specifically used to detect the Trojan. Detection process performed by scanning the open ports. Trojans open the specified port as a back street (backdoor) to attack the target. One example is the Anti-trojan trojan scanner. Trojan Scanner examined by conducting the process:
• port scanning,
• check the registry,
• check the hard drive. If found the Trojan, so the handlers with several options to remove the Trojan.
Handling (Recovery) If the computer has found the existence of a hacking by the Trojan, then delete or close the facility sharing is not enough. Because an attacker can easily create another path (backdoors) into the system or modify the operating system for himself. Therefore there is only one real way to secure something that system, namely to re-install using the original program. This will be delivered the following description of the steps required in order to cure / healing of a system. The steps required are as follows.
Handling (Recovery) If the computer has found the existence of a hacking by the Trojan, then delete or close the facility sharing is not enough. Because an attacker can easily create another path (backdoors) into the system or modify the operating system for himself. Therefore there is only one real way to secure something that system, namely to re-install using the original program. This will be delivered the following description of the steps required in order to cure / healing of a system. The steps required are as follows.
Isolating infected computers. To isolate the computer, then all contact with the machine should be resolved, either by Internet or local network. Removing the network cable and turn off the modem working. This means deciding the relationship between the computer with the attacker. Some people think that letting cable modems remain connected and in standby condition has been to isolate a computer. In some cases these assumptions are not true. Because these conditions allow a computer to stay connected to the network. Trojan Detection and Handling
Find serious problems. If a computer is connected in a network then there are some risks that must be faced. The risk faced include:
• duration of the security exploits that are unknown,
• type of tissue used,
• use and maintenance of anti-virus or firewall,
• assurance that a program will be installed has not changed.
Starting with the cleaning process Use and ensure that the program will use the original. The cleaning process begins with data backup, then reformat the hard drive and reinstall the program. In handling the necessary procedures for data backup:
• let go of relationships with other networks,
• to copy data files to the floppy or CD, and ensures that program files were not copied,
• provide a label or writing to the data that have been infected and store in a safe place.
4. Securing the system and use additional software After performing the cleaning process, then in the computer security patches required to install anti-virus software, advanced trojan scanner or firewall which serves to secure the system. The operating system used to use the automatic update facility to update the system.
5. Restore backup data After the installation process and setting all the software is completed, the next process is to put back the data that has been in the backup. Before data is saved back to the computer, it needs cleaning and remove all forms of infection. After completion, the computer is ready for use again for surfing. A lot of knowledge that must be known to ensure that during use the Internet free from external attack or other infections.
0 comments: on "Trojan Detection and Handling"
Post a Comment