Sie sind auf Seite 1von 10

Semester2,SidangAkademik2011/2012 CST233 Assignment1 FailSecureLockSystem

Preparedby Name: MuhammadNoorshazmilBinMohdZahri MatricNo.: 107608 Preparedfor Pensyarah: Dr. Aman Jantan

Date of Submission 19th April 2012


Fail-Secure Lock System MuhammadNoorshazmilBinMohdZahri,107608 UNIVERSITISAINSMALAYSIA ComputerScience mnoorshazmil.ucom10@student.usm.my

Abstract Investigation on how backdoor infect in our computer system. Why it is so dangerous in some organization. Vulnerability of security on computer system towards backdoor. Backdoorsare often installed by attackers who have compromised a system to easetheirsubsequentreturntothesystem.We considertheproblemofidentifyingalargeclass of backdoors, namely those providing interactive access on nonstandard ports, by passively monitoring a site's Internet access link.

Trojan is difficult to detect and even more difficult to remove. The size of the virus varies in the amount of time it is detected and deleted. If the virus cannot be removed within a few days, it could multiply itself. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However,

1.0 INTRODUCTION
A backdoor is a means of access to a computer program that bypasses security

attackers often use backdoors that they detect or install themselves, as part of an exploit. In some cases, a worm is designed to take

mechanisms. The Backdoor Virus is more likely attach itself to important system files, allowing it to hide from the antivirus software. It is also known as backdoor Trojan, a program that allows hackers access to others computers. Users computer is highly infected to the threat, because the backdoor allows valuable data and passwords to be easily recorded and viewed by the hacker. Because it is subtle and deeply imbedded into the targets system, the backdoor

advantage of a back door created by an earlier attack. For example, Nimda gained entrance through a back door left by Code Red. Whether installed as an administrative tool or a means of attack, a back door is a security risk, because there are always crackers out there looking for any vulnerability to exploit. In her article "Who gets your trust?" security consultant Carole Fennelly uses an analogy to illustrate the situation: "Think of approaching a

building with an elaborate security system that does bio scans, background checks, the works. Someone who doesn't have time to go through all that might just rig up a back exit so they can step out for a smoke -- and then hope no one finds out about it."

Alter System Settings Delete Files Wreak Havoc Steal Credit Card Number and

Passwords

Send Spam View Videos, Pictures, Phone Number

One of the most insidious computer viruses today is the backdoor Trojan. The name backdoor Trojan comes from a

and Related Information

melding of metaphors. The term Trojan comes from a reference to the legendary Trojan horse that destroyed the city of Troy during a war with Greece. Like the Trojan horse the backdoor Trojan at first looks like a gift, only later does the user find that the enemy was hidden inside. The Trojan horse backdoor virus is comprised of two parts. The first part is the "server". This is the part of the virus that infects the system, and opens the backdoor into the computer. The second part is the "client". The client is the part installed on the intruder's computer that allows the intruder to find and access the server, thereby gaining access to the victim's computer. The possible effects that backdoor Trojan can cause are as highlighted below:

2.0 TYPES OF BACKDOOR


A typical backdoor consists of 2 components client and server. An attacker will use the client application to

communicate with the server components, which are installed on the victims system. Depending on how sophisticated a client is, it can include such features as:
Sending and receiving files Browsing through the hard drives and

network drives
Getting system information Taking screenshots Changing the date/time and settings Playing tricks like opening and closing

the CD-ROM tray and so on.

A backdoor's server components can be installed on an unsuspecting user's system in numerous ways - as part of a worm or trojan payload, as an email attachment, as a tantalizingly-named file on peer-to-peer networks, etc. Once

will download the program without even suspecting its potential danger. An example type of backdoor:
1. SSH 2. Rlogin 3. Telnet 4. FTP 5. Root prompt 6. Napster 7. Gnutella

installed, the server component will open a network port and communicate with the client, to indicate that the computer is infected and vulnerable. An attacker can then use the backdoor's client to issue commands to the infected system. There are two types of backdoor Trojans. The first one is a useful program that has been altered by a cracker. That way, the black hat hacker can disguise his attack. Once the program is executed, the altered code is activated. What this new code may do is unknown. Only it can be known once it is running. The second type of backdoor Trojan is a program that masks itself as another program. For example, a cracker may replace a free game from a website and hang his "hidden Trojan". Since this is unnoticed by a regular computer user, he

3.0 REAL CASE IN COMPUTER SYSTEM


3.1 Backdoor installed in Mac OS X
OSX/Tsunami-A, a new backdoor Trojan horse for Mac OS X, has been discovered. What makes Tsunami particularly interesting is that it appears to be a port of Troj/Kaiten, a Linux backdoor Trojan horse that once it has embedded itself on a computer system listens to an IRC channel for further instructions. Typically code like this is used into a to rally DDoS

compromised

computers

(distributed denial-of-service) attack, flooding a website with traffic. It's not just a DDoS tool though. As you can see by the portion of OSX/Tsunami's source code that I have reproduced below, the bash script can be given a variety of different instructions and can be used to remotely access an affected computer. Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is non-existent.

3.2 Backdoor In Games


Tracking the increasingly common use of PC games as an infection vector, researchers at the Microsoft Malware Protection Center (MMPC) It could be that a malicious hacker plants it there, to access your computer remotely and launch DDoS attacks, or it may even be that you have volunteered your Mac to participate in an organised attack on a website. But remember this - not only is participating in a DDoS attack illegal, it also means that you have effectively put control of your Mac into someone else's hands. If that doesn't instantly raise the hairs on the back of your neck, it certainly should. discovered a couple of malicious programs making the rounds on torrent and file sharing sites. Social engineers are disguising their malware by labeling it as the beta-versions of unreleased games or upgrades to popular ones. With the following and files, dota 2

Betakeys.txt.exe"

diablo3-crack.exe",

attackers prey on gamers anxious to test out Defense of the Ancients 2 (a custom

scenario map for Warcraft III) and Diablo III, respectively, which arent slated for release until later in 2012.

In the first case, users attempting to snag a beta version of Defense of the Ancients 2 are actually just downloading the Pontoeb malware

4.0 HOW TO PREVENT BACKDOOR


If you want to delete backdoor Trojans forever, then you need to take the first step in order to eliminate this

(detected as Backdoor:MSIL/Pontoeb.J). Once executed, Pontoeb begins gathering critical system information with the ultimate goal of morphing the computer into part of a zombie network. It eventually installs a backdoor

troublesome malware: caution. Although many computer users do not take this into consideration. The truth is that without some basic security procedures, your

through which attackers can communicate to execute various commands. In the second case, the Fynloski remote access tool (detected as

computer will be infested with Trojans; backdoor entrances, after all, are

commonplace. However, in order to fight them, it is our duty to know about them. So let's find out first what a Trojan is. The good news is that many backdoor programs are recognized by antivirus

Backdoor:Win32/Fynloski.A) is installed. Fynloski is a backdoor trojan that gains access to nearly all the information and resources within a given computer, logging keystrokes, downloading and running arbitrary files, and disabling security settings. The MMPC wrote an interesting followup piece detailing Fylonskis obfuscation

software. Keep your antivirus updated and run it often. Install a firewall and keep that updated regularly as well. Occasionally run online virus scans. They could pick up

techniques, which can be found here. The MMPC recommends visiting the official Defense of the Ancients and Diablo websites if you want to securely try out the actual beta versions.

things that your installed antivirus software may have missed. Software manufacturers like Microsoft are aware of backdoor programs and the damage they do. Periodically they will

release "patches" that you can install on your system to help protect your computer from backdoors as well as other types of

malicious attacks. Download these patches when they come out to help keep your computer running safely.

The ability to disable the software

surreptitiously in case of disagreement with his client (non-payment of license).

5.0 PEOPLE THAT ALWAYS USE BACKDOOR


Virus Techniques
A backdoor can be made either by the software developer, or by one third. A person familiar with the backdoor can be used to monitor the activities of the software, or gain control (for authentication bypass). Finally,

Among the reasons leading hackers to install a backdoor:

The ability to monitor what the

legitimate user and copy or destroy data with a value (passwords, private key to decrypt messages private banking

information, trade secrets);

The ability to take control of a

depending on the extent of rights that provides operating system software contains the

computer and can use it to carry out evil actions (sending spam, including phishing, viruses, denial of service);

backdoor, control may extend to all operations of the computer. The widespread networking of computers makes back-doors much more useful than when

Control

of

vast

network

of

computers (see botnet) that can be used to blackmail the distributed denial of service (DDoS), or resold to criminals.
To install backdoors mass, hackers are using worms. They spread automatically and install a computer server on each infected computer. Then the attacker can connect to the Internet through a server.

physical access to the computer was the rule. Among the reasons leading software developers to create backdoors, there are:

The practical easily accessible and

always open the software to efficiently conduct maintenance actions;

A backdoor can be inserted by way of Easter egg, compiler or may take the form of a program like Back Orifice.

server, activity that use high processing in system and we are highly recommended to install antivirus or antispyware or another protection system software, so that our system is fully protected from the backdoor. In addition, one important thing, backdoor is a process that trying to steal our information whether there is firewall.

6.0 CONCLUSION
Nowadays, backdoor has become the most dangerous in our computer system. Not just in Windows, it had been spread on Mac OS X and other linux OS. As technology increasing rapidly, the more viruses is mutated. The backdoor is one of the viruses that multiple itself rapidly on each computer system through network such as email and software installed in system. We need to make sure of protection in each computer to ensure our information or details are not being stole. If backdoor had been go through our system, it can control all activity in computer whether we had installed the antivirus or other software protection. To

Backdoor will keep trying again and again. So, we must take action immediately if we detected backdoor entered in system. If, we does not concern about it, all our system can be corrupted and all neighbourhood network information can be stolen too.

7.0 REFERENCES

1. How Do I Secure My Windows PC ? http://www.webopedia.com/DidYouKno w/Hardware_Software/Security/how-doi-secure-my-windows-pc.html 2. Backdoor

make sure, the backdoor are not installed in system, we need up to date our systems activity and antivirus in system is well functioning. Furthermore, we need to monitor out network activity. Is there suspicious activity that send data to unknown website or

http://www.webopedia.com/TERM/B/bac kdoor.html 3. Backdoor http://www.catb.org/jargon/html/B/back -door.html 4. Thwarted Linux backdoor hints at smarter hacks http://www.securityfocus.com/news/738 8 5. Tony Northrup, [Firewalls] http://technet.microsoft.com/enus/library/cc700820.aspx

http://www.symantec.com/connect/articl es/enemy-within-firewalls-and-backdoors

6. Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment http://www.windowsecurity.com/articles /hidden_backdoors_trojan_horses_and_r ootkit_tools_in_a_windows_environment .html 7. The Enemy Within: Firewalls and Backdoors

Das könnte Ihnen auch gefallen