how can i detect trojan activity?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: how can i detect trojan activity?

  1. #1
    Senior Member
    Join Date
    Feb 2004
    Posts
    197

    Question how can i detect trojan activity?

    Hi

    I was wondering if any of you have a tool or program that can detect when a file or program acceses another program that has internet privleges ,and can detect other suspicious activities





  2. #2
    Senior Member
    Join Date
    May 2003
    Posts
    407
    you mean like a firewall?



    slick
    \"Look, Doc, I spent last Tuesday watching fibers on my carpet. And the whole time I was watching my carpet, I was worrying that I, I might vomit. And the whole time, I was thinking, \"I\'m a grown man. I should know what goes on my head.\" And the more I thought about it... the more I realized that I should just blow my brains out and end it all. But then I thought, well, if I thought more about blowing my brains out... I start worrying about what that was going to do to my goddamn carpet. Okay, so, ah-he, that was a GOOD day, Doc. And, and I just want you to give me some pills and let me get on with my life. \" -Roy Waller

  3. #3
    Senior Member
    Join Date
    Feb 2004
    Posts
    197
    no some firewalls have that component but i want a program just for that

  4. #4
    Junior Member
    Join Date
    Mar 2004
    Posts
    19
    Your profile says you're using windows, so here goes:

    You should get a decent firewall (like what slick8790 says) with a good report-generating feature. Try to search here at antionline and you'll see some useful info about what might be of service to your needs.

    Also try to to get TaskInfo at http://www.iarsn.com/taskinfo.html . I find it very useful and informative, a lot better than the usual task manager. It will tell you what's hogging the resources and where those files are located (correct me if im wrong, but win taskmanager wont tell you the path of the process file).

    If you're on a network, and you're on the server which shares internet on LAN, try using LanScan Network Monitor at http://www.lanscan.com . It will tell you which computer on the network is hogging the bandwidth and on what site they are connected to. I find lanscan very useful in concern to administering correct bandwidth usage on a network.

    hope this helped.

  5. #5
    Senior Member
    Join Date
    Feb 2004
    Posts
    197
    is there any (small sized ) anti trojan anti hacker firewall that you know of that can work with zone alarm

  6. #6
    Junior Member
    Join Date
    Mar 2004
    Posts
    1
    Hi,

    Though this isn't exactly what you're looking for, but I find it handy.

    It alerts you when a program makes a change to the registery, as many trojans will do and gives you the choice to delete the string, or keep it.

    Regprog

    You can set it to run at start up, and its free

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi,

    Take a look at:

    http://digilander.libero.it/zancart

    Winsonar

    I usually relate connectivity to firewalls like the rest of the guys have suggested........this one looks at background systems that start running?

    Cheers

  8. #8
    Junior Member
    Join Date
    Mar 2004
    Posts
    19
    "anti trojan anti hacker firewall" - there was once a place called paradise

    if this will be a server which you wont use for development or any other purpose other than just being a fulltime server, then you dont have to worry much about trojans.

    as for the anti hacker part, that's kinda hard haven't heard of anything like that yet.

    i'm using zone alarm in one of my webservers and it's doing pretty much of a good work. Although I'm not very happy with its report generation.

    also, putting 2 firewalls together on the same box is not always the trend. you should pick two firewalls which you know will work with each other seamlessly (i find that hard to find). and you also need to let them run under close supervision because they will probably mess with each other (i tried zone alarm and norton firewall, they messed up).

    best method for you as i think, just put an auto-updating antivirus (almost all commercial ones are), put a hardware firewall (costly though) and then keep watch

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    coolfuse,

    You might try ZoneLog Analyser 1.19

    http://www.zonelog.co.uk

    I think that is the link?............it works alongside Zonealarm and provides detailed reporting.

    Cheers

  10. #10
    Junior Member
    Join Date
    Mar 2004
    Posts
    19
    nihil: yeah i used ZoneLog Analyzer before and with some reason, i stopped using it (i forgot what was it). i better install it again and check it out again. thanks for refreshing my mem. now, im using tiny PF on my new server. seems better than ZA, but thats just me.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •