Trojan Horse And Salami Attack<br />Name:NurRidwan bin Kuwat<br />Group Member:Tonyak Albert Mani<br />CrishtoperakSumping<br /> Many ak Thomas<br />
What is Trojan Horse?<br />Trojan Horses are a type of computer program that appear to perform a certain function, but actually perform other, often malicious, actions. They differ from traditional viruses because they do not have the means to automatically replicate. Trojan horses can be classified based on how they breach and damage systems. They are primarily used for unauthorized remote access, mass-mailing spam, data destruction, file transfer, toll-line dialing, and denial-of-service attacks.<br />http://articles.winferno.com/antivirus/trojan-horse/<br />
Example Of Trojan Horse<br /><ul><li>Bifrost is a backdoor trojan horse family of more than 10 variants which can infect Windows 95 through Vista. Bifrost uses the typical server, server builder, and client backdoor program configuration to allow a remote attacker, who uses client, to execute arbitrary code on the compromised machine (which runs the server whose behavior can be controlled by the server editor).
http://en.wikipedia.org/wiki/Bifrost_(trojan_horse)</li></li></ul><li>History Of Trojan Horse<br /><ul><li>A trojan Horse virus is so called because of its reference to the Greek legend of Troy.
The legend goes that a large wooden horse was left outside the gates of Troy as a peace offering from the Greeks, whom the trojans were at war with. Once inside, the horse burst open to reveal Greek soldiers who then destroyed the city.</li></li></ul><li>What Is Salami Attack?<br />A salami attack is a programmed attack which is implemented in small (meant to be unnoticeable) increments. Because it is occurring in small increments it is easily concealed. http://wiki.answers.com/Q/How_the_salami_virus_attack<br />
How Salami Attack?<br />In the salami technique, cyber criminals steal money or resources a bit at a time. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program, into the bank’s servers, that deducts a small amount of money (say Rs. 5 a month) from the account of every customer. No account holder will probably notice this unauthorized debit, but the cyber criminal will make a sizable amount of money every month.<br />http://blog.appinonline.com/hacking/salami-attack.htm<br />
What is Virus?<br />In computers, a virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD. The immediate source of the e-mail note, downloaded file, or diskette you've received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting. A virus that replicates itself by resending itself as an e-mail attachment or as part of a network message is known as a worm. <br />http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213306,00.html<br />
What Is Worm?<br />In a computer, a worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when theiruncontrolled replication consumes system resources, slowing orhalting other tasks.<br />http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213386,00.html<br />
Different of Computer Worm<br /><ul><li>IRC Worms
Chat channels are the main target and the same infection/spreading method is used as above - sending infected files or links to infected websites. Infected file sending is less effective as the recipient needs to confirm receipt, save the file and open it before infection will take place.
Copies itself into a shared folder, most likely located on the local machine. The worm will place a copy of itself in a shared folder under a harmless name. Now the worm is ready for download via the P2P network and spreading of the infected file will continue.