Trojans/ Backdoors - My observations

[mosad2]

nice tut slarty
it really revealed alot of unquestioned things
aabout windows
u cant stop a trojan using a software
as most up to date trojans contain a feature to kill AVs and firewalls while starting up!
most of ppl see that Norton,Macafee r good antiviruses
but in deed they r not
i can say they r useless
the best antivirus when dealing with trojans outhtere is kaspersky!
iit's not well known but it has a huge databases
let's say that a trojan was realesed yesterday
u found ur kaspersky detecting it
while when it comes to norton or macafee
it takes ages
about a month or something!
second if u wanna stop a trojan it requieres knowledge about ur own programs and thier ports
means u use the netstat to check ur pc's state
and then block unknown or ports u suspect!
iam telling u this from a trojaner perspectice


about linux
i believe that linux isnot more secure than windows
the prob is windows has so many enemies waiting for the first fall to attack!!!!
as we c out there most exploits r for linux
and linux backdoors r much more dangerous than windows backdoors!
rootkits and other maliscous software
linux is just hacker friendly
maybe it gives u more control upon ur system
but this doesnt mean it's more secured than windows

by the way no need to flame for what i said about linux
i know there r a lot of linux lovers here

at the end
we come to one thing
Nothing is called complete security
there must be a hole as software is made by humans
and it's well known for everyone that only humans make errors

[Sm0kinP0t]

Hmmm... the ideia of "forging" a netstat.exe then uploading it to replace the real one on the victim comp is a great scheme. I think it only lacks perfection because the user's box must have been already compromised or he has to download it.

Didn't really know about it, nice going

[homenet]

I think the point here is that their is no deffenete "fix" for security problems. The best way to protect yourself is to use a varity of solutions. Their is no point in saying switch to linux because a lot of people, myself included either prefer windows or have to use it for a particular aplication. I`ve tried a lot of diffrent solutions and the best i`ve come up with so far is to use linux as a firewall and to route my internet connection to the other computers running windows. Then to run a virus scanner and spy ware remover program every day or two on my windows boxes. So far i have not had any infections what so ever and with the linux firewall set up right when i portscan my network from outside it is as if it didn`t exsist.
You just have to try diffrent solutions untill u find the one that suits your network or computer the best.

anyway thats just my 2 cents..

[slarty]

Originally posted here by mosad2

u cant stop a trojan using a software

No, that's not what I meant. I didn't mean you can't stop *a* trojan, I meant you can't stop *all* trojans. The ones that are the most commonly used by script kiddies are in AV databases and can be stopped.

as most up to date trojans contain a feature to kill AVs and firewalls while starting up!

Yes, but they can't kill an AV if it kills them first.

most of ppl see that Norton,Macafee r good antiviruses
but in deed they r not
i can say they r useless

No. They are NOT USELESS. They are very useful at stopping viruses.

the best antivirus when dealing with trojans outhtere is kaspersky!
iit's not well known but it has a huge databases
let's say that a trojan was realesed yesterday
u found ur kaspersky detecting it

No. No virus checker can detect a brand new trojan crafted for the purpose.

Slarty

[mosad2]

@ slarity
i agree to what u said
but u have to pay attention that a trojan can be detected when it's wide spread
while most of hackers prefer to use thier own tools including trojans!

about the antivirus killing feature
i have used so many trojans
i can say when u bind ur trojan
the AV cant detect it ,then the trojan is excuted
and it kills the Av everytime the pc boots up
sure antiviruses can kill them first but this work with old versions of trojans

about Norton and macafee
i meant by useless when it comes to trojans not viruses
sure they can stop a wide range of viruses

about kaspersky
i think u have to give it a try
just try it and u will c
it's sufficient
at least for me

peace out

[isabyon]

Originally posted here by Shakira
Are you suggesting that we should discard our firewall totally?

I also heard some posters telling us Zone Alarm sucks. I wonder whether these posters are trying to ask people to switch to other firewalls because they discover that they could not hack those who are using Zone Alarm.

It is very difficult to tell who is telling the truth in the forum if you are a newbie like me who has a lot to learn about network security.

ZoneAlarm is great for the newbie, it is easy to use and install.
Only there are some bad things about ZoneAlarm,
1) some earlier versions did not protect a win98 pc before the logon (ZoneAlarm says it does, but some members here tested it and protection was not like it should have been)
2) it is a resource eater
3) it triggers on to many things, if you are going to react on every thing ZoneAlarm sees as an incoming attack then you are going to react a lot. This however can be solved by reading ZoneAlarm's output exactly.

On the other hand ZoneAlarm does it's job. On application and port level.

There are alternatives: sygate, outpost,...
however those are less 'newbie user friendly'.

About telling the truth, unless there are very evil and wicked members , I think you can trust some of the (more mature?) senior members from the early forum days.