Professional Documents
Culture Documents
Trojan Horse
Agenda
Introduction of Trojan Horse Objectives of Trojan Horse Types of Trojan Horses Trojan Horse Techniques Implementation with an example Prevention Methods Q&A
Trojan Horse program is a unique form of computer attack that allows a remote user a means of gaining access to a victim's machine without their knowledge.
Trojan
Creating a "backdoor" that allows remote access to control your machine Recording keystrokes to steal credit card or password information Commandeering your system to distribute malware or spam to other computers Spying on your activities by sending screenshots of your monitor to a remote location
abcd.shs where by default the shs file will not be displayed in the system"
Create another file and process with same name eg. UNIX init process.
2) Creates %System%\Rsasec.dll, which is a key logger and %System%\rsacb.dll, which is actually a text file key logger file. 3) Adds a registry key value "wmiprvse.exe"="%system%\wmiprvse.exe" , to the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, so that the Trojan runs when you start Windows.
Install latest security patches for the operating system. Install Anti-Trojan software.
Install anti-virus software and update it regularly Install a secure firewall Do not give strangers access (remote as well as physical) to your computer. Do not run any unknown or suspicious executable program just to "check it out". Scan all email attachments with an antivirus program before opening it.
Do regular backup of your system. Do not use the features in programs that can automatically get or preview files. Do not type commands that others tell you to type, or go to web addresses mentioned by strangers. Never open instant message (IM) attachments from unknown people. Do not use peer-to-peer or P2P sharing networks, such as Kazaa, Limewire, Gnutella, etc. as they do not filter out malicious programs hidden in shared files. Educate your coworkers, employees, and family members about the effects of Trojan Horse. Finally, protection from Trojans involves simple common sense
References
[1] Trojan horse, http://www.webopedia.com/TERM/R/Remote_Access_Trojan.html [2] The corporate threat posed by email Trojans, http://www.gfi.com/whitepapers/network-protection-against-trojans.pdf [3] Trojan.Gletta.A, June 09, 2004 http://www.sarc.com/avcenter/venc/data/trojan.gletta.a.html [4] What You Click May Not Always Be What You Get!, Robert B. Fried, http://www.crime-scene-investigator.net/TrojanHorse.pdf [5] Trojan Programs, http://www.viruslist.com/en/virusesdescribed?chapter=152540521 [6]. Lo, Joseph, "Trojan Horse or Virus?", Feb 5, 2006 http://www.irchelp.org/irchelp/security/trojanterms.html
[7]. Delio, Michelle, "Viruses? Feh! Fear the Trojan". May 24, 2001. http://www.wired.com/news/infostructure/0,1377,43981,00.html
[8] Trojan horse, http://www.cybertraveler.org/trojan_horse.html [9]Microsoft CRM Implementation Guide - Planning the Security of your Microsoft CRM System, http://www.microsoft.com/technet/prodtechnol/mscrm/mscrm1/plan/13_secur.mspx [10] Trojan horse, http://en.wikipedia.org/wiki/Trojan_horse_(computing) [11] Safari Online, ProQuest Information and Learning, http://proquest.safaribooksonline.com.
Q & A?