Hacking For Beginners – Manthan Desai
2010
Mode of Transmission for Trojans
Reverse Connection in Trojans
Reverse-connecting Trojans let an attacker access a machine on the internal network from the outside. The Hacker caninstall a simple Trojan program on a system on the internal network. On a regular basis (usually every 60 seconds), theinternal server tries to access the external master system to pick up commands. If the attacker has typed something intothe master system, this command is and executed on the internal system. Reverse WWW shell uses standardHTTP. It’s dangerous because it’s difficult detect - it looks like a client is browsing the Web from the internal network
Now the final part ….
Detection and Removal of Trojans
The unusual behavior of system is usually an indication of a Trojan attack. Actions/symptoms such as,
• Programs starting and running without the User’s initiation .• CD-ROM drawers Opening or Closing.• Wallpaper, background, or screen saver settings changing by themselves.• Screen display flipping upside down.• Browser program opening strange or unexpected websites
All above are indications of a Trojan attack. Any action that is suspicious or not initiated by the user can be an indicationof a Trojan attack.One thing which you can do is to check the applications which are making network connections with other computers.One of those applications will be a process started by the Server Trojan.
www.hackingtech.co.tv
Page 47