan. It can often go undetected by AntivirusSoftware.
P

ROXY TROJANS

A type of Trojan horse designed to use the victim's computer as a

proxyserver. This gives the attacker the opportunity to do everything
fromyour computer, including the possibility of conducting credit card fraud
andother illegal activities, or even to use your system to launch
maliciousattacks against other networks.

TROJANS

A type of Trojan horse designed to open port 21 (the port for FTP transfer)and
lets the attacker connect to your computer using File Transfer Protocol(FTP).

SECUR

TY SO

TWARE

A type of Trojan horse designed stop or kill security programs such asan
antivirus program or firewall without the user knowing. This Trojan typeis
normally combined with another type of Trojan as a payload.

DENIAL OF SERVICE ATTACK (DOS) TROJANS

Short for

enial-
o

f-

ervice attack,

a type of attack on a network that isdesigned to bring the network to its

knees by flooding it withuseless traffic. Many DoS attacks, such as the

ing of Death

and

Teardrop

attacks, exploit limitations in the TCP/IP protocols. Forall known DoS attacks,
there are software fixes that system administratorscan install to limit the
damage caused by the attacks. But, like viruses, newDoS attacks are
constantly being dreamed up by hackers.

recautions against Trojan horses

Trojan horses can be protected against through end-user awareness, namely

to treatthem like a virus. Viruses can cause a great deal of damage to a
personal computer but even more damage to a business, particularly a small
business that usually doesnot have the same virus protection capabilities as
a large business. Since a TrojanHorse virus payload is hidden, it is harder to
protect yourself or your companyfrom it, but there are things that you can
do.Trojan Horses are most commonly spread through an e-mail, much like
other typesof common viruses. The only difference being of course is that a
Trojan Horsepayload is hidden. The best ways to protect yourself and your
company fromTrojan Horses are as follows:1.

If you receive e-mail from someone that you do not know or you receive
anunknown attachment, never open it right away. As an e-mail user,
youshould confirm the source. Some hackers have the ability to steal
addressbooks, so if you see e-mail from someone you know, it is not
necessarilysafe.2.
When setting up your e-mail client, make sure that you have the settings
sothat attachments do not open automatically. Some e-mail clients come
readywith an anti-virus program that scans any attachments before they
areopened. If your client does not come with this, it would be best to
purchaseone or download one for free.3.

If you are using a commercial operating system, make sure your computer
has an anti-virus program on it and update it regularly. If you have an auto-
update option included in your anti-virus program you should turn it on; that

way if you forget to update your software you can still be protected
fromthreats. In case of having a UNIX-based OS, the risks are greatly
reduced.4.

Operating systems offer patches to protect their users from certain

threats.Software developers like Microsoft offer patches that in a sense "close
thehole" that the Trojan horse or other virus would use to get through to your
system. If you keep your system updated with these patches, your computer
is kept much safer. However, it should be noted that ill designed patches
cansometimes put computers more at risk as they may open new "holes".5.

Avoid using peer-to-peer or P2P sharing networks like Kazza, Limewire,Ares,

or Gnutella because they are generally unprotected from viruses andTrojan
Horse viruses spread through them especially easily. Some of theseprograms
do offer some virus protection, but this is often not strong enough.If you insist
on using P2P, it would be safe to not download files that claimto be "rare"
songs, books, movies, pictures, etc.6.

If you do download files from file-sharing networks, always

scan the fileyou download

. Even if you trust the source, the file may be infected withouttheir
knowlegde. Most anti-virus software will auto-scan downloads, if youhave the
option enabled. If not, then the onus is upon you to perform thescan. As you
would scan any email attachment you receive, so should youscan any file you
download from someone else (and in rare cases, fromtrusted sites).Besides
these sensible precautions, one can also install anti-trojan software, someof
which is offered free.

Methods of

nfection

The majority of trojan horse infections occur because the user was tricked
intorunning an infected program. This is why it is advised to not open
unexpectedattachments on emails -- the program is often a cute animation or
a sexy picture,but behind the scenes it infects the computer with a trojan or
worm. The infectedprogram doesn't have to arrive via email, though; it can
be sent to you in an InstantMessage, downloaded from a Web site or by FTP,
or even delivered on a CD or floppy disk. (Physical delivery is uncommon, but
if you were the specifi c target of an attack, it would be a fairly reliable way to
infect your computer.) Furthermore,an infected program could come from
someone who sits down at your computer and loads it manually. The chances
of receiving the virus through an instantmessage are very low. It is usually
received through a download.

Open ports:

Computers running their own servers (HTTP, FTP, or SMTP, for

example),allowing Windows file sharing, or running programs that provide
filesharingcapabilities such as Instant Messengers (AOL's AIM, MSN
Messenger, etc.) may

have vulnerabilities similar to those described above. These programs and

servicesmay open a network port giving attackers a means for interacting
with theseprograms from anywhere on the Internet. Vulnerabilities allowing
unauthorizedremote entry are regularly found in such programs, so they
should be avoided or properly secured.A firewall may be used to limit access
to open ports. Firewalls are widely used inpractice, and they help to mitigate
the problem of remote trojan insertion via openports, but they are not a
totally impenetrable solution, either.Some of the modern trojans that come
through messages. They come in as a veryimportant looking message, but
contain trojans, the executable files are same or look same as that of
windows system processes like 'Svchost.exe', some of the look alike trojans
are:

y
Svchost32.exe

Svhost.exe

back.exe

Road apple

A road apple is a real-world variation of a Trojan Horse that uses physical

mediaand relies on the curiosity of the victim. The attacker leaves a malware
infectedfloppy disc, CD ROM or USB key in a location sure to be found
(bathroom,elevator, sidewalk), gives it a legitimate looking and curiosity
piquing label - andsimply waits.Example: Get corporate logo off target's web
site, make a disk label using logo andwrite "Executive Salary Summary Q1
2007" on the front.

Methods of

eletion

Since trojan horses take a variety of forms, there isn't a single method for
deletingthem. The simplest responses involve clearing the temporary internet
files on acomputer, or finding the file and deleting it manually. In some cases,
registryediting or other treatments are needed.

Well-known Trojan horses

Downloader EV

Pest trap
y

Netbus

Flooder

Trojan-Horse-Doc

Download this Document for FreePrintMobileCollectionsReport Document

Info and Rating

rajeshkutiwari

Share & Embed

Related Documents

PreviousNext

p.

p.

p.

p.

p.

p.

p.

p.

p.

p.

p.

p.
 p.

p.

p.

p.

p.

More from this user

PreviousNext

5 p.

78 p.

485 p.

Add a Comment

Upload a Document

Search Documents

Follow Us!

scribd.com/scribd

twitter.com/scribd

facebook.com/scribd

About

Press

Blog

Partners
 Scribd 101

Web Stuff

Scribd Store

Support

FAQ

Developers / API

Jobs

Terms

Copyright

Privacy

Copyright © 2011 Scribd Inc.

Language:

English