Page 137 - DCAP516_COMPUTER_SECURITY
P. 137
Unit 11: Threats in Network
words. Another form of password cracking attack is ‘brute force’ attack. In this form of Notes
attack, all possible combinations of letters, numbers and symbols are tried out one by one
till the password is found out. Brute force attacks take much longer than dictionary attacks.
Another popular password cracking utility is called Brutus. Brutus has both dictionary
attack as well as a brute force attack capabilities. Users can customize the brute force attack
depending on any information that they may have about the password that they are
trying to crack.
6. Buffer Overflow: Also known as buffer overrun, input overflow and unchecked buffer
overflow, this is probably the most common way of breaking into a computer. It involves
input of excessive data into a computer. The excess data “overflows” into other areas of the
computer’s memory. This allows the hacker to insert executable code along with the
input, thus enabling the hacker to break into the computer.
7. Trojans: The term Trojan has an interesting history. In the 12th century BC, Greece declared
war on the city of Troy. The dispute erupted when the prince of Troy abducted the queen
of Sparta and declared that he wanted to make her his wife. This angered the Greeks and
especially the queen of Sparta. The Greeks tried for ten years but met with no success as
Troy was very well fortified. In the last effort, the Greek army pretended to be retreating,
and left behind a huge wooden horse. The people of Troy saw the horse, and, thinking it
was some kind of a present from the Greeks, pulled the horse into their city, unaware that
the hollow wooden horse had some of the best Greek soldiers sitting inside it. Under the
cover of night, the soldiers came out and opened the gates of the city, and together with
the rest of the army, killed the entire army of Troy. Similar to the wooden horse, a Trojan
horse program pretends to do one thing while actually doing something completely
different.
The following are the most common types of Trojan horses:
(a) Remote Administration Trojans (RATs): These are the most popular Trojans. They let a
hacker access the victim’s hard disk, and also perform many functions on his computer
for example, shut down his computer, open and close his CD-ROM drive etc. A
Remote Administration Trojan gives the hacker complete control over the victim’s
computer, while Password Trojans search the victim’s computer for passwords and
then send them to the hacker. Modern RATs are very simple to use. They come
packaged with two files - the server file and the client file.
Some Trojans are limited by their functions, but more functions also mean larger
server files. Some Trojans are merely meant for the attacker to use them to upload
another Trojan to his target’s computer and run it; hence they take very little disk
space. Hackers also bind Trojans into other programs, which appear to be legitimate
e.g. a RAT could be bound with an e-greeting card.
Notes Most RATs are used for malicious purposes, to irritate, scare people or harm
computers. There are many programs that detect common Trojans. Firewalls and anti-
virus software can be useful in tracing RATs.
Remote administration Trojans open a port on user’s computer and bind themselves
to it. Then, once someone runs his client program and enters the victim’s IP address,
the Trojan starts receiving commands from the attacker and runs them on the victim’s
computer.
Some Trojans let the hacker change this port into any other port and also put a
password so only the person who infects the specific computer will be able to use
LOVELY PROFESSIONAL UNIVERSITY 131
