unit 4 security

8/8/2019 Unit 4 Security

http://slidepdf.com/reader/full/unit-4-security 1/66

1

Prepared By : Devendra Singh Tomar

[email protected]

To Get More This Type of Hand Books Contact Us at



rojans and Backdoors:

ojans can communicate in several different ways. Some use overt communications. Theseograms make no attempt to hide the transmission of data as it is moved onto or off of the victimmputer. Others use covert communications. This means that the hacker goes to lengths to hidee transmission of data to and from the victim. Many Trojans that open covert channels also

nction as backdoors. A backdoor is any type of program that will allow a hacker to connect to amputer without going through the normal authentication process. If a hacker can get a backdooogram loaded on an internal device, the hacker has the ability to come and go at will. Some ofe programs spawn a connection on the victim's computer connecting out to the hacker. Thenger of this type of attack is the traffic moving from inside out, which means from inside theganization to the outside Internet. This is typically the least restrictive, as companies are usuallyore concerned about what comes in the network as they are about what leaves the network.

2

http://hacker-dox.net/Que-Certified.Ethical.Hacker.E/0789735318/gloss01lev1sec2.html

http://hacker-dox.net/Que-Certified.Ethical.Hacker.E/0789735318/gloss01lev1sec2.html



3



4



5



Wrapper Covert Program:

6



Working of Trojans

Types of Trojans & Backdoors

e EC-Council groups Trojans into seven primary types, which is simply their way of organizingem. In reality, it's hard to place some Trojans into a single type, as many have more that one

nction. To better understand what Trojans can do, these types are outlined in the following list:emote access Trojans (RAT)ow the attacker full control over the system. Sub Seven is an example of this type of Trojan.

emote access Trojans are usually set up as client/server programs so that the attacker cannnect to the infected system and control it remotely.ata sending Trojanse idea behind this type of Trojan is to capture and redirect data. Eblaster is an example of this

pe of Trojan. These programs can capture keystrokes, passwords, or any other type oformation and redirect it to a hidden file or even email it there as a predefined email account.estructive Trojansese Trojans are particularly malicious. Hard Disk Killer is an example of this type of Trojan. Thele purpose of these types of programs is to destroy files or wipe out a system. Your only warningan infection might be that you see excessive hard drive activity or hear your hard drive makingise. However, it is most likely that by the time you realize something is wrong, your files mighteady have been wiped out.enial of service (DoS) Trojanshese Trojans are designed to cause a DoS. They can be designed to knock out a specificrvice or to bring an entire system offline.roxy Trojans

ese Trojans are designed to work as proxies. These programs can help a hacker hide and allowm to perform activities from the victim's computer, not his own. After all, the farther away thecker is from the crime, the harder it becomes to trace.

7



TP Trojansese Trojans are specifically designed to work on port 21. They allow the hacker or others toload, download, or move files at will on the victim's machine.ecurity software disablersese Trojans are designed to attack and kill antivirus or software firewalls. The goal of disabling

ese programs is to make it easier for the hacker to control the system.

Viruses and Worms:

8



9



10



11



12



13



14



15



16



17



18



19



20



21



22



23



24



25



26



27



28



29



30



31



32



33



34



35



36



37



38



39



40



41



42



43



44



45



46

Definition:

Attack through which a person can render a system unusable

or significantly slow down the system for legitimate users

by overloading the system so that no one else can use it.

Types:1. Crashing the system or network

– Send the victim data or packets which will cause

system to crash or reboot.

2. Exhausting the resources by flooding the system or

network with information

– Since all resources are exhausted others are denied

access to the resources

3. Distributed DOS attacks are coordinated denial of service

attacks involving several people and/or machines to

launch attacks



47



48



49



50

This attack takes advantage of the way in which information is

stored by computer programs .

An attacker tries to store more information on the stack thanthe size of the buffer.

How does it work?

Programs which do not do not have a rigorous memorycheck in the code are vulnerable to this attack

Simple weaknesses can be exploitedo If memory allocated for name is 50 characters,

someone can break the system by sending a fictitiousname of more than 50 characters

Can be used for espionage, denial of service orcompromising the integrity of the data

Exampleso NetMeeting Buffer Overflowo Outlook Buffer Overflowo AOL Instant Messenger Buffer Overflow

o SQL Server 2000 Extended Stored Procedure BufferOverflow



51



52



53



54



55



56



57



58



59



60



61



62



63



64



65

unit 4 security

Documents