Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.4  Attacks

Previous Topic/Section
What Can I Do to Prevent DDoS Attacks?
Previous Page
Pages in Current Topic/Section
1
Next Page
What’s a Rootkit?
Next Topic/Section

1.4.2  Backdoors

A backdoor is a deliberate configuration or specific program designed to allow access to a system without requiring the usual security checks. This doesn’t necessarily mean it’s solely for a hacker’s benefit. A system administrator may indeed leave a backdoor into all client PCs that he installs for users just in case they inadvertently lock themselves out. However, the type of backdoor we are concerned with here is the malicious kind.

Malicious backdoors range from simple to complex and feature-laden. One of the simpler backdoors is NetBus, a Trojan (see section 1.5) that allows complete remote access to any system it’s installed on. It provides a remote-control type desktop, much like PCAnywhere or Microsoft Terminal Services, giving an attacker complete control over a machine as if they were physically in front of it. NetBus is relatively unsophisticated though, and easy to detect.

A far more complete backdoor package is BackOrifice. BackOrifice even provides a configuration screen where you select the modules you wish to include and the overall configuration of listener ports, behavior, etc. When you’ve set your configuration, BackOrifice builds a custom executable for you to distribute as you wish.

There are a wide range of modules available for BackOrifice, including port mappers, remote control, key capturing and application binding (where your BackOrifice executable attaches itself to system files like a virus).

Back Doors

A backdoor is a program or deliberate machine configuration designed to allow an unauthorized attacker access to a system without the usual security checks, such as user authentication. Malicious backdoors include the NetBus and BackOrifice programs.


Quick navigation to subsections and regular topics in this section



Previous Topic/Section
What Can I Do to Prevent DDoS Attacks?
Previous Page
Pages in Current Topic/Section
1
Next Page
What’s a Rootkit?
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.