Hacking For Beginners – Manthan Desai

2010

You also can use the software named process explorer which monitors the processes executed on the computer with itsoriginal name and the file name. As there are some Trojans who themselves change their name as per the system processwhich runs on the computer and you cannot differentiate between the Trojan and the original system process in the taskmanager processes tab, so you need PROCESS EXPLORER.

TCP (Transmission Control Protocol) view

• TCP View is a Windows program that will show you detailed listings of all TCP (Transmission Control Protocol) and UDP(User Datagram Protocol) endpoints on your system, including the local and remote addresses and state of TCPconnections.• On Windows NT, 2000, and XP, TCP View also reports the name of the process that owns the endpoint.• Active connections will appear in Green Color. You can always Right Click on the check the properties the application.• Once you have got hold of the Trojan application, you can Kill the active connection and the running process and thendelete the physical application file. This will make you recover from the attack of Trojan.

Countermeasures for Trojan attacks

Most commercial antivirus programs have Anti-Trojan capabilities as well as spy ware detection and removalfunctionality. These tools can automatically scan hard drives on startup to detect backdoor and Trojan programs beforethey can cause damage. Once a system is infected, it’s more difficult to clean, but you can do so with commerciallyavailable tools. It’s important to use commercial applications to clean a system instead of freeware tools, because manyfreeware removal tools can further infect the system. In addition, port monitoring tools can identify ports that have beenopened or files that have changed.

The key to preventing Trojans and backdoors from being installed on a system is to not to install applications downloadedfrom the Internet or open Email attachments from parties you don’t know. Many systems administrators don’t give usersthe system permissions necessary to install programs on system for the very same reason.

www.hackingtech.co.tv

Page 48