Trogen horse's
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Trogen horse's

  1. #1
    Junior Member
    Join Date
    Oct 2004
    Posts
    27

    Trogen horse's

    I have been getting attacked from the internet by trogen horses and i was wandering if there is eney way i could stop them from attacking me? I have norton internet security 2004. If you need eney more info ill write back.
    There is all way\'s one way to fix a computer. Our i think sow at least

    www.americasarmy.com

  2. #2
    Senior Member
    Join Date
    May 2004
    Posts
    519
    Install a firewall and dont allow incoming connections (except needed ones). Also install a virus scanner that can detect and remove trojans etc. AVG is a good free one.... Also be wary of what you are double clicking on (you dont want to click on trojans)

    What does norton internet security 2004 have? if it has a firewall and an antivirus .. thats a good start

  3. #3
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Trojans do not attack from the internet, they attack from the inside.

    I would hazard a guess that NIS keeps popping up with some type of warning along the lines of, "sub7 trojan hourse attack detected".

    This is just the firewall part if NIS doing it's job, stopping attemps to connect to your pc. Infact they are probably not attemps to connect at all, but rather scans looking for pc's that are infected with what ever trojan. As such nothing to be alarmed about.

    On the other hand you could possibly be infected. So run some av/malware scans to be sure. Don't limit your self to just NAV, use Trend Micro's House call, an online scan.

    http://housecall.trendmicro.com/hous...start_corp.asp

    Download install and run. Spybot search and destroy, Lavasoft's Adaware, MoosoftsThe Cleaner, Tds3. These are all found easily using google. Or indead looking through some of the posts here at AO where there may already be a link.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    IMHO, the best thing is to go to the DiamondCS website and get a trial of TDS3.

    There is some useful free stuff as well, like RegistryProt

    Good luck!
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    Junior Member
    Join Date
    Oct 2004
    Posts
    27
    My norton internet security does have a fire wall and anti virus. I all sow have Lavasoft's Adaware and i have scaned with both of them and found nothen. Two of the trogens horse's that have attacked me are (Backdoor/Subseven Trojan horse) and (Back Orifice 2000 Trogen horse). Thanks for your help sow far.
    There is all way\'s one way to fix a computer. Our i think sow at least

    www.americasarmy.com

  6. #6
    Senior Member
    Join Date
    May 2004
    Posts
    519
    remember to keep your Antivirus uptodate to dude or it is useless

  7. #7
    Junior Member
    Join Date
    Oct 2004
    Posts
    27
    My Antivirus is uptodate.
    There is all way\'s one way to fix a computer. Our i think sow at least

    www.americasarmy.com

  8. #8
    Junior Member
    Join Date
    Oct 2004
    Posts
    27
    Could'ent i just block the IP adress's ???
    There is all way\'s one way to fix a computer. Our i think sow at least

    www.americasarmy.com

  9. #9
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Could'ent i just block the IP adress's ???
    If you try to do that for each ip address that NIS reports an attempt to connect from you will spend the rest of your life putting ip addresses into the blocked part of the firewall.

    As long as you are confident that you have a clean pc, what you see reported from your firewall is just noise from the internet and nothing to worry about.

    Let me explane how a trojan like sub7/back orifice works. There are two parts to a remote access trojan. The client and the server. The server needs to be installed on a targets pc, the client needs to be on the bad guys pc.

    So having installed the server part of the trojan on a target the bad guy neads to connect to the server useing the client on his pc, from here he can carry out his hacking activities. Now it is not that easy to target a particular pc. The best way to install a trojan on a target is to send the server to as many pc's as possible. In the hopes that at least one numb nut will actually install it.

    Not knowing which pc has the server installed, the hacker will have to find that pc. He does this by scanning a whole range of ip addresses untill he finds an ip address with the server active on it. He can then connect and do his stuff.

    What your firewall is alerting you to, is the fact that some one is scanning a range of ip addresses, one of which is yours. That does not mean you are being attacked, just that someone is looking for someone to attack.

    Hope this helps you some......................................................................................................................................................................And if anyone picks me up on useing the H word, i will rip your arms of and beat you with the soggy end
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  10. #10
    Junior Member
    Join Date
    Oct 2004
    Posts
    4
    If you have a firewall and an up to date AV, then the AV should be able to delete the trojan, because both of them are awfully old i believe, but since that doesnt work, i found a few websites to help you remove them. Be sure to be careful when editing the registry.
    Sub7 Removal
    A few tools

    Back Orfice

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides