Hi all
What is a Backdoor?
How does it work?
How to find out the Backdoor present in the system? Both Unix and Windows.
Stay Tuned
Printable View
Hi all
What is a Backdoor?
How does it work?
How to find out the Backdoor present in the system? Both Unix and Windows.
Stay Tuned
Hi all
What is a Backdoor?
How does it work?
How to find out the Backdoor present in the system? Both Unix and Windows.
Stay Tuned
A backdoor is basically a very generic term for a way for an intruder to get in to another system. It can work in a number of ways, either being left in code, or a trojan, etc. Well, you last question is a little tougher. If the backdoor is a trojan, then chances are it will show up on a virus scan. But if it is embedded in the code of a legitimate app (wasnt there one in redhat a couple years ago, pirhana or something?) then you might have a problem, because it will be a little harder to find. Google it. Sorry, i gotta go to school.
slick
A backdoor is basically a very generic term for a way for an intruder to get in to another system. It can work in a number of ways, either being left in code, or a trojan, etc. Well, you last question is a little tougher. If the backdoor is a trojan, then chances are it will show up on a virus scan. But if it is embedded in the code of a legitimate app (wasnt there one in redhat a couple years ago, pirhana or something?) then you might have a problem, because it will be a little harder to find. Google it. Sorry, i gotta go to school.
slick
It's the same as a house. A house has a front door. This door is usually well protected and locked. The backdoor is sometimes left open.
But seriously :) it's a small program that listens on a certain port and it gives the bad guys a way to enter your system without being blocked by the normal security measures.
There's a way to find out what port is 'listening'. You can use the same command on *nix and windows:
netstat -an look for ports that have the status LISTEN.
It's the same as a house. A house has a front door. This door is usually well protected and locked. The backdoor is sometimes left open.
But seriously :) it's a small program that listens on a certain port and it gives the bad guys a way to enter your system without being blocked by the normal security measures.
There's a way to find out what port is 'listening'. You can use the same command on *nix and windows:
netstat -an look for ports that have the status LISTEN.
So, If i see some suspecious ip as LISTENING, how do I stop it ?
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
So, If i see some suspecious ip as LISTENING, how do I stop it ?
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
It depends what is listening. On windows you'll need a utility called fport. On Freebsd (maybe linux too) you can use the command sockstat. Both commands will tell you the process that is listening on that port.Quote:
These are the states a tcp connection can be in.Quote:
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
http://support.microsoft.com/default...;EN-US;q137984
http://www.faqs.org/docs/iptables/tcpconnections.html
It depends what is listening. On windows you'll need a utility called fport. On Freebsd (maybe linux too) you can use the command sockstat. Both commands will tell you the process that is listening on that port.Quote:
These are the states a tcp connection can be in.Quote:
1 more total newbie question :
What do u mean by LISTENING, TIME_WAIT, ESTABLISHED, and CLOSE WAIT ?
http://support.microsoft.com/default...;EN-US;q137984
http://www.faqs.org/docs/iptables/tcpconnections.html