Die Phoenix sal weer opstaan….

Die post word opgedra aan my laptop.

(My comper sal weer uit die as opstaan soos die Legendariese en Mysteriese Phoenix)
(Drawing – Photoshop/Bamboo drawing pen )

(Voorstelling van die wurms in my comper – sy veg om aan die gaang te bly, maar daar is net te veel)
(Drawing – Photoshop/Bamboo drawing pen )

(The “wooden horse” from the 2004 film Troy, preserved on the seafront at Çanakkale, Turkey. Digital photo by myself, 20th october 2004)

 

Daar is soveel veskillende virusse op die internet op die oomblik, dis iets om van naar te kan word. Ek gee nie rerig om op die oomblik of dit bedoel was om goed te doen nie, ek weet net dit is besig om my lewe nie beter te maak maar net slegter. Ek kan nie my rekenaar op die oomblik eers aan kry nie. Met verdere navorsing het ek ook uit gevind hoekom my blogs weg is, iemand het my rekenaar via die virus gehack, of access tot my rekenaar gekry. Dus was dit vir iemand sekerlik n moerske joke om my files te delete, gelukkig het ek meerderheid van die foto’s reeds om dvd geback-up, maar die teks is basies verlore. Ek moet nou deur al my internet banking details gaan en dit moet nou alles verander word, basies enige iets wat ek via die internet gedoen het wat my persoonlike inligting benodig het moet ek of kanseleer of verander. die snaakse ding is dat ek die tipe dinge weet en nou dat dit met my gebeur het voel ek so kwaad vir myself dat ek dit toegelaat het. Ek moes net meer sterker anti-virus programme opgelaai het. Maar nou ja dus nou verby. Ek het my komper gevat laat hulle haar probeer red, of dit wat kan gered word. Ek sal maar nou vir my n rerige sterk anti-virus program moet installeer. Ek sal nie te gereeld op my blog kan wees tot ek my komper terug het nie, maar ek sal probeer gereeld na n PC Bang (PC Room) toe gaan om al die interesante blogs te lees.

Groete vir eers.

Ek het die volgende inligting op Wikipedia, the free encyclopediagekry en ek weet dus baie om te lees, maar lees dit asb. Die verduidelik die simptome van jou rekenaar indien daar n virus op is.

 

Trojan Horse

”This article refers to a form of malware in computing terminology.

In the context of computer software|computing and software, a ”’Trojan horse”’, also known as a  ”trojan”, is a piece of malware which appears to perform a certain action but in fact performs many different forms of codes. Therefore, a computer worm or virus may be a Trojan horse.  The term is derived from the classical story of the Trojan Horse. 

 

In the field of computer architecture, ‘Trojan Horse’ can also refer to security loopholes that allow kernel code to access anything for which it is not authorized.{{Fact|date=June 2008}}

 

==Origin of the term==

 

The word ‘Trojan horse’ is generally attributed to Daniel Edwards of the [[NSA]]. He is given credit for identifying the attack form in the report “Computer Security Technology Planning Study”.<ref>{{Citation|first=James P.|last=Anderson|title=Computer Security Technology Planning Study|year=1972|pages=62|url=http://seclab.cs.ucdavis.edu/projects/history/papers/ande72.pdf|format=[[PDF]]}}</ref> The term comes from analogy to an episode during the legendary [[Trojan War]], as mentioned in [[Iliad|Homer's Iliad]] and [[Odyssey]] and Virgil’s [[Aeneid]]: worn out by the long siege, the attacking Greeks built a giant wooden horse, ostensibly a peace offering, and pretended to sail away, but in fact left soldiers hidden inside the statue. After the Trojans brought the horse inside the city walls, the soldiers emerged, opened the gates to the Greek armies, and sacked the city of Troy.

 

A classic example is due to computer pioneer [[Ken Thompson]] in his 1983 [[Association for Computing Machinery|ACM]] [[Turing Award]] [[Reflections on Trusting Trust|lecture]].  Thompson noted that it is possible to add code to the [[UNIX]] “login” command that would accept either the intended encrypted [[password]] or a particular known password, allowing a back door into the system with the latter password. Furthermore, Thompson argued, the [[List of compilers|C compiler]] itself could be modified to automatically generate the rogue code, to make detecting the modification even harder.  Because the compiler is itself a program generated from a compiler, the Trojan horse could also be automatically installed in a new compiler program, without any detectable modification to the source of the new compiler.<ref>{{cite conference|first=Ken|last=Thompson|title=Reflections on Trusting Trust|booktitle=1983 Turing Award Lecture|publisher=ACM|date=October 1983|url=http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf|format=[[PDF]]}}</ref>

 

==Example==

 

The simple example of a Trojan horse would be a program named “waterfalls.scr” whose author claims it is a free waterfall screensaver.  When run, it instead unloads hidden programs, commands, scripts, or any number of commands with or without the user’s knowledge or consent. Malicious Trojan Horse programs are often used to circumvent protection systems in effect creating a vulnerable system to allow unauthorized access to the user’s computer. Non-malicious Trojan Horse programs are used for managing and forensics.

 

==Types of Trojan horse payloads==

Trojan horse payloads are almost always designed to do various harmful things, but can also be harmless. They are broken down in classification based on how they breach and damage systems. The six main types of Trojan horse payloads are:

 

* Remote Access

* Data Destruction

* Down loader

* Server Trojan(Proxy, FTP , IRC, Email, HTTP/HTTPS, etc.)

* Security software disabler

* [[Denial-of-service]] attack (DoS)

 

Some examples of damage are:

* Erasing or overwriting data on a computer

* Trojan Horse repeatedy keeps returning no matter what on the victim’s computer

* Encrypting files in a [[Cryptovirology|cryptoviral extortion]] attack

* Corrupting files in a subtle way

* Upload and download files

* Copying fake links, which lead to false websites, chats, or other account based websites, showing any local account name on the computer falsely engaging in untrue context

*Showing fake downloads of software movies, games, porn videos and porn websites, that you did not download nor go on.

* Allowing remote access to the victim’s computer. This is called a RAT ([[Remote administration tool|remote access trojan]])

* Spreading other malware, such as [[computer virus|viruses]]: this type of Trojan horse is called a ‘dropper’ or ‘vector’

* Setting up networks of [[zombie computer]]s in order to launch [[DDoS]] attacks or send [[spamming|spam]].

* Spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on [[spyware]])

* Making [[screenshot]]s

* [[keystroke logging|Logging keystrokes]] to steal information such as passwords and [[credit card]] numbers

* [[Phishing]] for bank or other account details, which can be used for criminal activities

* Installing a [[Backdoor (computing)|backdoor]] on a computer system

* Opening and closing CD-ROM tray

* Playing sounds, videos or displaying images.

* Calling using the modem to expensive numbers, thus causing massive phone bills.

* Harvesting e-mail addresses and using them for [[spamming|spam]]

* Restarting the computer whenever the infected program is started

* Deactivating or interfering with anti-virus and firewall programs

* Deactivating or interfering with other competing forms of malware

* Randomly shutting off the computer

* A virus

 

==Methods of deletion==

 

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files file and deleting it manually ( safe mode is recommended ). Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, booting the computer from alternate media(cd) may allow an antivirus program to find a trojan and delete it. Updated [[anti-spyware]] programs are also very efficient against this threat.

 

==Disguises==

Most varieties of Trojan horses are hidden on the computer without the user’s awareness.  Trojan horses sometimes use the Registry, adding entries that cause programs to run every time the computer boots up.  Trojan horses may also work by combining with legitimate files on the computer.  When the legitimate file is opened, the Trojan horse opens as well.

 

==How Trojans work==

 

Trojans usually consist of two parts, a Client and a Server. The server is run on the victim’s machine and listens for connections from a Client which is used by the attacker.

 

When the server is run on a machine it will listen on a specific port or multiple ports for connections from a Client. In order for an attacker to connect to the server they must have the [[IP Address]] of the computer where the server is being run. Some trojans have the [[IP Address]] of the computer they are running on sent to the attacker via email or another form of communication.

 

Once a connection is made to the server, the client can then send commands to the server; the server will then execute these commands on the victim’s machine.

 

Today, with NAT infrastructure being very common, most computers cannot be reached by their external ip address. Therefore many trojans now connect to the computer of the attacker, which has been set up to take the connections, instead of the attacker connecting to his or her victim. This is called a ‘reverse-connect’ trojan. Many trojans nowadays also bypass many personal firewall installed on the victims computer. (eg. Poison-Ivy)

 

Trojans are extremely simple to create in many programming languages. A simple Trojan in Visual Basic or C# using Visual Studio can be achieved in 10 lines of code or under.

 

==References==

==External links==

 

* [http://www.governmentsecurity.org/archive/t2812.html Creating a basic Trojan in Visual Basic]

 

* [http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99&tabid=3 How to manually get rid of a trojan backdoor] Symantec

 

* [http://www.trojanhorsefacts.com Trojan Horse Facts]