Backdoors are hidden code installed by developers to bypass security tests, allowing hackers unauthorized access. Hackers insert hacking code as "trapdoors" to corrupt programs without security constraints. Viruses self-replicate like diseases through emails or the internet, damaging files and slowing systems. Worms spread autonomously across networks like non-parasitic structures, multiplying and damaging multiple systems. Trojan horses disguise as useful programs but install hidden code with backdoors for hackers to access systems unauthorized and steal information. Detection methods include analyzing hidden processes with System Information Utility and network connections with Netstat.
1. Backdoors:
Backdoors are that hidden code in a computer program which a developer himself installs in
the application just to avoid that part of the program to undergo the security tests repeatedly.
Actually, it is a technique implemented by the programmers to bypass the normal
authentication in a program. This, in turn, helps the hackers to hack the application with the
help of backdoors.
Now what the hackers do in general is insert the hacking code as ‘trapdoors’ (as it is often
referred to) in the program and therefore without going through any of the security
constraints, the code gets injected into the program and corrupts it. This way hackers can get
access to the system and they can make whatsoever changes they want to make inside the
program.
Virus:
Viruses are the hazardous computer programs that enter our system through unknown sources
as if emails, the Internet, etc. and harm the machine. Once it enters the system, it keeps on
self-replicating itself and spreads like a contagious disease. It can damage or corrupt the files
and important data stored on our PC and can even damage the hard drive. Not only this, it can
slow down our work machine by eating up the memory (RAM). If not detected at an earlier
stage, it can destroy the hard drive and the data eventually cannot be recovered. They are so
harmful that they can also bring an entire server down.
Worms:
Worms are like viruses; the only difference between them is that a virus requires a program to
attach itself to spread, whereas a worm can spread without any help, on its own, like a non-
parasitic structure. Worms are that malicious programs which continually keep on spreading on
the network it is a part of. They are not limited to any specific machine as the viruses are. Once
they attack the network they keep on multiplying themselves and damage the whole network
of systems. The most dangerous worm known till date is the Morris worm, which brought the
entire Internet down.
Trojan horse:
The Trojan horse is a malicious computer program, which disguises itselfas a useful or a craving
thing, and makes the user to install it in his system. The program generally is in the form of a
dubious email, where an attachment is used as a disguise to hide the Trojan code. As soon as
the user downloads this attachment, the Trojan injects itself into the system. They can also
intrude the systemin the form of backdoor, contacting a controller, which can then have
unauthorized access to the affected system.
2. Trojans are used for various purposes by the hackers. They are used to corrupt or modify data
on user’s PC, spread malware across the entire network. They are so much hazardous that with
the help of them, hackers can even steal the money by accessing the debit or credit card
information. This all can be avoided if we are able to detect Trojan early enough if our systemis
affected by it. The following are different ways of detecting this malware and getting rid of it.
Now we all know something known as Task Manager. It is the place where we can see all the
tasks and processes that are currently running. It can be accessed simply by pressing
CTRL+ALT+DEL all at once. Now, as the name suggests, task manager should consist of all the
tasks, which a program performs, but for some reasons it does not display all the active
processes and keep it hidden. This gives the maker of the Trojan horse the perfect tool to hide
their programs and not getting detected easily.
So, then how to detect these hidden programs if they cannot be detected through task
manager? The answer to this question is the System Information Utility (msinfo32.exe) that
uncovers almost every process running on the system, even those that are hidden from the
Task Manager. This way it helps in detecting the unwanted programs and processes running in
our system, which could possibly be the Trojan horse malware. We can check and go through all
the programs and can disable the suspicious one that is causing problems. Using this utility tool,
we can, not only get rid of Trojan, but also unwanted programs, which make our system slow.
The second way of detecting Trojan is the Netstat command. One of the weaknesses of Trojan
horse is that they require to communicate, either to the controller for getting unauthorized
access or with one another to spread across the network. What this does is it leaves a trail
behind which we can follow using the netstat command. The 'netstat -an' command will list all
the open connections to and from the system, along with the IP addresses of the machines
from where the connections are coming from. If we find out any connection that we cannot
recognize or is from an unknown resource, we can track down the process that is using it with
the help of another tool known as TCPView.
With the help of the above-mentioned tool, we can, not only detect the IP address of the
system, but also the program that uses the connection for communicating. Once this
information is fetched, we can locate the program and remove it with the help of an anti-virus.
3. Different modes of virus attacks:
Viruses as previously discussed are the malicious programs made by the hackers in order to
hack into our system and corrupt it by modifying the data or simply destroying it. Now, these
viruses are not of the same type. There are many different kinds of viruses which work in their
own unique way and harm our PC. Some of the viruses known globally are as follows.
Resident viruses: As the name suggests, this type of virus resides in our systemand that also in
the most important part, the RAM. As a result of this, it overcomes and violates all the tasks
that a systemexecutes. The most severe effects of this virus are that they result in corrupting
all the programs and files that are opened, closed or copied. Because these viruses reside in the
memory, most of the times they are difficult to detect and, therefore, problematic to remove.
Overwrite viruses: The basic purpose of this kind of viruses is to overwrite or delete the data on
the files that are infected by them. Once the files are deleted, it is virtually impossible to
recover it and, as a result, all our important data is lost.
File infectors: This is the most common type of viruses. The 'file infectors' virus targets any
executable file or program like .exe and when such programs are executed, this virus would
automatically get activated. Once activated, it carries out its harmful task of damaging the files
and programs on which they are attached.
Boot Viruses: These viruses are considered as one of the most dangerous types of the virus as
they attack the boot sector of the system. This means that once this virus has attacked our
system, we will be unable to start or boot it. The boot viruses attack the boot sector of the hard
drive or CD/DVD drive and, therefore, the systemwill not get past the POST (Power On Self
Test) boot stage. It is next to impossible to get rid of these viruses, but it is always possible to
avoid them by ensuring that the hard drive or CD/DVD drive is secured properly.
There are many other types of viruses like Directory virus and Macro Virus, the main purpose of
all these viruses is to somehow cause damage to our data. So what can be done to prevent
these virus attacks? Can they be prevented? As the famous saying goes, “Prevention is better
than cure”, the same applies in the case of viruses also. It is better to protect our system
against these harmful programs rather than to find a solution after they have attacked it.
Following are the various ways of preventing our PC from viruses.
1. The first and foremost way of preventing our systemis to install an anti-virus.
There are plenty of anti-viruses available in the market and some of them are also free of cost.
However, the free thing is not always we can rely on. So to protect our system from the virus
threats, one needs to purchase a licensed copy of anti-virus and install it in his system. Some
4. anti-virus automatically detects any kind of malware or virus threat in the systemand
quarantines it.
One thing which we need to make sure while using an anti-virus is to keep on updating it
whenever any new updates are available, otherwise, the anti-virus is not as effective as it
should be and viruses can easily escape from getting detected.
2. The secondwayof preventingthe virusattackisto make use of the firewall settingin ourPC.The
firewall isanapplicationwhichispre-installedinoursystemandthe onlythingwe needtodo isto
enable it.Once,the firewall isturnedon,itactslike a protective wall betweenourPCandthe outside
world.Itchecks all the connectionsthroughwhichthe datagetstransferredandblocksany
unauthorizedconnection,if any.Thisway,nosuspiciousfilescanenterourPC and itremainssafe from
the viruses.A firewall ismostcommonlyusedwheneverwe connectourPCto the Internetasthat is the
time whenmostof the unknownconnectionstake place betweenthe remote andthe hostserver.More
the connections,more the chance of virusattackingour PC.
3. This isprobablyone of the bestways of keepingthe virusawayfromoursystem, whichcanbe done
alongside scanningthe systemregularly.Whatwe cando here is,keepa tab onthe OSupdate and
wheneveranynewupdatesare available,we needtoupdate the OperatingSystem.Now,whyitisso
importantto update the OS?The reasonfor this is ourOS alsoconsistsof some loopholesandbugs,
because of whichthe viruscan intrude oursystem.Wheneverthere isanynew update of the OS,these
bugsare fixedandhence itbecomesmuchmore difficultforthe virustoattack our PC. Therefore,it is
mandatorythat we update the OS to protectour system.
There are some otherwaysalsoof restrictingthe virusattackslike toscanany external drive like USB
before insertinginourPC.Also,we can take regularbackupof our data andthenscan the whole system.
Thisway we can alsoformat the system,if needed,togetridof the viruses.