CHAPTER-V
TROJANS & BACKDOORS
TROJANS:
A destructive program that masquerades
as a benign application. Unlike viruses, Trojan horses do not replicate
themselves but they can be just as destructive. One of the most insidious types
of Trojan horse is a program that claims to rid your computer of viruses but
instead introduces viruses onto your computer.
The seven main types of Trojan horses are:
>Remote Access Trojans
>Data Sending Trojans
>Destructive Trojans
>Proxy Trojans
>FTP Trojans
The seven main types of Trojan horses are:
>Remote Access Trojans
>Data Sending Trojans
>Destructive Trojans
>Proxy Trojans
>FTP Trojans
>security software disabler Trojans
>denial-of-service attack (DoS) Trojans
>denial-of-service attack (DoS) Trojans
BACKDOOR:
Also called a trapdoor. An undocumented way of gaining access to a
program, online service or an entire computer system. The backdoor is written
by the programmer who creates the code for the program. It is often only known
by the programmer. A backdoor is a potential security risk.
Main functions of a Trojan
>Stealing information's such a password, credit card info,
screenshot's ect.... with the help of a keylogger
>Reading files and calender
>Disabling firewall and antivirus
>Infect your pc as a proxy server for future attacks
>Generate fake traffic to create DOS attack
>Download spyware,ad ware ect.......
>Delete your system files
>To create and send spam messages
>Use victim pc as a botnet for DDos attack
>Reading files and calender
>Disabling firewall and antivirus
>Infect your pc as a proxy server for future attacks
>Generate fake traffic to create DOS attack
>Download spyware,ad ware ect.......
>Delete your system files
>To create and send spam messages
>Use victim pc as a botnet for DDos attack
Common PORTS used by Trojan to attack
BackOrifice: UDP 31337 or 31338
Deep Throat:
UDP 2140 and 3150
NetBus:
TCP 12345
and 12346
Whack-a-Mole: TCP 12361 and 12362
NetBus 2: TCP 20034
GirlFriend:
TCP 21544
Master’s Paradise: TCP 3129,
40421, 40422, 40423, and 40426
For more lnfo visit www.doshelp.com/Ports/Trojan_Ports.htm
For more lnfo visit www.doshelp.com/Ports/Trojan_Ports.htm
Symptoms that may indicate a Trojan
infection
>Your computer screen flips upside down or inverts
>Your wall paper or background settings change by themselves
>Documents or messages print on your printer by themselves
>Your windows color settings change by themselves
>Your screen saver settings change by themselves
>Your right and left mouse buttons reverse their functions
>Your mouse pointer disappears
>Your mouse moves by itself
>Your mouse starts leaving trails
>Your Windows Start button disappears
>Your computer starts reading the contents of your computer clipboard
>Your Task bar disappears
>Your computer shuts down and powers off by itself
>Your computer screen flips upside down or inverts
>Your wall paper or background settings change by themselves
>Documents or messages print on your printer by themselves
>Your windows color settings change by themselves
>Your screen saver settings change by themselves
>Your right and left mouse buttons reverse their functions
>Your mouse pointer disappears
>Your mouse moves by itself
>Your mouse starts leaving trails
>Your Windows Start button disappears
>Your computer starts reading the contents of your computer clipboard
>Your Task bar disappears
>Your computer shuts down and powers off by itself
