Most hackers (and crackers) take pride in their intimate knowledge of software and systems. To most, the mere notion that they would employ trojans, backdoors or most software "aids" to gain access to remote systems is an affront to their talents and skill sets.

Still, trojans are being used to allow attackers free reign on networks and leach valuable data from PCs and servers. "True" hackers may not be using them, but someone is.

The debate, however, bears little relevance to administrators. Whether it's hackers, crackers or the oft-maligned script kiddies, administrators owe it to themselves and the safety of their networks to know what these tools are capable of and how to keep an eye out for them.

Don't let your network succumb to the whims of outsiders! See what AO members have to say about trojans.

This week's spotlight threads:
Can anybody hack without using Trojans?

alaedin wonders if hacks are possible without the use of trojans...

Can a hacker hack a PC without putting a Trojan in it?

Trojans are just tools so the "hacker" (I prefer the term cracker) doesn't have to get to involved with low-level stuff. Take, for example, sub7 (sends shivers down my spine even thinking of the l33t people that use it... muuhahaha!); you can delete, add and copy of files. Then there are other features such as remote desktop stuff. It's basically a nasty RAT (remote admin tool).

Trojan users are referred to as crackers or script kiddies, lamers, etc., which use downloadable software on the 'net that may aid them. A real hacker doesn't use trojans, but uses knowledge to bypass the computer. They think like computer and go inside the computer with the use of vulnerabilities.

...Using a firewall will protect you from those kinds of attackers will work only if it is properly configured. If you use a well-known firewall, for example, but don't know how to configure it, the firewall may help point the attacker to the weaknesses your system.

Most attackers use root kits to carry out their objectives.

Root kits tend to be defined as a suite of tools containing the following four elements:

1. Vulnerability scanner/exploiter (break in and install).
2. Tools to hide itself (run undetected, hiding network connections an all future attacker related changes to the system dynamically).
3. Backdoor(s) (assure future access).
4. Custom system components (prevent discovery via altered ls, md5sum, tripwire, ls, du, etc).

Although these tools can be more or less completely automated, they don't qualify as trojans in the strictest sense of the word since no cooperation is required by the target system's custodian/user.

Item 4 of the root kit would contain trojans of sorts, since the programs are evil under the guise of being normal utilities. This type of automated suite is most effective as it gives the attacker tremendous speed and gives the attack a high level of predictability.

I don't pretend to know the definition of "a real hacker," but I do know that efficient attackers, be they malicious or pen testers, take care to utilize the tools available to them without pride or elitism concerns.

Are attackers pouring into your systems via those nasty trojans? Join this discussion by clicking here.

What is AntiOnline?

AntiOnline (AO) is home to many of the most popular network security discussion forums online. Here, participants engage in candid, thought-provoking and enlightening exchanges on the latest hazards and how to protect your systems against them.