Trojan Horses are relatively new and probably the most dangerous strain of virus that had appeared in recent times. There are now more than one thousand in circulation ,including modifications and variants. They also threaten to control systems that only run anti-virus applications and firewalls as a means of combating the threat. Today's Trojans as they are commonly referred to as, have now attained such a degree of sophistication that they pose a real threat to any user who hasn't taken adequate precautions to protect their data.
In the IT environment, the Trojan Horse acts as a means of entering the user's computer undetected and then allowing a remote user unrestricted access to any data stored on the user's hard disk drive whenever user goes online. In this way, the user gets burned and may only discover that fact when it is too late.
Virtually every Trojan virus is comprised of two main parts. These are the called the "server" and the other, the "client". It is the server part that infects a user's system.
Once infected, the computer becomes accessible to any remote user, usually referred to as a "cracker" or "intruder", that has the client part of the Trojan. That person can perform any action that the user can. The intruder can also steal passwords in order to gain access to restricted information or to password protected web sites as well.
What problems can a Trojan Horse cause?
Suppose that you have already been infected. How do intruders attack and get a full control of your computer?
Mostly every Trojan virus has two functional parts called the server and the client. The server part is the part of the program that infects a victim's computer. The client part is the one that allows a hacker to manipulate data on the infected machine.
Intruders scan the Internet for an infected user (technically speaking, an attacker sends request packets to all users of a specific Internet provider) using the client part of the virus. Once an infected computer has been found (the server part of the virus that is located on infected machine replies to client part's request) the attacker connects to that user's computer and creates a "link" between the two just like the one in an ordinary telephone conversation. Once that has happened (this procedure may only take a few seconds), the intruder will be able to get unrestricted access to the user's computer and can do anything he likes with it. The intruder becomes the master and the user the slave because short of disconnecting from the Internet, the user is helpless and has no means at his disposal to ward off an attack.
Intruders can monitor, administer and perform any action on your machine just as if they were sitting right in front of it.
A Trojan Horse works a bit like the backdoor to your house. If you leave it unlocked, anybody can come in and take whatever they want while you're not looking. The main difference with a backdoor installed on your computer is that anybody can come in and steal your data, delete your files or format your hard drive even if you are looking. There are no visible outward signs that anything untoward is happening other than perhaps unusual hard disk activity for no apparent reason.
A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided. Webopedia defines a worm as: "A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down." Their impact is similar to computer viruses.
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely.
Worms are self-propagating computer viruses.
A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files.
Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going.
People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending e-mails with viruses as attachments in the e-mail.
What are the differences between Trojan horses, Worms and viruses
Seems like there's no shortage of confusing terminology in the computer biz. With the advent of computer viruses over recent years, we've spawned even more terminology that often seems only to make things less clear.
And then recently it looks like we can't even spell! I mean, really ... "phishing"? What's that all about?
The good news is that it's not really that difficult. Let's run down the terms.
Virus: we've all heard this one too often lately. In a sense, "virus" is the root definition of the things we'll talk about here.
A virus in the human body is an organism that replicates (makes copied of) itself and overwhelms the body's own defenses making it sick. Human borne viruses can spread in several ways from person-to-person. Depending on the type of virus it catching it could be as simple as breathing the same air as an infected person. It might require direct contact, or it might require an even more direct transfer of, say, blood.
The term "virus" when applied to computers sounds very similar. A computer virus:
is a program - really, that's all any of this is. A virus is just a computer program. It's written by some individual or individuals, presumably with the intent of spreading and causing grief.
makes the infected computer "sick" - in the computer sense, "sick" can mean poor performance, crashes, lost files and data, or more.
replicates itself - just like you can copy a file from one disk to another, and now have copies on both disks, a computer virus is in part defined by its ability to make copies of itself. Typically the copies aren't on the infected computer, but rather on other computers, which leads us to the last characteristic...
infects other computers - exactly how depends on the virus, of course, but another key defining point for a computer virus is that it can spread, on its own.
Worm: technically, a worm is a virus that does no direct damage to the computer it's infected. In reality, worms can cause a great deal of trouble merely by getting passed from one computer to many others, and can clog up a network very quickly.
Unfortunately there isn't necessarily agreement on that definition. At least one other resource I've seen states that a) a Worm does cause damage to the infected system, and b) worms and viruses differ from how they are transmitted: a worm is a stand-alone program, while a virus propagates by attaching itself to another program.
Trojan Horse: a program that claims to be one thing, but is, in fact, another. A trojan horse is not a virus, per se, but may carry them. For example many people consider Kazaa, the music sharing software, a trojan horse because it carries with it a bunch of spyware. There are trojans that claim to be patches for a problem, often arriving in email, that are in fact spyware and virus installers.
Phishing: I think of phishing as a kind of email trojan horse. It's email that looks like it comes from some official site such as your bank, Paypal or eBay, but in fact it comes from someone pretending to be them. They'll ask you to go visit a site, or provide some information, looking very official and proper, except that the site is not what you think, and the information you give them allows them to steal your credit card or identity.
The bottom line, of course is that we all need to keep aware of these issues and act accordingly. We shouldn't have to, of course; hackers shouldn't exist and operating systems and other software should simply protect us. But the pragmatic reality of the situation is that we do need to keep our guard up.
How do I keep myself safe form viruses?
1. Install and Run an Anti-Virus Program
2. Update the Anti-Virus Database
3. Run Regular Scans
4. Keep Windows Up-To-Da
These are common in website/domain hacking
b) Why there should be a Network security policy in place in all the nerworked companies?
The goals of this network security policy are:
* To establish University wide policies to protect the University's networks and computer systems from abuse and inappropriate use.
* to establish mechanisms that will aid in the identification and prevention of abuse of University networks and computer systems.
* to provide an effective mechanism for responding to external complaints and queries about real or perceived abuses of University networks and computer systems.
* to establish mechanisms that will protect the reputation of the University and will allow the University to satisfy its legal and ethical responsibilities with regard to its networks' and computer systems' connectivity to the worldwide Internet.
* to establish mechanisms that will support the goals of other existing policies.