|
|
|
  |
Did you say I had a RAT in my computer?RATs or Remote Access Trojans are a class of malware that does not always receive the amount of attention that it should. In part one, a Trojan was briefly defined as a program that pretends to be desirable program. Beyond that, Trojans often are added on to a desirable program so that when you run the desired program it runs as normal and the Trojan program runs in stealth mode on you computer. But I did not bring the horse into the houseA good example of how Trojan programs are installed is peer-to-peer file sharing products such as Kazza. Kazza and many, if not all, of the peer-to-peer file sharing products install one or more Trojan programs during their installation. If you attempt to uninstall the Trojan program, the 'desired' program will no longer run. In the case of the Kazza product, the operators of the Kazza network gain complete control over any computer on which it is installed. Their intent is to be able to sell computer time on the largest distributed computer network in the world. The problem is that the network consists of systems that have been unwittingly volunteered by their owners and operators. This network of computers could be used to crack secure keys in just days or perhaps launch denial of service attacks against any site in the world. Tell everyone about meOther Trojan programs go beyond giving third parties access to the system. These programs actually actively transmit data from the infected system to other sites. These programs are constantly sending information about web surfing activities to advertising sites so that these sites will know what advertisements to present to you as you surf the web. While my personal opinion is that the companies that participate in this are providing a 'service' that we do not really need, this use of a RAT is rather benign. The worst use of RATs will provide all types of personal and sensitive information to people who only want to use it for nefarious purposes. This information can easily include bank account numbers and passwords, credit card numbers, social security numbers and the personal information required to enable the receiver to use the ill-gotten information. Allowing a RAT on your system is just like leaving the door to you house unlocked and wide open. Call the exterminatorUntil recently, RATs did not receive much attention from anyone. The anti-virus vendors did not bother to do anything to detect them and the anti-spyware products were a hit or miss proposition as to their actually usability. (It would be good to note that many of the free adware/anti-spyware products are themselves Trojan spyware products. Again always be sure you are dealing with a reputable company before downloading and installing software and remember, while you may not always get what you pay for, you will never get anything good that you did not pay for.) Currently the major anti-virus vendors are enhancing their products to detect spyware and there are a couple of good commercial spyware detection products available. Firewalls to the rescueA firewall that can be configured to prevent unexpected access to the internet can do a lot to minimize damage done by spyware and remote access Trojan programs. All of these programs will attempt to connect to a remote site on the internet to deliver their information. If the firewall does not allow the connection, then the information cannot be transmitted to the recipient. |
|
Copyright 2003-2004 - SOHO Technology Solutions, LLC
Web Hosting provided by DotNetPark Original URL: |
