WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.4  Attacks
           9  1.4.2  Backdoors

Previous Topic/Section
What’s a Rootkit?
Previous Page
Pages in Current Topic/Section
1
Next Page
 How Do We Stop Back Doors?
Next Topic/Section

How Do Backdoors Get Onto a System?

Generally, backdoors can appear on a system when an attacker does one or more of the following:

  • Exploits an OS or application bug on the target system, to transfer a file to that system, then run the file to create the backdoor.

  • Sends an email that the user is tricked into opening. Opening the email runs the program that creates the backdoor. (With some email clients, just previewing a malicious message may be all it takes to install a back door).

  • Replaces a legitimate copy of a program available for download by the Internet, by one with backdoor functionality, which is unwittingly downloaded by users and installed.

  • Includes undocumented backdoor functionality in a purportedly legitimate application. When that application is installed, the back door is as well.

    Figure 8: A computer used for non-business use can become infected with a back door.

     

Frequently overlooked as sources of backdoor access, user-installed applications that have legitimate purposes can be misused by unauthorized users. As we mentioned at the beginning of this section, not all backdoors are developed or installed by those with malicious intent. Nevertheless, a user who installs VNC on his office computer so that he can access his desktop machine from home creates an inviting target for an attacker, especially if he has not configured a session password. NetCat, a network administration tool, can also become a potential backdoor. With a single command under Windows, it’s possible to get NetCat to bind a command shell to a port so that incoming telnet sessions on the port receive a DOS prompt as if they were sitting at the local machine. Legitimately installed network diagnostic tools can be quickly turned against the infrastructure by an attacker.

Figure 9: Once a back door is installed a secure tunnel through a firewall can give a black hat an ‘in’ which cannot be discovered due to the encryption.

 

Previous Topic/Section
What’s a Rootkit?
Previous Page
Pages in Current Topic/Section
1
Next Page
 How Do We Stop Back Doors?
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.