Startseite   |  Site map   |  A-Z artikel   |  Artikel einreichen   |   Kontakt   |  
   
  •  
    Biologie
    Themen der Chemie
    Deutsch online artikel
    Englisch / Englische
    Franzosisch
    Geographie
    Geschichte
    Informatik
    Kunst
    Mathematik / Studium
    Musik
    Philosophie
    Physik
    Recht
    Sport
    Wirtschaft & Technik



    Biographie

    Impressum

informatik artikel (Interpretation und charakterisierung)

How to discover trojan horses


1. Java
2. Viren



Trojan Horses can inflict serious damage to a computer system. But how is it possible to detect an infection? There are different methods of finding out whether a Trojan Horse managed to infect a computer or not. One thing's for sure: if your computer begins to do funny things, without you even touching the mouse, the chances of being infected are nearly 100 percent. Harmless pranks like opening and closing the CD-ROM-tray or swapping the mouse-axis might sound funny, but unfortunately serious issues like hiding or even deleting important system-files are also possible. Therefore it is very important to always have an eye on what's going on on or off the screen. If something unordinary happens, closing the internet-connection and checking the whole system might be a good idea.

Revealing Trojan Horses is an easy task, as long certain security rules were maintained. If this is not the case, tracking down Trojan Horses might be a little bit more difficult.

Most of the revealing-methods use the so called "object comparison principal." Objects would be files or folders. The objects are being compared with themselves on a sooner or later point of time. Let's take a backup tape or a burned CD-Rom, for instance. Some of the files on the backup-media are being compared to the actual files on the computer.

If those two files differ and the file on the computer has not been modified or replaced in any way, then there's a possible infection. Since we didn't modify it in any way, the file on the system should have the exact same file-size like the one on the backup-tape. This technique should be used on every system-file, since attackers like using them to get their Trojan Horses inside a running system.

Object-comparison is an easy method to check the file-integrity, which is based on the discovery of state-modifications of files. Alternative methods variegate from simple to very difficult. The integrity of a file can be verified by checking the date of the last modification, the creation date of the file and the file-size.

Unfortunately all three methods are insufficient, since the values can be easily manipulated in one way or the other. Each time a file is modified its values change. For example, if you open a file, change it and save it, a new date for the last modification is given. This date-stamp can easily be changed, by adjusting the computer's system time, and saving the file again. Therefore using the date-stamp on files is the most unreliable method to compare objects.

Another way to verify file-integrity is to check the file-size. This method too is unreliable, since this value as well can be manipulated. It's quite easy to start with a file which has approximately 1000KB, modify it and save the same file with the exact file-size from the start.
The question, you may ask yourself now is: Is there a sufficient technique? There is. The so called MD series, which is a compilation of algorithms, uses digital fingerprints by using different algorithms. One of the favourite techniques is called MD5-Coding. See
. http://www.csie.nctu.edu.tw/document/CIE/RFC/1321/3.htm or
. http://www.kleinschmidt.com/edi/md5.htm

 
 




Datenschutz

Top Themen / Analyse
Skizzieren sie den Aufbau der Zentraleinheit und beschreiben sie die einzelnen Komponenten
Ansteuerung von Schrittmotoren durch einen Computer: "Wer Rechnet da ?"
Spezielle Anwendungsbereiche des Internets in der Schule
Netzwerke --
Sperrwandler
ROM :
Scannertypen--
COMPUTERVIREN - DAS BÖSE IST IMMER UND ÜBERALL
Multimedia
INTERNET:





Datenschutz

Zum selben thema
Netzwerk
Software
Entwicklung
Windows
Programm
Unix
Games
Sicherheit
Disk
Technologie
Bildung
Mp3
Cd
Suche
Grafik
Zahlung
Html
Internet
Hardware
Cpu
Firewall
Speicher
Mail
Banking
Video
Hacker
Design
Sprache
Dvd
Drucker
Elektronisches
Geschichte
Fehler
Website
Linux
Computer
A-Z informatik artikel:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

Copyright © 2008 - : ARTIKEL32 | Alle rechte vorbehalten.
Vervielfältigung im Ganzen oder teilweise das Material auf dieser Website gegen das Urheberrecht und wird bestraft, nach dem Gesetz.