Backdoor
description
Transcript of Backdoor
Trojan and Backdoor
Teams Group
- Nguyễn Mạnh Cường
- Nguyễn Hoàng Hoàn
- Cao Văn Tân
- Nguyễn Trung Tín
Giáo viên hướng dẫn:
- Phạm Văn Tính
Introduction• - What ‘s Trojan ?: It’s a program runs hidden on an
infected computer• - What’s A backdoor ?:It is any type of program that will
allow a hacker to connect to a computer without going through the normal authentication process
• - What’s is used ?: allow a hacker remote access to your system, start a keystroke logger to record your every keystroke, plant a backdoor on your system, cause a DoS, or even disable your antivirus protection or software firewall.
Trojan Types
Trojan Infection Mechanisms
Distributing Trojans
• - Wrapper: A wrapper is a program used to combine two or more executables into a single packaged program.
Change icon, defacing application
Infecting via CD-ROM, USB
• An Autorun.inf file
[autorun]
open=setup.exe
icon=setup.exe
• Turn off the Auto-Start functionality by doing the following:
Start button-> Settings-> Control Panel-> System-> Device Manager-> CDROM-> Properties -> Settings
Hacking Tool
• Firekiller 2000 : will kill (if executed) any resistant protection software.
• ICMP Tunneling
• Reverse WWW Shell
ICMP Tunneling
Backdoor, Trojan Countermeasures
• Most commercial ant-virus products can
automatically scan and detect backdoor
programs before they can cause damage (Eg.
before accessing a floppy, running exe or
downloading mail)
• Educate your users not to install applications
downloaded from the internet and e-mail
attachments.
Process Viewer
• Tripwire: Tripwire will automatically calculate cryptographic hashes of all key system files or any file that you want to monitor for modifications.
• Netstat:
How to avoid a Trojan infection
How to avoid a Trojan infection
How to avoid a Trojan infection