Examples of Trojan Horse
• Back Orifice
– Produced by the “Cult of the Dead Cow”
– Win95/98 is vulnerable
–Toast of DefCon 6
– Similar operation to NetBus
– Name similar to MS Product of the time
OB Protocol Example:
• M$ Rootkit
– Integrates with the NT kernel
– Very dangerous
– Virtually undetectable once installed
– Hides from administrator as well as user
– Private TCP/IP stack (LAN only)
• iSpyNOW
– Commercial
– Web-based client
• AssassinTrojan
– Custom builds may be purchased
–These are not found by virus scanners
– Firewall circumvention technology
• Hardware
– Key loggers
– More advanced.
• MagicLantern
– FBI developed
– Legal grey area (until recently!)
– Split virus checking world