-
Java Backdoor
I have been trying to learn bout the security of computers and all. Mostly not to attack someone but to protect myself. I came across an article at astalavista.com and it was talking about how you can create a Java trojan. Basicly it was saying you can open a backdoor through Java and a webpage, and that if anyone goes to your page will have that backdoor open. I was wandering if this was really possible and if so how could i protect myself? I am sorry if this question has already been asked and answered but I am really curious.
:jester:KloWn:jester:
-
Hello KloWn,
I personally have not heard of that particular java backdoor you are referring too... Could you please post the link where you find it?
However, I have seen some malicious java code that sent certain information to a server...But at the moment I don't remember if they were applets or applications. If you are worried about mischievous java applets...then I suggest you disable java in your browser.
Although, there have been several exploits that allowed crafty webmasters/designers to either steal files or infect your computer.
For Example: I remember an exploit called Cuartango's window... which used some clever JavaScript and forms to upload files from a visitors computer. For example...a web designer could use Cuartangos window to steal your Windows Password File. This exploit is old, and patches have been released.
Another Example: There were several virii that exploited two Active X controls, which took the form of .HTA files, and I believe it was possible to become infected by visiting certain web sites.
My point being… is that if you are worried about getting infected with a backdoor then don’t “stray from the worn path” and stick to sites that you KNOW are safe. Otherwise your gonna have to “roll the dice and take your chances.” ;)
I wouldn’t worry about it too much, do a periodic check on your OS startup locations and make sure nothing peculiar is executing…stay current on virus news and virus scanner definitions, and you should be ok. :)
Is it possible? In the computer world ANYTHING is possible… :)
I hope you found this helpful and if you have further questions on the topic feel free to post them!! :)
-
Thanks
Thanks a lot that helped me out some. I didnt know that there was exploits that could be accessed with Java scripts and all. I guess its now time for me to check into it all. Well either way thanks
:jester:KloWn:jester:
-
Heh. I just use Opera, since I trust the smaller company over the humungous-bloatware IE. I mean, they keep trying to add so many 'integration' features and 'stability-comes-second-to-eyecandy' stuff...
You can download opera without Java support, which is what I did. So far I can't say I'm really missing anything, Java isn't a large or important part of my browsing experience.
-
Oh yeah something else
Thanks... I'm glad you found that helpful
Here's something silmilar I forgot to mention:
There has been a recently discovered exploit for Internet Explorer 5.5 and 6 that allows EXE's to appear to be text files and if you choose to Open it from its current location it will execute without a security warning. :) (It was discovered by a subscriber to the Vuln-Dev mailing list available at SecurityFocus.com)
Just something else I forgot to mention :)
Good Luck in your studies!! :)
-
Opera
Hey where can I get opera like whats thier website? and thanks for all of your help yall...
:jester:KloWn:jester:
-
Opera
Opera can be found here: http://www.opera.com/ .... Although Opera is a better browser...don't let it give you a false sense of security. All browsers have there bugs, Just some more than others ;)
Stay current on Security News :) "An Ounce of Prevention Is Worth A Pound Of Cure"