Page 138 - DCAP516_COMPUTER_SECURITY
P. 138
Computer Security
Notes the Trojan. In some cases, the creator of the Trojan also puts a backdoor within the
server file itself so that he is able to access any computer running his Trojan without
the need to enter a password. This is called a backdoor within a backdoor.
(b) Password Trojans: Password Trojans search the victim’s computer for passwords and
then send them to the attacker or the author of the Trojan. Whether it is an Internet
password or an email password there is a Trojan for every password. These Trojans
usually send the information back to the attacker via E-mail.
(c) Privileges-Elevating Trojans: These Trojans are usually used to fool system
administrators. They can either be bound into a common system utility or pretend
to be something harmless and even quite useful and appealing. Once the administrator
runs it, the Trojan gives the attacker more privileges on the system. These Trojans
can also be sent to less-privileges users and give the attacker access to their account.
(d) Key Loggers: These Trojans are very simple. They log all of the victim’s keystrokes
on the keyboard (including passwords), and then either save them on a file or e-mail
them to the attacker. Key loggers usually do not take much disk space and can
pretend to be as important utilities, thus making them very hard to detect.
(e) Destructive Trojans: These Trojans can destroy the victim’s entire hard drive, encrypt
or just scramble important files. Some destructive Trojans work like joke programs,
while they are actually destroying every file they encounter.
8. Viruses: Another type of major threat – the computer virus – can also cause damage by
destroying or altering data on a computer. Hackers traditionally did not write computer
viruses because of the lack of control over the virus. The very nature of a virus is that it is
self-replicating, and once released it propagates on its own. Viruses require some human
intervention to spread, such as sending an infected file to another user, or simply opening
an e-mail attachment to trigger the propagation.
Basically, a virus is a computer program that is able to attach itself to other documents and
to move from computer to computer. Such a document may be an executable program,
e-mail or any piece of information that resides on user’s computer, including the small
programs that exist in the boot sector of every floppy or hard disk.
These programs are harmful and not beneficial; even if the virus has no payload (the part
of a virus that contains code to either multiply itself and or to destroy something) it is an
unwelcome visitor and takes up system’s resources.
For most viruses, when the program with the virus attached is run, the viral code goes into
memory and stays there for as long as the computer is turned on. In some cases even if the
user restarts the computer the virus stays in memory. To spread itself, a virus first attaches
itself to other programs, documents with macros, e-mail or other disks as they are accessed.
Then, if the circumstances are correct for a particular virus, it activates and causes the
damage it was designed to do. This may range from a simple message on user’s screen to
complete erasure of hard disk.
Usually, the spread of viruses often is accelerated because of the behaviour of computer
users. The ‘Kournikova’ or ‘I Love You’ viruses are prime examples of this. By enticing
human curiosity, to lure users in opening mail with promising pictures or other material
is something a virus protection program cannot guard against. However, it is not only by
e-mail that viruses get spread. The classic file attachments, macro code inside documents,
or extensible to binary programs are also important vehicles for a virus. It is also believed
that virus protection companies themselves create viruses to keep them in business.
132 LOVELY PROFESSIONAL UNIVERSITY
