Home Random Page


CATEGORIES:

BiologyChemistryConstructionCultureEcologyEconomyElectronicsFinanceGeographyHistoryInformaticsLawMathematicsMechanicsMedicineOtherPedagogyPhilosophyPhysicsPolicyPsychologySociologySportTourism






Trojan Horses (Logical Bombs)

Trojan horses are programs, doing some kind of harm, that is depending on some circumstances or with each execution destroying information on disks, crashing the system, etc.

Most part of the Trojan horses are programs, which “imitate” some other useful programs, new versions of popular utility software or software updates for them. Very often they are being sent to BBS stations or Usenet groups. In comparison with viruses Trojan horses are not widely spread. The reasons of this are quite simple – they either destroy themselves together with the rest of the data on disks, or unmask their presence and are deleted by victimized users.

Virus “droppers” may also be considered Trojan horses. There are the files infected in such way, that known anti- viruses do not determine virus presence in the file. For example a file is encrypted in some special way or packed by an rarely used archiver, preventing anti- virus from “seeing” the infection.

Hoaxes are also worth mentioning. These are programs not doing any direct harm to computers, but displaying messages falsely stating that this harm has already been done, or will be done under some circumstances, or warn user about sotome kind of nonexistent danger. Hoaxes are for example, programs which “scare” user with messages about disk formatting ( although actually no formatting takes place), detect viruses in not infected files, display strange virus like messages (CMD640X disk driver from some commercial software package) etc.- it depends on the sense of humor of the author of such program. Apparently the string “CHOLEEPA” in the second sector of Seagate hard disks is also a hoax.

 

Backdoors (remote administration hacker’s tools)

The programs that are classified as “backdoors” are network administration utilities that allows to control remove computers on the network, and they are similar to commercial network administration packages that are developed and distributed by software companies.

The only feature makes this utilities to be classified as malicious (Trojan) software – the silent installing and execution. When such program runs, it installs itself into the system and then monitors it without any requests or messages. If you already have it installed on the computer, you cannot find this application in task list in most of cases. The most of known backdoor Trojans also do not manifest their activity in any way.

Being installed on the computer the backdoors may do everything their author had embedded into their “feature list”: send/receive files to/from affected computer, execute/delete/rename files there, display message boxes, hook keyboard input, etc. As a result the backdoors are able to monitor almost everything on affected computers, steal data from them, upload and run viruses on the remote PC, erase information there, etc.

 

Intended Viruses

They look like viruses at a glance, but not quite so; they are unable to propagate because of errors. For example, a virus, “forgetting” to place a jump command to its own code to the top of file it infects, or places a jump to incorrect address, or sets the erratic address of the intercepted interrupt (which in most cases hangs the computer) etc.



The main reason of the appearance of intended viruses is incompetent re-compilation of the already existing virus, either because of insufficient knowledge of programming language, or because of not knowing of all the technical subtleties of operating system.

 


Date: 2015-12-11; view: 747


<== previous page | next page ==>
Information Retrieval | Die geographische Lage und das Klima der Ukraine
doclecture.net - lectures - 2014-2024 year. Copyright infringement or personal data (0.006 sec.)