Module 6: Trojans and Backdoors

Overview

Cheat Sheets

It was that time of the month again when adrenaline could be sensed in the sales department. With each passing day, the ferocity with which spreadsheets were looked up at, frowned at or even sweared at, looked similar to a trading floor. Phil was not particularly happy with his. This would be a do or die situation for him to get that coveted raise he had always worked for.

It would not have been bothersome for him but for Eric, who had joined the department recently and had an impressive track record. What was it about him that made closing a deal look so effortless? It irked Phil that Eric might actually be on top of him this time in the final race. Was there some way he could get his hands on Eric's figures? ...

Who was it that said "Everything is fair in love and war"?

Eric worked from the cubicle that was next to Phil's. So, it did not seem out of turn for Phil to walk in the next morning and ask Eric if he could use his system for a couple of minutes as his system would not boot. The systems guy was tied up for another hour and he had some urgent mail to attend to. As expected, Eric readily accommodated and logged off to grab a cup of coffee. Phil moved in for the kill.

He logged in and loaded his little Trojan surprise. He then saved in at the C: \ (System root) and renamed it as excel.exe. Maybe he would learn a trick or two.

Which vulnerability do you think Phil took advantage of? Would a key logger have been a better option for Phil? How can Eric ensure that his system or data are not compromised?

Module Objectives

• Terms of reference for various malicious code

• Defining Trojans and backdoors

• Understanding the various backdoor genre

• Overview of various Trojan tools

• Learning effective prevention methods and countermeasures

• Overview of Anti-Trojan software

• Learning to generate a Trojan program