Trojan horse or Trunyan horse (Troy) , or better known as a Trojan in the computer security refers to a form of suspicious software (malicious software / malware) that can damage a system or network. The purpose of the Trojan was to obtain information from the target (passwords, user habits recorded in the system log, data, etc.), and control target (gain privileges on the target).
Trojan different from other types of suspicious software such as computer viruses or worms. because Trojan has the following properties:
- Trojan is "stealth" (invisible and not seen) in its operations and are often shaped as if the program is a good program, while a computer virus or worm to act more aggressively by destroying the system or create a system to crash.
- Trojans controlled from another computer (computer attacker).
Use of the term Trojan or Trojan horses intended for insertion of malicious code and damage in a good program , as on the Trojan War, the Spartan soldiers hiding inside the Trojan Horse that is intended as a dedication to Poseidon. Trojan Horse Trojan according to officials considered harmless, and allowed to enter the fort Trojan that can not be penetrated by Greek soldiers for more than 10 years of turbulent Trojan war.
Most Trojans now in the form of an executable file (*. EXE or *. COM in Windows and DOS operating system or program with a name that is often executed in the UNIX operating system, such as ls, cat, etc.) are incorporated into systems penetrated by a cracker to steal important data for the user (password, credit card data, etc.). Trojans can also infect the system when users download the applicationfrom a source that can not be trusted in Internet network. These applications to have Trojan horse code that is integrated within itself and allow a cracker to be able to mess up the system in question.
Types of Trojans
Several types of Trojans in circulation include:
- Thieves password: Type Trojan can find passwords that are stored in the operating system (/ etc / passwd or / etc / shadow in the UNIX family of operating systems or file Security Accounts Manager (SAM) in Windows NT family of operating systems) and will send it to the original attacker. In addition, this type of Trojan is also able to fool the user to make an appearance as if he is a login screen (/ sbin / login in or Winlogon.exe UNIX operating system in Windows NT operating system) and wait for the user to enter a password and send it to attackers. Examples of this type is Passfilt Trojan that acts as if he is Passfilt.dll file originally used to add security passwords in the Windows NT operating system, but the abused becomes a password stealing program.
- Recording keystrokes (keystroke logger / keylogger): Type this Trojan will monitor all typed by the user and will send it to the attacker. This species differs with spyware, even though these two things do similar things (to spy on users).
- Remote Administration Tool (Remote Administration Tools / RAT): This type of Trojan allows attackers to take over full control to the system and do whatever they want from a distance, such as formatting a hard disk, steal or delete data, etc. . Examples of this are the Back Orifice Trojan, Back Orifice 2000, and SubSeven.
- DDoS Trojan or Zombie Trojans: This type of trojan is used to make an infected system in order to do a distributed denial of service attacks against target hosts.
- There is again a kind of Trojan that mengimbuhkan itself to a program to modify the workings of the program that diimbuhinya. Types of Trojan is called a Trojan virus.
Arista Prasetyo Adi (07.01.53.0215)
Reza Aditya Nirbaya (07.01.53.0009)
