Startseite   |  Site map   |  A-Z artikel   |  Artikel einreichen   |   Kontakt   |  
  


informatik artikel (Interpretation und charakterisierung)

How to discover trojan horses


1. Java
2. Viren



Trojan Horses can inflict serious damage to a computer system. But how is it possible to detect an infection? There are different methods of finding out whether a Trojan Horse managed to infect a computer or not. One thing's for sure: if your computer begins to do funny things, without you even touching the mouse, the chances of being infected are nearly 100 percent. Harmless pranks like opening and closing the CD-ROM-tray or swapping the mouse-axis might sound funny, but unfortunately serious issues like hiding or even deleting important system-files are also possible. Therefore it is very important to always have an eye on what's going on on or off the screen. If something unordinary happens, closing the internet-connection and checking the whole system might be a good idea.

Revealing Trojan Horses is an easy task, as long certain security rules were maintained. If this is not the case, tracking down Trojan Horses might be a little bit more difficult.

Most of the revealing-methods use the so called "object comparison principal." Objects would be files or folders. The objects are being compared with themselves on a sooner or later point of time. Let's take a backup tape or a burned CD-Rom, for instance. Some of the files on the backup-media are being compared to the actual files on the computer.

If those two files differ and the file on the computer has not been modified or replaced in any way, then there's a possible infection. Since we didn't modify it in any way, the file on the system should have the exact same file-size like the one on the backup-tape. This technique should be used on every system-file, since attackers like using them to get their Trojan Horses inside a running system.

Object-comparison is an easy method to check the file-integrity, which is based on the discovery of state-modifications of files. Alternative methods variegate from simple to very difficult. The integrity of a file can be verified by checking the date of the last modification, the creation date of the file and the file-size.

Unfortunately all three methods are insufficient, since the values can be easily manipulated in one way or the other. Each time a file is modified its values change. For example, if you open a file, change it and save it, a new date for the last modification is given. This date-stamp can easily be changed, by adjusting the computer's system time, and saving the file again. Therefore using the date-stamp on files is the most unreliable method to compare objects.

Another way to verify file-integrity is to check the file-size. This method too is unreliable, since this value as well can be manipulated. It's quite easy to start with a file which has approximately 1000KB, modify it and save the same file with the exact file-size from the start.
The question, you may ask yourself now is: Is there a sufficient technique? There is. The so called MD series, which is a compilation of algorithms, uses digital fingerprints by using different algorithms. One of the favourite techniques is called MD5-Coding. See
. https://www.csie.nctu.edu.tw/document/CIE/RFC/1321/3.htm or
. https://www.kleinschmidt.com/edi/md5.htm

 
 



Datenschutz
Top Themen / Analyse
indicator Skizzieren sie den Aufbau der Zentraleinheit und beschreiben sie die einzelnen Komponenten
indicator Ansteuerung von Schrittmotoren durch einen Computer: "Wer Rechnet da ?"
indicator Spezielle Anwendungsbereiche des Internets in der Schule
indicator Netzwerke --
indicator Sperrwandler
indicator ROM :
indicator Scannertypen--
indicator COMPUTERVIREN - DAS BÖSE IST IMMER UND ÜBERALL
indicator Multimedia
indicator INTERNET:




Datenschutz
Zum selben thema
icon Netzwerk
icon Software
icon Entwicklung
icon Windows
icon Programm
icon Unix
icon Games
icon Sicherheit
icon Disk
icon Technologie
icon Bildung
icon Mp3
icon Cd
icon Suche
icon Grafik
icon Zahlung
icon Html
icon Internet
icon Hardware
icon Cpu
icon Firewall
icon Speicher
icon Mail
icon Banking
icon Video
icon Hacker
icon Design
icon Sprache
icon Dvd
icon Drucker
icon Elektronisches
icon Geschichte
icon Fehler
icon Website
icon Linux
icon Computer
A-Z informatik artikel:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

Copyright © 2008 - : ARTIKEL32 | Alle rechte vorbehalten.
Vervielfältigung im Ganzen oder teilweise das Material auf dieser Website gegen das Urheberrecht und wird bestraft, nach dem Gesetz.
dsolution