Professional Documents
Culture Documents
ON
TROJAN HORSE
1. ACKNOWLEDGEMENT 1
2. COMPUTER VIRUSES 3
3. PREMILINARIES 11
4. TROJAN HORSES 19
5. LIST OF TROJAN HORSES 24
9. CONCLUSION 37
10. BIBILOGRAPHY 38
ACKNOWLEDGEMENT
At the very outset, we would like to express our deep sense of gratitude to our
mentors at the college, Principle Dr. D C Surana and Mr. D.K. Mehta, who have been so
kind to give us the necessary guidance. They have also been a constant source of
inspiration.
.
I extend heartfelt thanks to my parents and friends for their inspiration and thoughtfulness
in care and support.
With these comments, I take this opportunity of revealing my thanks to those who have
helped me in a number of ways and helped during my project work.
COMPUTER VIRUSES
Computer viruses are small software programs that are designed to spread from one
computer to another and to interfere with computer operation.
A virus might corrupt or delete data on your computer, use your e-mail program to spread
itself to other computers, or even erase everything on your hard disk.
Viruses are most easily spread by attachments in e-mail messages or instant messaging
messages. That is why it is essential that you never open e-mail attachments unless you
know who it's from and you are expecting it.
Viruses can be disguised as attachments of funny images, greeting cards, or audio and
video files.
Viruses also spread through downloads on the Internet. They can be hidden in illicit
software or other files or programs you might download.
To help avoid viruses, it's essential that you keep your computer current with the latest
updates and antivirus tools, stay informed about recent threats, and that you follow a few
basic rules when you surf the Internet, download files, and open attachments.
Once a virus is on your computer, its type or the method it used to get there is not as
important as removing it and preventing further infection.
Key Terms To Understanding Computer Viruses:
Virus
A program or piece of code that is loaded onto your computer without your knowledge
and runs against your wishes.
Trojan Horse
A destructive program that masquerades as a benign application. Unlike viruses, Trojan
horses do not replicate themselves
Worm
A program or algorithm that replicates itself over a computer network and usually
performs malicious actions
Blended Threat
Blended threats combine the characteristics of viruses, worms, Trojan Horses, and
malicious code with server and Internet vulnerabilities .
Antivirus Program
A utility that searches a hard disk for viruses and removes any that are found.
The internet consists of hundreds of millions of computers distributed around the world.
Millions of people use the internet daily, taking full advantage of the available services at
both personal and professional levels. The internet connectivity among computers on
which the World Wide Web relies, however renders its nodes on easy target for malicious
users who attempt to exhaust their resources or damage the data or create a havoc in the
network. Computer Viruses, especially in recent years, have increased dramatically in
number. One of the most highprofile threats to information integrity is the Computer
Virus.
Surprisingly, PC viruses have been around for two-thirds of the IBM PC’s lifetime,
appearing in 1986. With global computing on the rise, computer viruses have had more
visibility in the past few years. In fact, the entertainment industry has helped by
illustrating the effects of viruses in movies such as ”Independence Day”, ”The Net”, and
”Sneakers”. Along with computer viruses, computer worms are also increasing day by
day. So, there is a need to immunise the internet by creating awareness in the people
about these in detail. In this paper I have explained the basic concepts of viruses and
worms and how they spread.
.
PRELIMINARIES
A. Virus:
A self-replicating program. Some definitions also add the constraint saying that it has to
attach itself to a host program to be able to replicate. Often Viruses require a host, and
their goal is to infect other files so that the virus can live longer. Some viruses perform
destructive actions although this is not necessarily the case.Many viruses attempt to hide
from being discovered. A virus might rapidly infect every file on individual computer or
slowly infect the documents on the computer, but it does not intentionally try to spread
itself from that computer (infected computer) to other. In most cases, that’s where
humans come in. We send e-mail document attachments, trade programs on diskettes, or
copy files to file servers. When the next unsuspecting user receives the infected file or
disk, they spread the virus to their computers, and so on.
B. Worms:
Worms are insiduos because they rely less (or not at all) upon human behaviour in order
to spread themselves from one computer to others. The computer worm is a program that
is designed to copy itself from one computer to another, leveraging some network
medium: e-mail, TCP/IP, etc. The worm is more interested in infecting as many machines
as possible on the network, and less interested in spreading many copies of itself on a
single computer (like a computer virus).
The prototypical worm infects (or causes its code to run on) target system only once; after
the initial infection, the worm attempts to spread to other machines on the network.
Some researchers define worms as a sub-type of Viruses. In early years the worms are
considered as the problem of Mainframes only. But this has changed after the Internet
become wide spread; worms quickly accustomed to windows and started to send
themselves through network functions.
Some categories that come under worms are
_Mailers and Mass-Mailer worms
_Octopus
_Rabbits
C. Trojan Horses:
A Trojan Horse is a one which pretend to be useful programs but do some unwanted
action. Most Trojans activate when they are run and sometimes destroy the structure of
the current drive (FATs, directories, etc.) obliterating themselves in the process. These
does not require a host and does not replicate. A special type is the backdoor trojan,
which does not do anything overtly destructive, but sets your computer open for remote
control and unauthorised access.
D. Others:
There are other types of malicious programs apart from Viruses, Worms and Trojan
Horses. Some of them are described below.
2) Germs:: These are first-generation viruses in a form that the virus cannot generate to
its usual infection process. When the virus is compiled for the first time, it exists in a
special form and normally does not have a host program attached to it. Germs will not
have the usual marks that the most viruses use in second-generation form to flag infected
files to avoid reinfecting an already infected object.
E. Characteristics:
1) Binary File Virus and Worm – File virus infect executables (program files). They are
able to infect over networks. Normally these are written in machine code. File worms, are
also written in machine code, instead of infecting other files, worms focus on spreading
to other machines.
2) Binary Stream Worms – Stream worms are a group of network spreading worms that
never manifest as files. Instead, they will travel from computer to computer as just pieces
of code that exist only in memory.
3) Script File Virus and Worm – A script virus is technically a file virus, but script viruses
are written as human readable text. Since computers cannot understand text instructions
directly, the text first has to be translated from text to machine code. This rocess is called
”Interpretation”,and is performed by separate programs on computer.
4) Macro Virus – Macro Viruses infect data files, or files that are normally perceived as
data files, like documents and spreadsheets. Just about anything that we can do with
ordinary programs on a computer we can do with macro instructions. Macro viruses are
more common now-a-days. These can infect over the network.
5) Boot Virus – The first known successful computer viruses were boot sector viruses.
Today these are rarely used. These infect boot sectors of hard drives and floppy disks and
are not dependent on the actual operating system installed. These are not able to infect
over networks. These take the boot process of personal computers. Because most
computers don’t contain Operating System in their Read Only Memory (ROM), they
need to load the system from somewhere else, such as from a disk or from the network
(via a network adapter).
6) Multipartite Viruses – Multipartite Virus infect both executable files and boot sectors,
or executable and data files. These are not able to infect over the networks.
COMPUTER SECURITY
One use of the term computer security refers to technology to implement a secure
operating system. Much of this technology is based on science developed in the 1980s
and used to produce what may be some of the most impenetrable operating systems ever.
Though still valid, the technology is almost inactive today, perhaps because it is complex
or not widely understood. Such ultra strong secure operating systems are based on
operating system kernel technology that can guarantee that certain security policies are
absolutely enforced on an operating environment. An example of such a security policy is
the Bell-LaPadula model. The strategy is based on a coupling of special microprocessor
hardware features, often involving the Memory Management Unit, to a special correctly
implemented operating system kernel. This forms the foundation for a secure operating
system that if certain critical parts are designed and implemented correctly can ensure
that it is physically impossible for hostile or subversive applications to violate the
security policy. This capability is enabled because the operating system not only impose a
security policy, but completely protects itself from corruption. Ordinary operating
systems lack the completeness property. The design methodology to produce such secure
systems is not an ad-hoc best effort activity, but one that is very precise, deterministic and
logical.
Systems designed with such methodology represent the state of the art of computer
security and the capability to produce them is not widely known. In sharp contrast to
most kinds of software, they meet specifications with verifiable certainty comparable to
specifications for size, weight and power. Secure operating systems designed this way are
used primarily to protect national security information and military secrets. These are
very powerful security tools and very few secure operating systems have been certified at
the highest level (Orange Book A-1) to operate over the range of Top Secret to
unclassified (including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing
MLS LAN.) The assurance of security depends not only on the soundness of the design
strategy, but also on the assurance of correctness of the implementation, and therefore
there are degrees of security strength defined for COMPUSEC. The Common Criteria
quantifies security strength of products in terms of two components, security capability
(as Protection Profile) and assurance levels (as EAL levels.) None of these ultra high
assurance secure general purpose operating systems have been produced for decades or
certified under the Common Criteria.
1. Trust all the software to abide by a security policy but the software is not
trustworthy (this is computer insecurity).
2. Trust all the software to abide by a security policy and the software is validated as
trustworthy (by tedious branch and path analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not
trustworthy (again this is computer insecurity).
There are a strategies and techniques used to design in security. There are few, if any
strategies to add-on security after design.
One technique enforces the principle of least privilege to great extent, where an entity has
only the privileges that are needed for its function. That way, even if an attacker has
subverted one part of the system, fine-grained security ensures that it is just as difficult
for them to subvert the rest.
The design should use "defense in depth", where more than one subsystem needs to be
compromised to compromise the security of the system and the information it holds.
Defense in depth works when the subverting one hurdle is not a platform to facilitate
subverting another. Also, the cascading principle acknowledges that several low hurdles
does not make a high hurdle. So cascading several weak mechanisms does not provide
the safety of a single stronger mechanism.
Subsystems should default to secure settings, and wherever possible should be designed
to "fail secure" rather than "fail insecure" (see fail safe for the equivalent in safety
engineering). Ideally, a secure system should require a deliberate, conscious,
knowledgeable and free decision on the part of legitimate authorities in order to make it
insecure. What constitutes such a decision and what authorities are legitimate is
controversial.
In addition, security should not be an all or nothing issue. The designers and operators of
systems should assume that security breaches are inevitable in the long term. Full audit
trails should be kept of system activity, so that when a security breach occurs, the
mechanism and extent of the breach can be determined. Storing audit trails remotely,
where they can only be appended to, can keep intruders from covering their tracks.
Finally, full disclosure helps to ensure that when bugs are found the "window of
vulnerability" is kept as short as possible.
The early Multics operating system was notable for its early emphasis on computer
security by design, and Multics was possibly the very first operating system to be
designed as a secure system from the ground up. In spite of this, Multics' security was
broken, not once, but repeatedly. The strategy was known as 'penetrate and test' and has
become widely known as a non-terminating process that fails to produce computer
security. This led to further work on computer security that prefigured modern security
engineering techniques producing closed form processes that terminate.
Secure Coding
The majority of software vulnerabilities result from a few known kinds of coding defects.
Common software defects include buffer overflows, format string vulnerabilities, integer
overflow, and code/command injection.
Some common languages such as C and C++ are vulnerable to all of these defects (see
Seacord, "Secure Coding in C and C++"). Other languages, such as Java, are immune to
some of these defects, but are still prone to code/command injection and other software
defects which lead to software vulnerabilities.
Techniques for Creating Secure Systems
The following techniques can be used in engineering secure systems. These techniques,
whilst useful, do not of themselves ensure security. One security maxim is "a security
system is no stronger than its weakest link"
• Automated theorem proving and other verification tools can enable critical
algorithms and code used in secure systems to be mathematically proven to meet
their specifications.
• Thus simple microkernels can be written so that we can be sure they don't contain
any bugs: eg EROS and Coyotos.
A bigger OS, capable of providing a standard API like POSIX, can be built on a
microkernel using small API servers running as normal programs. If one of these API
servers has a bug, the kernel and the other servers are not affected: eg Hurd.
• Chain of trust techniques can be used to attempt to ensure that all software loaded
has been certified as authentic by the system's designers.
• Mandatory access control can be used to ensure that privileged access is
withdrawn when privileges are revoked. For example, deleting a user account
should also stop any processes that are running with that user's privileges.
• Capability and access control list techniques can be used to ensure privilege
separation and mandatory access control. The next sections discuss their use.
Some of the following items may belong to the computer insecurity article:
• Do not run an application with known security flaws. Either leave it turned off
until it can be patched or otherwise fixed, or delete it and replace it with some
other application. Publicly known flaws are the main entry used by worms to
automatically break into a system and then spread to other systems connected to
it. The security website Secunia provides a search tool for unpatched known flaws
in popular products.
• Backups are a way of securing information; they are another copy of all the
important computer files kept in another location. These files are kept on hard
disks, CD-Rs, CD-RWs, and tapes. Suggested locations for backups are a
fireproof, waterproof, and heat proof safe, or in a separate, offsite location than
that in which the original files are contained. Some individuals and companies
also keep their backups in safe deposit boxes inside bank vaults. There is also a
fourth option, which involves using one of the file hosting services that backs up
files over the Internet for both business and individuals.
o Backups are also important for reasons other than security. Natural
disasters, such as earthquakes, hurricanes, or tornadoes, may strike the
building where the computer is located. The building can be on fire, or an
explosion may occur. There needs to be a recent backup at an alternate
secure location, in case of such kind of disaster. The backup needs to be
moved between the geographic sites in a secure manner, so as to prevent it
from being stolen.
• Encryption is used to protect the message from the eyes of others. It can be done
in several ways by switching the characters around, replacing characters with
others, and even removing characters from the message. These have to be used in
combination to make the encryption secure enough, that is to say, sufficiently
difficult to crack. Public key encryption is a refined and practical way of doing
encryption. It allows for example anyone to write a message for a list of
recipients, and only those recipients will be able to read that message.
• Intrusion-detection systems can scan a network for people that are on the network
but who should not be there or are doing things that they should not be doing, for
example trying a lot of passwords to gain access to the network.
Within computer systems, the two fundamental means of enforcing privilege separation
are access control lists (ACLs) and capabilities. The semantics of ACLs have been proven
to be insecure in many situations (e.g., Confused deputy problem). It has also been shown
that ACL's promise of giving access to an object to only one person can never be
guaranteed in practice. Both of these problems are resolved by capabilities. This does not
mean practical flaws exist in all ACL-based systems — only that the designers of certain
utilities must take responsibility to ensure that they do not introduce flaws.
Unfortunately, for various historical reasons, capabilities have been mostly restricted to
research operating systems and commercial OSs still use ACLs. Capabilities can,
however, also be implemented at the language level, leading to a style of programming
that is essentially a refinement of standard object-oriented design. An open source project
in the area is the E language [2].
The Cambridge CAP computer demonstrated the use of capabilities, both in hardware and
software, in the 1970s, so this technology is hardly new. A reason for the lack of adoption
of capabilities may be that ACLs appeared to offer a 'quick fix' for security without
pervasive redesign of the operating system and hardware.
The most secure computers are those not connected to the Internet and shielded from any
interference. In the real world, the most security comes from operating systems where
security is not an add-on, such as OS/400 from IBM. This almost never shows up in lists
of vulnerabilities for good reason. Years may elapse between one problem needing
remediation and the next.
A good example of a secure system is EROS. But see also the article on secure operating
systems. TrustedBSD is an example of an opensource project with a goal, among other
things, of building capability functionality into the FreeBSD operating system. Much of
the work is already done.
TROJAN HORSE
The most common blunder people make when the topic of a computer virus arises is to
refer to a worm or Trojan horse as a virus. While the words Trojan, worm and virus are
often used interchangeably, they are not the same. Viruses, worms and Trojan Horses are
all malicious programs that can cause damage to your computer, but there are differences
among the three, and knowing those differences can help you to better protect your
computer from their often damaging effects.
A computer virus attaches itself to a program or file so it can spread from one computer
to another, leaving infections as it travels. Much like human viruses, computer viruses
can range in severity: Some viruses cause only mildly annoying effects while others can
damage your hardware, software or files. Almost all viruses are attached to an executable
file, which means the virus may exist on your computer but it cannot infect your
computer unless you run or open the malicious program. It is important to note that a
virus cannot be spread without a human action, (such as running an infected program) to
keep it going. People continue the spread of a computer virus, mostly unknowingly, by
sharing infecting files or sending e-mails with viruses as attachments in the e-mail.
To be considered a blended thread, the attack would normally serve to transport multiple
attacks in one payload. For examplem it wouldn't just launch a DoS attack — it would
also install a backdoor and damage a local system in one shot. Additionally, blended
threats are designed to use multiple modes of transport. For example, a worm may travel
through e-mail, but a single blended threat could use multiple routes such as e-mail, IRC
and file-sharing sharing networks. The actual attack itself is also not limited to a specific
act. For example, rather than a specific attack on predetermined .exe files, a blended
thread could modify exe files, HTML files and registry keys at the same time — basically
it can cause damage within several areas of your network at one time.
Blended threats are considered to be the worst risk to security since the inception of
viruses, as most blended threats require no human intervention to propagate.
In the context of computer software, a Trojan horse is a program that contains or installs
a malicious program (sometimes called the payload or 'trojan'). The term is derived from
the classical myth of the Trojan Horse. Trojan horses may appear to be useful or
interesting programs (or at the very least harmless) to an unsuspecting user, but are
actually harmful when executed.
Often the term is shortened to simply trojan, even though this turns the adjective into a
noun, reversing the myth (Greeks, not Trojans, were gaining malicious access).
There are two common types of Trojan horses. One, is otherwise useful software that has
been corrupted by a hacker inserting malicious code that executes while the program is
used. Examples include various implementations of weather alerting programs, computer
clock setting software, and peer to peer file sharing utilities. The other type is a
standalone program that masquerades as something else, like a game or image file, in
order to trick the user into some misdirected complicity that is needed to carry out the
program's objectives.
Trojan horse programs cannot operate autonomously, in contrast to some other types of
malware, like viruses or worms. Just as the Greeks needed the Trojans to bring the horse
inside for their plan to work, Trojan horse programs depend on actions by the intended
victims. As such, if trojans replicate and even distribute themselves, each new victim
must run the program/trojan. Therefore their virulence is of a different nature, depending
on successful implementation of social engineering concepts rather than flaws in a
computer system's security design or configuration.
However there is another meaning for the term 'Trojan Horse' in the field of computer
architecture. Here it basically represents any piece of User Code which makes the Kernel
Code access anything it would not have been able to access itself in the first place (i.e
making the OS do something it wasn't supposed to be doing). Such security loopholes are
called Trojan Horses.
Example of a simple Trojan horse
A simple example of a trojan horse would be a program named "waterfalls.scr" claiming
to be a free waterfall screensaver which, when run, instead would allow access to the
user's computer remotely.
LIST OF TROJAN HORSES
Isolation
Name Alias(es) Type Subtype Isolation Origin Author Notes
Date
AIDS
Back Orifice Sir Dystic
Successor to
Back Orifice 2000 Dildog
Back Orifice
Beast Trojan
Bifrose ksv
Insurrection
Carl-
NetBus Fredrik
Neikter
Optix Pro
http://www.chas
Posion Ivy ShapeLeSS
enet.org/
ProRat
Sub7 SubSeven Mobman
EGABTR
RemoteHAK HaKKa
A-311 Death
A4zeta
Abacab Abware.F
Acessor
AcidBattery
Acid Drop
AcidHead
Acid Kor
Acidsena
AcidShivers
Acid Trojan Horse
AckCmd
Acojonaor
Acropolis
Admin.Troj.Kikzyurarse
Advertiser Bot
AeonwindDoll
Afcore
A-FTP
AF
Agent 40421
AH
Aibolit
AIMaster
AIM Filter
AimFrame
aim P
Aim Password Stealer
AIM Pws
AimRat
AIM Robber
AIM Spy
AIMVision
AIR
AirBot
Akosch
Aladino
Al-Bareki
Alcatraz
Alerter
AlexMessoMalex
Alicia
Alien Hacker
Alien Spy
Almaster
Almetyevsk
Almq
Alex
Alofin
Alop
Alph
AlphaDog
Alvgus
Amanda
Amiboide Uploader
Ambush
AmigaAnywhere
Amitis
Amoeba
AMRC
AMS
Anal FTP
Anal Ra
AnarchoIntruder
Andromeda
A New Trojan
Angelfire
AngelShell
Annoy Toys
Anthena
Anti Danger
Anti-Denial
AntiMks
AntiPC
AntiLamer Backdoor
Anti MSN
Antylamus
AolAdmin
Apdoor
Aphex's FTP
Aphex's Remote Packet
Sniffer
Aphex tunneld 2.0
AppServ
APRE
Aqua
Arcanum
Area Control
Ares Invader
Armageddon
arplhmd
Arranca
Arsd
Artic
Arturik
AsbMay
A.S.H.
Ashley
Ass4ss1n
Assasin
Asylum
Admin.Troj.Kikzyurarse
Atentator
A-Trojan
Attack FTP
Atwinda
AudioDoor
Autocrat
AutoPWN
Autograph
AutoSpY
Avanzado
Avone
Ayan Bilisim
Azrael
BD Blade runner 0.80a
Crazy Daisy
Connect4 Rituall33
Donald Dick
Flatley Trojan
Theef
Twelve Tricks
VMLFILL
• Remote Access
• Email Sending
• Data Destructive
• Proxy trojan (disguising others as the infected computer)
• FTP trojan (adding or copying data from the infected computer)
• security software disabler
• denial-of-service attack (DoS)
• URL trojan (directing the infected computer to only connect to the internet via an
expensive dial-up connection)
"Time bombs" activate on particular dates and/or times. "Logic bombs" activate on
certain conditions met by the computer.
Droppers
Droppers perform two tasks at once. A dropper performs a legitimate task but also installs
a computer virus or a computer worm on a system or disk at the same time.
Trojan horse attacks pose one of the most serious threats to computer security. If you
were referred here, you may have not only been attacked but may also be attacking others
unknowingly. This page will teach you how to avoid falling prey to them, and how to
repair the damage if you already did. According to legend, the Greeks won the Trojan war
by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy. In
today's computer world, a Trojan horse is defined as a "malicious, security-breaking
program that is disguised as something benign". For example, you download what
appears to be a movie or music file, but when you click on it, you unleash a dangerous
program that erases your disk, sends your credit card numbers and passwords to a
stranger, or lets that stranger hijack your computer to commit illegal denial of service
attacks like those that have virtually crippled the DALnet IRC network for months on
end.
The following general information applies to all operating systems, but by far most of the
damage is done to/with Windows users due to its vast popularity and many weaknesses.
(Note: Many people use terms like Trojan horse, virus, worm, hacking and cracking all
interchangeably, but they really don't mean the same thing. If you're curious, here's a
quick primer defining and distinguishing them. Let's just say that once you are "infected",
trojans are just as dangerous as viruses and can spread to hurt others just as easily!)
Trojans can be spread in the guise of literally ANYTHING people find desirable, such as
a free game, movie, song, etc. Victims typically downloaded the trojan from a WWW or
FTP archive, got it via peer-to-peer file exchange using IRC/instant messaging/Kazaa
etc., or just carelessly opened some email attachment. Trojans usually do their damage
silently. The first sign of trouble is often when others tell you that you are attacking them
or trying to infect them!
1. NEVER download blindly from people or sites which you aren't 100% sure
about. In other words, as the old saying goes, don't accept candy from strangers.
If you do a lot of file downloading, it's often just a matter of time before you fall
victim to a trojan.
2. Even if the file comes from a friend, you still must be sure what the file is
before opening it, because many trojans will automatically try to spread
themselves to friends in an email address book or on an IRC channel. There is
seldom reason for a friend to send you a file that you didn't ask for. When in
doubt, ask them first, and scan the attachment with a fully updated anti-virus
program.
3. Beware of hidden file extensions! Windows by default hides the last extension of
a file, so that innocuous-looking "susie.jpg" might really be "susie.jpg.exe" - an
executable trojan! To reduce the chances of being tricked, unhide those pesky
extensions.
1. Clean Re-installation: Although arduous, this will always be the only sure way
to eradicate a trojan or virus. Back up your entire hard disk, reformat the disk, re-
install the operating system and all your applications from original CDs, and
finally, if you're certain they are not infected, restore your user files from the
backup. If you are not up to the task, you can pay for a professional repair service
to do it.
2. Anti-Virus Software: Some of these can handle most of the well known trojans,
but none are perfect, no matter what their advertising claims. You absolutely
MUST make sure you have the very latest update files for your programs, or else
they will miss the latest trojans. Compared to traditional viruses, today's trojans
evolve much quicker and come in many seemingly innocuous forms, so anti-virus
software is always going to be playing catch up. Also, if they fail to find every
trojan, anti-virus software can give you a false sense of security, such that you go
about your business not realizing that you are still dangerously compromised.
There are many products to choose from, but the following are generally
effective: AVP, PC-cillin, and McAfee VirusScan. All are available for immediate
downloading typically with a 30 day free trial. For a more complete review of all
major anti-virus programs, including specific configuration suggestions for each,
see the HackFix Project's anti-virus software page [all are ext. links]. When you
are done, make sure you've updated Windows with all security patches [ext. link].
3. Anti-Trojan Programs: These programs are the most effective against trojan
horse attacks, because they specialize in trojans instead of general viruses. A
popular choice is The Cleaner, $30 commercial software with a 30 day free trial.
To use it effectively, you must follow hackfix.org's configuration suggestions
[ext. link]. When you are done, make sure you've updated Windows with all
security patches [ext. link], then change all your passwords because they may
have been seen by every "hacker" in the world.
4. IRC Help Channels: If you're the type that needs some hand-holding, you can
find trojan/virus removal help on IRC itself, such as EFnet #dmsetup or DALnet
#NoHack. These experts will try to figure out which trojan(s) you have and offer
you advice on how to fix it. The previous directions were in fact adapted from
advice given by EFnet #dmsetup.
A firewall is a system that prevents unauthorized use and access to your computer. A
firewall can be either hardware or software. Hardware firewalls provide a strong degree
of protection from most forms of attack coming from the outside world and can be
purchased as a stand-alone product or in broadband routers. Unfortunately, when battling
viruses, worms and Trojans, a hardware firewall may be less effective than a software
firewall, as it could possibly ignore embedded worms in out going e-mails and see this as
regular network traffic. For individual home users, the most popular firewall choice is a
software firewall. A good software firewall will protect your computer from outside
attempts to control or gain access your computer, and usually provides additional
protection against the most common Trojan programs or e-mail worms. The downside to
software firewalls is that they will only protect the computer they are installed on, not a
network.
It is important to remember that on its own a firewall is not going to rid you of your
computer virus problems, but when used in conjunction with regular operating system
updates and a good anti-virus scanning software, it will add some extra security and
protection for your computer or network.
CONCLUSION
The seminar preperation period was really a very enriching and
informative experience for me .. The making of the seminar has enhanced my practical
knowledge and taught me about a very interesting yet a new topic to me.. The regular
guidance and constant watch never let us frivolous and kept me aware of what was going
on in other parts of the department and the world. In the end, we would once again thank,
all the persons who made such kind of project work possible for us.
BIBILOGRAPHY
1) Google.com
2) Symantec.com
3) Wikipedia