Several techniques have been devised to penetrate computer systems. These includes: guessing passwords, exploiting software bugs, Trojan horses, buffer overflow attack, address spoofing, Address Resolution Protocol (ARP) cache poisoning, fake ICMP (Internet Control Management Protocol) or RIP(Routing Information Protocol) packets, SYN flooding, Ping of death, TCP session hijacking, UDP spoofing, Remote Procedure Calls, etc.
Each of them has a way through which an unauthorized user can penetrate a system. However there is this one which have attracted and gained my interest, Trojan horse. It has prompted me to dig deeper and unfold what surrounds how it works and executes itself in the host computers and I`m going to look at its brief history as to how it came about.
The ancient Greeks have had wars with the Trojans for years without any conclusion. After ten years into the Trojan War, the Greeks ships were sent away. This made the Trojans believe that the Greeks had surrendered. However they had left behind a giant wooden horse, which the Trojans dragged into their walled city. At night, the Greeks hiding inside the wooden horse slipped out, killed the Trojans and set ablaze the city.
In computing what is a Trojan horse? A Trojan horse is a program that masquerades (pretends) as another, trusted, program with the aim of capturing some information i.e. username and passwords and sends them back to its source.
The classic Trojan horse was a program that would display a login prompt, leading the user to believe that a computer (or terminal) was unused and awaiting a user login. The unwary user would enter his credentials (login name and password). The program would then stash them in a file or send them out via a network connection and then exit, printing a login incorrect message and executing the real login program. The user would simply assume that a mistake has been made, enter the credentials again (this time to the real program), and continue with life, unaware that his login name and password were compromised.
More recently, Trojan horses have appeared in the form of exploitations of Microsoft
Internet Explorer to redirect traffic to different ip addresses. A novel form of a Trojan horse was exposed in November of 2004, also targeting Microsoft Internet Explorer and Windows xp sp2. In this attack, the dialogue window that warns users that they may be downloading malicious content could be disguised so that the unwitting user will click on an innocuous-looking message only to install harmful software on the computer.
System Protections and Firewall, Paul Kryzynowski
Firewalls and Internet Security, William R. Cheswick and Steven M. Bellovin, Addison-
Wesley © 1994 AT&T Bell Laboratories.