Security Basics mailing list archives
Re: Re:Trojan Horse Detection tools(Possibly off-topic)
From: "Jon Pastore" <jpastore () idetech net>
Date: Sun, 13 Apr 2003 08:53:36 -0400
not that I qualify as an expert in this realm but, I would suggest if you know the language I would look for a few basic this like search for syntax that open sockets for transmitting data... this should narrow your search or opening file handles to places that make no sense or logging info that has nothing to with the intended purpose of the application... also be weary of code frmo untrusted sources it's always a good idea to have a test enviroment like a segmented network that has nothing to do with your production enviroment... -Jon ----- Original Message ----- From: "Rahul Chander Kashyap" <rahul () nsecure net> To: <SECURITY-BASICS () securityfocus com> Sent: Saturday, April 12, 2003 5:42 AM Subject: Re:Trojan Horse Detection tools(Possibly off-topic)
Hi Sridhar, As far as i know, u have to go thru the whole code because a trojan/backdoor can be embedded into code very cleverly ;-) and even experts might not be able to detect it! what i wud do if i were in ur case wud be to go thru the source code of some trojans/backdoors[there are many available] and try to get an idea from those :-) [And yeah in case a tool to detect this exists,i'm looking forward to
it!]
All the best! Regards, Rahul Kashyap Software Developer, nSecure Software (P) Ltd. Bangalore-71 www.nsecure.net ---------------------- Layered Defence ---------------------- ------ This message is intended for the addressee only. It may contain privileged or Confidential information. If you have received this message in error, please notify the sender and destroy the message immediately. Unauthorized use or reproduction of this message is strictly prohibited. ----------- Original Message ----- From: "Sridhar J" <sridhar.jayaraman () wipro com> To: <security-basics () securityfocus com> Sent: Friday, April 11, 2003 10:20 AM Subject: Trojan Horse Detection tools(Possibly off-topic) Hi all Are there any tools to detect Trojan horse code? Assume that I have the source code, but code inspection is very cumbersome and sufficient expertise is needed, which is difficult to expect from developers. ---------- Regards Sridhar J ---------- "What you do in this world is a matter of no consequence;The question is, what can you make people believe that you have done." --Sherlock Holmes in "A Study in Scarlet"------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free
technical support.
Stop SPAM before it stops you. -------------------------------------------------------------------
------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- Trojan Horse Detection tools(Possibly off-topic) Sridhar J (Apr 11)
- Re: Trojan Horse Detection tools(Possibly off-topic) Devdas Bhagat (Apr 14)
- <Possible follow-ups>
- Re: Trojan Horse Detection tools(Possibly off-topic) H Carvey (Apr 12)
- Re: Trojan Horse Detection tools(Possibly off-topic) Jim McCaw (Apr 12)
- Re:Trojan Horse Detection tools(Possibly off-topic) Rahul Chander Kashyap (Apr 12)
- Re: Re:Trojan Horse Detection tools(Possibly off-topic) Jon Pastore (Apr 14)
- RE: Trojan Horse Detection tools(Possibly off-topic) Jim Hull at 044 (Apr 14)
- Re:Trojan Horse Detection tools(Possibly off-topic) Sridhar J (Apr 15)