2.5 TROJAN HORSES

 Each kind of virus has different goals and objectives as we saw in the case of the previous two. Like a virus, a Trojan horse is a hidden piece of code. Viruses enter in a system secretly where Trojan horse enter by deceiving a user. A user allows or invites a Trojan into the system, believing in it, but actually Trojan horse contain some malicious code to perform some malicious activity.

Before a Trojan can attack, it must find a way to entice the victim to copy, download and run it. Since few people would knowingly run a malicious program, Trojan must disguise themselves as other programs that the victim believes to be harmless (such as games, utilities or popular applications). This is not all, besides disguising themselves as harmless programs, Trojan horses can also disguise themselves into a legitimate program, such as Adobe Photoshop or Microsoft Excel. To do this, malicious hackers have created special wrapper or binder programs with names such as Saran Wrap, silk rope which can package any Trojan inside another program thereby reducing the Software Vulnerabilities likelihood that someone would discover it. Since most users won’t suspect that a program from a large, well known publisher would contain a Trojan, the victim is likely to run the linked program containing the Trojan. Once someone has written a Trojan, the next step is to spread it by copying in onto a victim’s computer, posting it on a website for others to download, sending it as a file attachment via email. If someone has a physical access to your computer, he can simply copy a Trojan to your hard disk. If the attacker is particularly skilled he can create a custom Trojan that mimics the appearance of a program that it unique to that particular computer such as a company database program.

Trojans are commonly found on the websites which offer free software, such as shareware programs. Even some people post Trojans on their own websites and pretend to offer hacker tools or pornographic files for others to download. Naturally some of these files are Trojans, so as soon as an unwary user downloads and runs them, the program causes the damage as intended by their creator. Another common way to spread a Trojan is to attach the program file to an email attachment which might look similar to a useful utility, a contest announcement or tempting software.

Many people even send Trojans to people visiting online chat room because in that case they don’t have to find even the email ids of the recipients. The hacker typically invokes a friendly conversation with a potential victim and then offers to send the person a hacker program or a tempting file. When the victim accepts the file and tries to open it, the Trojan attacks. Hackers also send Trojans to people who use instant messaging services such instant messenger.

If someone has physical access to your computer, he can simply copy a Trojan horse to your hard disk. If the attacker is particularly skilled, he can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer, such as a corporate login screen or a company database program. Not only would such a Trojan horse be more likely to trick its victim, but the Trojan horse could also perform an action specific to that particular computer, such as stealing a company's list of credit card numbers or copying the source code of a game company's unreleased products and posting them on the Internet.

2.5.1 Types of Trojan

Once a Trojan has entered your computer , it may offer different kinds of attacks which range from harmless to destructive including displaying taunting or annoying messages , wiping out data, stealing information such as password, placing another malware on the PC, allowing remote access to your computer. Some of them are listed as under:

· Joke Trojan: A joke Trojan causes no damage but may play an annoying sound from a computer’s speaker, warp the appearance of the computer screen ,or display a taunting message on the screen

· NVP Trojan: NVP Trojan is a Macintosh Trojan that modifies the system file so that when the user types any text, the vowels (a,e,i,o,u) fail to appear.

· IconDance Trojan: The IconDance minimizes all application windows and then starts rapidly  scrambling all the desktop icons, it does nothing more than make you take the time to reorganize your desktop window.

· Destructive Trojans: These either wipe out the hard drive or selectively delete or modify certain files. The password stealing Trojans steal the passwords typed through the user’s computer.

2.5.2 Stopping Trojan Horses

To protect yourself against Trojan horses, use a combination of different protective tools and a little common sense.

First of all, make sure you know who has access to your computer. Lock it up, password protect it, or disconnect it from a network if you're not using it.

Second, be careful where you get your software. Anytime someone tries to give you a program through email, a chat room, or an instant message, watch out! That program could be infected with a Trojan horse, either with or without the sender's knowledge. 

When downloading software, download only from the software publisher's official website. If you download a program from another website, someone could have inserted a Trojan horse into that program. Many hacker websites even post pirated software and hacker tools for others to download, and some of those files could also be infected with a Trojan horse.

But no matter how careful you may be with your computer, someone could also slip a Trojan horse on your computer in your absence. To further protect yourself, consider installing a rollback program, an antivirus program, a firewall, and an anti–Trojan horse program.

Rollback programs: One of the biggest problems with today's software is that much of it, once installed, seems to muck up even perfectly fine computers. Rollback programs guard against these problems by tracking changes made to your hard disk and taking periodic "snapshots" of the contents of your hard disk. That way, if a newly installed program crashes your computer, you can run the rollback program to undo the changes you made to your hard disk and return your computer to its prior condition.

Although originally designed to protect against software conflicts, rollback programs can also protect your computer against viruses or Trojans. The moment a Trojan wipes out your data, run your rollback program to return your computer to the state it was in before the Trojan horse wiped out your hard disk.

While rollback programs can recover your computer from damage caused by a Trojan horse, virus, or even hard disk crash, they can't prevent problems from happening in the first place. But when used together with frequent backups, a rollback program can provide valuable insurance for your important data and reduce the chance that a Trojan horse attack will prove catastrophic.

Some of the more popular rollback programs that you can buy include ConfigSafe (http://www.imaginelan. com), FlashBack (http://www.aladdinsys.com), GoBack (http://www.roxio.com), EasyRestore (http://www.powerquest.com), and Undelete (http://www.execsoft.com).

Antivirus programs: Although antivirus programs are designed to detect and remove Software Vulnerabilities computer viruses, many can also detect and remove the client files of the more common RATs. However, antivirus programs may only recognize the most popular Trojans, so they may not protect you against lesserknown, destructive Trojans, RATs, or custom Trojans. Consider an antivirus program a supplement to the defense of your computer, but not your sole defense against Trojan horses.

An antivirus program employed with a variety of strategies. The one of the strategy is Signatures which is involving in search out known malicious patterns in exe code.

Whenever viruses are created then a signatures can be updated; users can infected at any time between creation and distribution of a signature such virus called zeroday viruses. Using Antivirus program regularly harms the computer performance.

Firewalls: A firewall can isolate your computer network from any outside threats. While a firewall can't remove a Trojan horse, it can monitor and shut down external traffic flowing through any open ports on your computer. By shutting down a port, a firewall prevents hackers from accessing your computer through a RAT. Firewalls can also track and log all attempts to access your computer, trace an intruder probing your computer for openings and sound an alarm whenever someone tries to access your computer without your permission.


Comments

Post a Comment

Popular posts from this blog

3.8 SECURE NETWORK DEVICES

 In this unit, we have already learnt that the firewall is only one entry point to your network. Modems, if you allow them to answer incoming calls, can provide an easy means for an attacker to sneak around, your front door (or, firewall). Just as castlesweren't built with moats only in the front, your network needs to be protected at all of its entry points. Secure Modems, DialBack Systems If modem access is to be provided, this should be guarded carefully. The terminal server, or network device that provides dialup access to your network needs to be actively administered, and its logs need to be examined for strange behavior. Its passwords need to be strong not ones that can be guessed. Accounts that aren't actively used should be disabled. In short, it's the easiest way to get into your network from remote: guard it carefully. There are some remote access systems which have the feature of a twopart procedure to establish a connection. The first part is the remote user di...
Read more

3.5 SECURITY ISSUES FOR SMALL AND MEDIUM SIZED BUSINESSES

 Small and medium sized businesses use the Internet and networked applications to reach new customers and serve their existing ones more effectively. At the same time, new security threats and legislation puts increased pressure on business networks to be reliable and secure. Business Challenges According to recent studies, security is the biggest challenge facing small and mediumsized businesses. Everchanging security threats from both inside and outside the business network can wreak havoc on business operations, affecting profitability and customer satisfaction. Small and mediumsized businesses must also comply with new regulations and laws created to protect consumer privacy and secure electronic information. Security issues for small and medium – sized businesses are classified into 5 basic categories: Worms and Viruses As per research, Computer worms and viruses remain the most common security threat, with 75 percent of small and medium businesses affected by it.. Worms and v...
Read more

3.4 TOPOLOGIES

Image
 In computer networking, topology refers to the layout of connected devices. You can think of a topology as a structure of a network. This shape does not necessarily correspond to the actual physical layout of the devices on the network. Network Topology is the study of the arrangement or mapping of the elements (links, nodes, etc.) of a network interconnection between the nodes. It also determines the strategy for physically expanding the network, in future Topologies can be physical or logical. Physical Topology means the physical design of a network including the devices, location and cable installation. Logical Topology refers to the fact that how data actually transfers in a network as opposed to its design. Following are the considerations for choosing a Topology: · Costing: Some kind of topology may be less expensive compared to others in terms of installation (for example Bus topology). · Length of cable: It is needed to connect machines in a network. · Network scalability:...
Read more