Beruflich Dokumente
Kultur Dokumente
Preparedby Name: MuhammadNoorshazmilBinMohdZahri MatricNo.: 107608 Preparedfor Pensyarah: Dr. Aman Jantan
Abstract Investigation on how backdoor infect in our computer system. Why it is so dangerous in some organization. Vulnerability of security on computer system towards backdoor. Backdoorsare often installed by attackers who have compromised a system to easetheirsubsequentreturntothesystem.We considertheproblemofidentifyingalargeclass of backdoors, namely those providing interactive access on nonstandard ports, by passively monitoring a site's Internet access link.
Trojan is difficult to detect and even more difficult to remove. The size of the virus varies in the amount of time it is detected and deleted. If the virus cannot be removed within a few days, it could multiply itself. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However,
1.0 INTRODUCTION
A backdoor is a means of access to a computer program that bypasses security
attackers often use backdoors that they detect or install themselves, as part of an exploit. In some cases, a worm is designed to take
mechanisms. The Backdoor Virus is more likely attach itself to important system files, allowing it to hide from the antivirus software. It is also known as backdoor Trojan, a program that allows hackers access to others computers. Users computer is highly infected to the threat, because the backdoor allows valuable data and passwords to be easily recorded and viewed by the hacker. Because it is subtle and deeply imbedded into the targets system, the backdoor
advantage of a back door created by an earlier attack. For example, Nimda gained entrance through a back door left by Code Red. Whether installed as an administrative tool or a means of attack, a back door is a security risk, because there are always crackers out there looking for any vulnerability to exploit. In her article "Who gets your trust?" security consultant Carole Fennelly uses an analogy to illustrate the situation: "Think of approaching a
building with an elaborate security system that does bio scans, background checks, the works. Someone who doesn't have time to go through all that might just rig up a back exit so they can step out for a smoke -- and then hope no one finds out about it."
Alter System Settings Delete Files Wreak Havoc Steal Credit Card Number and
Passwords
One of the most insidious computer viruses today is the backdoor Trojan. The name backdoor Trojan comes from a
melding of metaphors. The term Trojan comes from a reference to the legendary Trojan horse that destroyed the city of Troy during a war with Greece. Like the Trojan horse the backdoor Trojan at first looks like a gift, only later does the user find that the enemy was hidden inside. The Trojan horse backdoor virus is comprised of two parts. The first part is the "server". This is the part of the virus that infects the system, and opens the backdoor into the computer. The second part is the "client". The client is the part installed on the intruder's computer that allows the intruder to find and access the server, thereby gaining access to the victim's computer. The possible effects that backdoor Trojan can cause are as highlighted below:
communicate with the server components, which are installed on the victims system. Depending on how sophisticated a client is, it can include such features as:
Sending and receiving files Browsing through the hard drives and
network drives
Getting system information Taking screenshots Changing the date/time and settings Playing tricks like opening and closing
A backdoor's server components can be installed on an unsuspecting user's system in numerous ways - as part of a worm or trojan payload, as an email attachment, as a tantalizingly-named file on peer-to-peer networks, etc. Once
will download the program without even suspecting its potential danger. An example type of backdoor:
1. SSH 2. Rlogin 3. Telnet 4. FTP 5. Root prompt 6. Napster 7. Gnutella
installed, the server component will open a network port and communicate with the client, to indicate that the computer is infected and vulnerable. An attacker can then use the backdoor's client to issue commands to the infected system. There are two types of backdoor Trojans. The first one is a useful program that has been altered by a cracker. That way, the black hat hacker can disguise his attack. Once the program is executed, the altered code is activated. What this new code may do is unknown. Only it can be known once it is running. The second type of backdoor Trojan is a program that masks itself as another program. For example, a cracker may replace a free game from a website and hang his "hidden Trojan". Since this is unnoticed by a regular computer user, he
compromised
computers
(distributed denial-of-service) attack, flooding a website with traffic. It's not just a DDoS tool though. As you can see by the portion of OSX/Tsunami's source code that I have reproduced below, the bash script can be given a variety of different instructions and can be used to remotely access an affected computer. Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is non-existent.
Betakeys.txt.exe"
diablo3-crack.exe",
attackers prey on gamers anxious to test out Defense of the Ancients 2 (a custom
scenario map for Warcraft III) and Diablo III, respectively, which arent slated for release until later in 2012.
In the first case, users attempting to snag a beta version of Defense of the Ancients 2 are actually just downloading the Pontoeb malware
(detected as Backdoor:MSIL/Pontoeb.J). Once executed, Pontoeb begins gathering critical system information with the ultimate goal of morphing the computer into part of a zombie network. It eventually installs a backdoor
troublesome malware: caution. Although many computer users do not take this into consideration. The truth is that without some basic security procedures, your
through which attackers can communicate to execute various commands. In the second case, the Fynloski remote access tool (detected as
computer will be infested with Trojans; backdoor entrances, after all, are
commonplace. However, in order to fight them, it is our duty to know about them. So let's find out first what a Trojan is. The good news is that many backdoor programs are recognized by antivirus
Backdoor:Win32/Fynloski.A) is installed. Fynloski is a backdoor trojan that gains access to nearly all the information and resources within a given computer, logging keystrokes, downloading and running arbitrary files, and disabling security settings. The MMPC wrote an interesting followup piece detailing Fylonskis obfuscation
software. Keep your antivirus updated and run it often. Install a firewall and keep that updated regularly as well. Occasionally run online virus scans. They could pick up
techniques, which can be found here. The MMPC recommends visiting the official Defense of the Ancients and Diablo websites if you want to securely try out the actual beta versions.
things that your installed antivirus software may have missed. Software manufacturers like Microsoft are aware of backdoor programs and the damage they do. Periodically they will
release "patches" that you can install on your system to help protect your computer from backdoors as well as other types of
malicious attacks. Download these patches when they come out to help keep your computer running safely.
legitimate user and copy or destroy data with a value (passwords, private key to decrypt messages private banking
depending on the extent of rights that provides operating system software contains the
computer and can use it to carry out evil actions (sending spam, including phishing, viruses, denial of service);
backdoor, control may extend to all operations of the computer. The widespread networking of computers makes back-doors much more useful than when
Control
of
vast
network
of
computers (see botnet) that can be used to blackmail the distributed denial of service (DDoS), or resold to criminals.
To install backdoors mass, hackers are using worms. They spread automatically and install a computer server on each infected computer. Then the attacker can connect to the Internet through a server.
physical access to the computer was the rule. Among the reasons leading software developers to create backdoors, there are:
A backdoor can be inserted by way of Easter egg, compiler or may take the form of a program like Back Orifice.
server, activity that use high processing in system and we are highly recommended to install antivirus or antispyware or another protection system software, so that our system is fully protected from the backdoor. In addition, one important thing, backdoor is a process that trying to steal our information whether there is firewall.
6.0 CONCLUSION
Nowadays, backdoor has become the most dangerous in our computer system. Not just in Windows, it had been spread on Mac OS X and other linux OS. As technology increasing rapidly, the more viruses is mutated. The backdoor is one of the viruses that multiple itself rapidly on each computer system through network such as email and software installed in system. We need to make sure of protection in each computer to ensure our information or details are not being stole. If backdoor had been go through our system, it can control all activity in computer whether we had installed the antivirus or other software protection. To
Backdoor will keep trying again and again. So, we must take action immediately if we detected backdoor entered in system. If, we does not concern about it, all our system can be corrupted and all neighbourhood network information can be stolen too.
7.0 REFERENCES
make sure, the backdoor are not installed in system, we need up to date our systems activity and antivirus in system is well functioning. Furthermore, we need to monitor out network activity. Is there suspicious activity that send data to unknown website or
http://www.webopedia.com/TERM/B/bac kdoor.html 3. Backdoor http://www.catb.org/jargon/html/B/back -door.html 4. Thwarted Linux backdoor hints at smarter hacks http://www.securityfocus.com/news/738 8 5. Tony Northrup, [Firewalls] http://technet.microsoft.com/enus/library/cc700820.aspx
http://www.symantec.com/connect/articl es/enemy-within-firewalls-and-backdoors
6. Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment http://www.windowsecurity.com/articles /hidden_backdoors_trojan_horses_and_r ootkit_tools_in_a_windows_environment .html 7. The Enemy Within: Firewalls and Backdoors