|Read this whole guide offline with no ads, for a low price!|
Use coupon code "certiguide" to save 20%!
|Need more practice? 300 additional Security+ questions!|
|Get It Here!|
How Do Backdoors Get Onto a System?
Generally, backdoors can appear on
a system when an attacker does one or more of the following:
- Exploits an OS or application bug on the target
system, to transfer a file to that system, then run the file to create
- Sends an email that the user is tricked into
opening. Opening the email runs the program that creates the backdoor.
(With some email clients, just previewing a malicious message may be
all it takes to install a back door).
- Replaces a legitimate copy of a program available
for download by the Internet, by one with backdoor functionality, which
is unwittingly downloaded by users and installed.
- Includes undocumented backdoor functionality
in a purportedly legitimate application. When that application is installed,
the back door is as well.
Figure 8: A computer used for non-business use can become infected with a back door.
Frequently overlooked as sources
of backdoor access, user-installed applications that have legitimate
purposes can be misused by unauthorized users. As we mentioned
at the beginning of this section, not all backdoors are developed or
installed by those with malicious intent. Nevertheless, a user who
installs VNC on his office computer so that he can access his desktop
machine from home creates an inviting target for an attacker, especially
if he has not configured a session password. NetCat, a network administration
tool, can also become a potential backdoor. With a single command under
Windows, its possible to get NetCat to bind a command shell to
a port so that incoming telnet sessions on the port receive a DOS prompt
as if they were sitting at the local machine. Legitimately installed
network diagnostic tools can be quickly turned against the infrastructure
by an attacker.