WIKIBOOKS
DISPONIBILI
?????????
ART
- Great Painters
BUSINESS&LAW
- Accounting
- Fundamentals of Law
- Marketing
- Shorthand
CARS
- Concept Cars
GAMES&SPORT
- Videogames
- The World of Sports
COMPUTER TECHNOLOGY
- Blogs
- Free Software
- Google
- My Computer
- PHP Language and Applications
- Wikipedia
- Windows Vista
EDUCATION
- Education
LITERATURE
- Masterpieces of English Literature
LINGUISTICS
- American English
- English Dictionaries
- The English Language
MEDICINE
- Medical Emergencies
- The Theory of Memory
MUSIC&DANCE
- The Beatles
- Dances
- Microphones
- Musical Notation
- Music Instruments
SCIENCE
- Batteries
- Nanotechnology
LIFESTYLE
- Cosmetics
- Diets
- Vegetarianism and Veganism
TRADITIONS
- Christmas Traditions
NATURE
- Animals
- Fruits And Vegetables


ARTICLES IN THE BOOK

  1. Adobe Reader
  2. Adware
  3. Altavista
  4. AOL
  5. Apple Macintosh
  6. Application software
  7. Arrow key
  8. Artificial Intelligence
  9. ASCII
  10. Assembly language
  11. Automatic translation
  12. Avatar
  13. Babylon
  14. Bandwidth
  15. Bit
  16. BitTorrent
  17. Black hat
  18. Blog
  19. Bluetooth
  20. Bulletin board system
  21. Byte
  22. Cache memory
  23. Celeron
  24. Central processing unit
  25. Chat room
  26. Client
  27. Command line interface
  28. Compiler
  29. Computer
  30. Computer bus
  31. Computer card
  32. Computer display
  33. Computer file
  34. Computer games
  35. Computer graphics
  36. Computer hardware
  37. Computer keyboard
  38. Computer networking
  39. Computer printer
  40. Computer program
  41. Computer programmer
  42. Computer science
  43. Computer security
  44. Computer software
  45. Computer storage
  46. Computer system
  47. Computer terminal
  48. Computer virus
  49. Computing
  50. Conference call
  51. Context menu
  52. Creative commons
  53. Creative Commons License
  54. Creative Technology
  55. Cursor
  56. Data
  57. Database
  58. Data storage device
  59. Debuggers
  60. Demo
  61. Desktop computer
  62. Digital divide
  63. Discussion groups
  64. DNS server
  65. Domain name
  66. DOS
  67. Download
  68. Download manager
  69. DVD-ROM
  70. DVD-RW
  71. E-mail
  72. E-mail spam
  73. File Transfer Protocol
  74. Firewall
  75. Firmware
  76. Flash memory
  77. Floppy disk drive
  78. GNU
  79. GNU General Public License
  80. GNU Project
  81. Google
  82. Google AdWords
  83. Google bomb
  84. Graphics
  85. Graphics card
  86. Hacker
  87. Hacker culture
  88. Hard disk
  89. High-level programming language
  90. Home computer
  91. HTML
  92. Hyperlink
  93. IBM
  94. Image processing
  95. Image scanner
  96. Instant messaging
  97. Instruction
  98. Intel
  99. Intel Core 2
  100. Interface
  101. Internet
  102. Internet bot
  103. Internet Explorer
  104. Internet protocols
  105. Internet service provider
  106. Interoperability
  107. IP addresses
  108. IPod
  109. Joystick
  110. JPEG
  111. Keyword
  112. Laptop computer
  113. Linux
  114. Linux kernel
  115. Liquid crystal display
  116. List of file formats
  117. List of Google products
  118. Local area network
  119. Logitech
  120. Machine language
  121. Mac OS X
  122. Macromedia Flash
  123. Mainframe computer
  124. Malware
  125. Media center
  126. Media player
  127. Megabyte
  128. Microsoft
  129. Microsoft Windows
  130. Microsoft Word
  131. Mirror site
  132. Modem
  133. Motherboard
  134. Mouse
  135. Mouse pad
  136. Mozilla Firefox
  137. Mp3
  138. MPEG
  139. MPEG-4
  140. Multimedia
  141. Musical Instrument Digital Interface
  142. Netscape
  143. Network card
  144. News ticker
  145. Office suite
  146. Online auction
  147. Online chat
  148. Open Directory Project
  149. Open source
  150. Open source software
  151. Opera
  152. Operating system
  153. Optical character recognition
  154. Optical disc
  155. output
  156. PageRank
  157. Password
  158. Pay-per-click
  159. PC speaker
  160. Peer-to-peer
  161. Pentium
  162. Peripheral
  163. Personal computer
  164. Personal digital assistant
  165. Phishing
  166. Pirated software
  167. Podcasting
  168. Pointing device
  169. POP3
  170. Programming language
  171. QuickTime
  172. Random access memory
  173. Routers
  174. Safari
  175. Scalability
  176. Scrollbar
  177. Scrolling
  178. Scroll wheel
  179. Search engine
  180. Security cracking
  181. Server
  182. Simple Mail Transfer Protocol
  183. Skype
  184. Social software
  185. Software bug
  186. Software cracker
  187. Software library
  188. Software utility
  189. Solaris Operating Environment
  190. Sound Blaster
  191. Soundcard
  192. Spam
  193. Spamdexing
  194. Spam in blogs
  195. Speech recognition
  196. Spoofing attack
  197. Spreadsheet
  198. Spyware
  199. Streaming media
  200. Supercomputer
  201. Tablet computer
  202. Telecommunications
  203. Text messaging
  204. Trackball
  205. Trojan horse
  206. TV card
  207. Unicode
  208. Uniform Resource Identifier
  209. Unix
  210. URL redirection
  211. USB flash drive
  212. USB port
  213. User interface
  214. Vlog
  215. Voice over IP
  216. Warez
  217. Wearable computer
  218. Web application
  219. Web banner
  220. Web browser
  221. Web crawler
  222. Web directories
  223. Web indexing
  224. Webmail
  225. Web page
  226. Website
  227. Wiki
  228. Wikipedia
  229. WIMP
  230. Windows CE
  231. Windows key
  232. Windows Media Player
  233. Windows Vista
  234. Word processor
  235. World Wide Web
  236. Worm
  237. XML
  238. X Window System
  239. Yahoo
  240. Zombie computer
    241.
 



MY COMPUTER
This article is from:
http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29

All text is available under the terms of the GNU Free Documentation License: http://en.wikipedia.org/wiki/Wikipedia:Text_of_the_GNU_Free_Documentation_License 

Trojan horse (computing)

From Wikipedia, the free encyclopedia

 
This article is about computer system security. For Odysseus's subterfuge in the Trojan War, see Trojan Horse.

In the context of computer software, a Trojan horse is a program that contains or installs a malicious program (sometimes called the payload or 'trojan'). The term is derived from the classical myth of the Trojan Horse. Trojan horses may appear to be useful or interesting programs (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed. (See Social engineering (security).)

Often the term is shortened to simply trojan, even though this turns the adjective into a noun, reversing the myth (Greeks, not Trojans, were gaining malicious access).

There are two common types of Trojan horses. One, is otherwise useful software that has been corrupted by a cracker inserting malicious code that executes while the program is used. Examples include various implementations of weather alerting programs, computer clock setting software, and peer to peer file sharing utilities. The other type is a standalone program that masquerades as something else, like a game or image file, in order to trick the user into some misdirected complicity that is needed to carry out the program's objectives.

Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims. As such, if trojans replicate and even distribute themselves, each new victim must run the program/trojan. Therefore their virulence is of a different nature, depending on successful implementation of social engineering concepts rather than flaws in a computer system's security design or configuration.

Examples

Example of a simple Trojan horse

A simple example of a trojan horse would be a program named "waterfalls.scr" claiming to be a free waterfall screensaver which, when run, instead would allow access to the users computer remotely.

Types of Trojan horse payloads

Trojan horse payloads are almost always designed to do various harmful things, but could be harmless. They are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horse payloads are:

  • Remote Access
  • Email Sending
  • Data Destructive
  • Proxy trojan (disguising others as the infected computer)
  • FTP trojan (adding or copying data from the infected computer)
  • security software disabler
  • denial-of-service attack (DoS)
  • URL trojan (directing the infected computer to only connect to the internet via an expensive dial-up connection)

Some examples are:

  • erasing or overwriting data on a computer.
  • encrypting files in a cryptoviral extortion attack.
  • corrupting files in a subtle way.
  • upload and download files.
  • allowing remote access to the victim's computer. This is called a RAT. (remote administration tool)
  • spreading other malware, such as viruses. In this case the Trojan horse is called a 'dropper' or 'vector'.
  • setting up networks of zombie computers in order to launch DDoS attacks or send spam.
  • spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware).
  • make screenshots.
  • logging keystrokes to steal information such as passwords and credit card numbers (also known as a keylogger).
  • phish for bank or other account details, which can be used for criminal activities.
  • installing a backdoor on a computer system.
  • opening and closing CD-ROM tray.
  • harvest e-mail addresses and use them for spam.
  • Restarts the computer whenever the infected program is started.

Time bombs and logic bombs

"Time bombs" and "logic bombs" are types of trojan horses.

"Time bombs" activate on particular dates and/or times. "Logic bombs" activate on certain conditions met by the computer.

Droppers

Droppers perform two tasks at once. A dropper performs a legitimate task but also installs a computer virus or a computer worm on a system or disk at the same time.

Precautions against Trojan horses

Trojan horses can be protected against through end-user awareness, namely to treat them like a virus. Viruses can cause a great deal of damage to a personal computer but even more damage to a business, particularly a small business that usually does not have the same virus protection capabilities as a large business. Since a Trojan Horse virus payload is hidden, it is harder to protect yourself or your company from it, but there are things that you can do.

Trojan Horses are most commonly spread through an e-mail, much like other types of common viruses. The only difference being of course is that a Trojan Horse payload is hidden. The best ways to protect yourself and your company from Trojan Horses are as follows:

1. If you receive e-mail from someone that you do not know or you receive an unknown attachment, never open it right away. As an e-mail user you should confirm the source. Some hackers have the ability to steal address books, so if you see e-mail from someone you know, it is not necessarily safe.

2. When setting up your e-mail client, make sure that you have the settings so that attachments do not open automatically. Some e-mail clients come ready with an anti-virus program that scans any attachments before they are opened. If your client does not come with this, it would be best to purchase one or download one for free.

3. Make sure your computer has an anti-virus program on it and update it regularly. If you have an auto-update option included in your anti-virus program you should turn it on; that way if you forget to update your software you can still be protected from threats

4. Operating systems offer patches to protect their users from certain threats. Software developers like Microsoft offer patches that in a sense "close the hole" that the Trojan horse or other virus would use to get through to your system. If you keep your system updated with these patches, your computer is kept much safer.

5. Avoid using peer-to-peer or P2P sharing networks like Kazaa, Limewire, Ares, or Gnutella because they are generally unprotected from viruses and Trojan Horse viruses spread through them especially easily. Some of these programs do offer some virus protection, but this is often not strong enough. If you insist on using P2P, it would be safe to not download files that claim to be "rare" songs, books, movies, pictures, etc.

Besides these sensible precautions, one can also install anti-trojan software, some of which is offered free.

Methods of Infection

The majority of trojan horse infections occur because the user was tricked into running an infected program. This is why it is advised to not open unexpected attachments on emails -- the program is often a cute animation or a sexy picture, but behind the scenes it infects the computer with a trojan or worm. The infected program doesn't have to arrive via email, though; it can be sent to you in an Instant Message, downloaded from a Web site or by FTP, or even delivered on a CD or floppy disk. (Physical delivery is uncommon, but if you were the specific target of an attack, it would be a fairly reliable way to infect your computer.) Furthermore, an infected program could come from someone who sits down at your computer and loads it manually.

Websites: You can be infected by visiting a rogue website.

Email: If you use Microsoft Outlook, you're vulnerable to many of the same problems that Internet Explorer has, even if you don't use IE directly.

Open ports: Computers running their own servers (HTTP, FTP, or SMTP, for example), allowing Windows file sharing, or running programs that provide filesharing capabilities such as Instant Messengers (AOL's AIM, MSN Messenger, etc.) may have vulnerabilities similar to those described above. These programs and services may open a network port giving attackers a means for interacting with these programs from anywhere on the Internet. Vulnerabilities allowing unauthorized remote entry are regularly found in such programs, so they should be avoided or properly secured.

A firewall may be used to limit access to open ports. Firewalls are widely used in practice, and they help to mitigate the problem of remote trojan insertion via open ports, but they are not a totally impenetrable solution, either.

Some of the modern trojans that come through messages. They come in as a very important looking message, but contain trojans, the executable files are same or look same as that of windows system proccesses like 'Svchost.exe', some of the look alike trojans are:

  • Svchost32.exe
  • Svhost.exe
  • back.exe

Well-known trojan horses

  • Back Orifice
  • Back Orifice 2000
  • NetBus
  • SubSeven
  • Downloader-EV
  • Pest Trap

See also

  • List of trojan horses
  • Spy software
  • Farewell Dossier
  • Malware
  • Secure computing
  • Social engineering (security)
  • Remote administration tool
  • Employee monitoring software
  • Botnets

External links

  • What is a Trojan Horse? Webopedia
  • The Difference between a Virus, a Worm and a Trojan Horse Webopedia
  • Trojan horses and how they are used en-masse in botnets Virus Bulletin's The World of Botnets by Dr Alan Solomon and Gadi Evron-->
Retrieved from "http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29"