Re: Re:Trojan Horse Detection tools(Possibly off-topic)

From: Jon Pastore (jpastore@idetech.net)
Date: 04/13/03

Next message: Jon Pastore: "Re: Spy Software"

Previous message: SF Admin: "Re: Databases"
In reply to: Rahul Chander Kashyap: "Re:Trojan Horse Detection tools(Possibly off-topic)"
Next in thread: Jim Hull at 044: "RE: Trojan Horse Detection tools(Possibly off-topic)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Jon Pastore" <jpastore@idetech.net>
To: "Rahul Chander Kashyap" <rahul@nsecure.net>, <SECURITY-BASICS@securityfocus.com>
Date: Sun, 13 Apr 2003 08:53:36 -0400

not that I qualify as an expert in this realm but, I would suggest if you
know the language I would look for a few basic this like search for syntax
that open sockets for transmitting data... this should narrow your search or
opening file handles to places that make no sense or logging info that has
nothing to with the intended purpose of the application...

also be weary of code frmo untrusted sources it's always a good idea to have
a test enviroment like a segmented network that has nothing to do with your
production enviroment...

-Jon
----- Original Message -----
From: "Rahul Chander Kashyap" <rahul@nsecure.net>
To: <SECURITY-BASICS@securityfocus.com>
Sent: Saturday, April 12, 2003 5:42 AM
Subject: Re:Trojan Horse Detection tools(Possibly off-topic)

> Hi Sridhar,
> As far as i know, u have to go thru the whole code because a
> trojan/backdoor
> can be embedded into code very cleverly ;-) and even experts might not be
> able to detect it!
> what i wud do if i were in ur case wud be to go thru the source code of
> some
> trojans/backdoors[there are many available] and try to get an idea from
> those :-)
>
> [And yeah in case a tool to detect this exists,i'm looking forward to
it!]
>
> All the best!
> Regards,
> Rahul Kashyap
> Software Developer,
> nSecure Software (P) Ltd.
> Bangalore-71
> www.nsecure.net
> ----------------------
> Layered Defence
> ----------------------
> ------
> This message is intended for the addressee only. It may contain
> privileged or Confidential information. If you have received this
> message in error, please notify the sender and destroy the message
> immediately. Unauthorized use or reproduction of this message is
> strictly prohibited.
> ------
>
> > ----- Original Message -----
> > From: "Sridhar J" <sridhar.jayaraman@wipro.com>
> > To: <security-basics@securityfocus.com>
> > Sent: Friday, April 11, 2003 10:20 AM
> > Subject: Trojan Horse Detection tools(Possibly off-topic)
> >
> >
> > Hi all
> >
> > Are there any tools to detect Trojan horse code? Assume that I have the
> > source code, but code inspection is very cumbersome and sufficient
> > expertise is needed, which is difficult to expect from developers.
> >
> > ----------
> > Regards
> > Sridhar J
> > ----------
> > "What you do in this world is a matter of no consequence;The question
> > is, what can you make people believe that you have done."
> > --Sherlock Holmes in "A Study in Scarlet"
> >
>
>
> -------------------------------------------------------------------
> Is SPAM over-loading your e-mail server, disk space or bandwidth?
> SurfControl E-Mail Filter is flexible, intelligent and policy-driven
> protection.
> http://www.securityfocus.com/SurfControl-security-basics2
> Download your free fully functional trial, complete with 30-days of free
technical support.
> Stop SPAM before it stops you.
> -------------------------------------------------------------------
>

-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------

Next message: Jon Pastore: "Re: Spy Software"

Previous message: SF Admin: "Re: Databases"
In reply to: Rahul Chander Kashyap: "Re:Trojan Horse Detection tools(Possibly off-topic)"
Next in thread: Jim Hull at 044: "RE: Trojan Horse Detection tools(Possibly off-topic)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re:Trojan Horse Detection tools(Possibly off-topic)
... I am researching an area of concern for many companies, ... Trojan Horse Detection tools ... > what i wud do if i were in ur case wud be to go thru the source code ... which is difficult to expect from developers. ...
(Security-Basics)
Re: Class problem
... > import spam ... > eggs = spam.spam ... please post the source code and exact text of the error message. ... class ImagePyramid: ...
(comp.lang.python)
RE: [Full-Disclosure] InfoSec sleuths beware ...
... maybe that would reduce the number of stupid viruses and other malware that send out spam and pound out apache servers with tons of useless requests and fill out inboxs with spam ... as the people with real security background are working on the source code, ms should do its end users a favor and release all the source code for public review! ... > Free Color Picture Ads for Collector Cars ...
(Full-Disclosure)
Re: POS
... This is not a spam, just a 32bit written with VB 6.0 POS ... that I am giving away for free, it is not a huge app just a simple retailer ... Well first was written in VB and Source code might be available for open ...
(microsoft.public.vb.general.discussion)
Re: My VB programs
... Sample Vb apps with source code is not spam ... Veign wrote: ... Prev by Date: ...
(microsoft.public.vb.general.discussion)