Three-pronged Trojan attack threatens security on the Internet.Written by MicroWorld Technologies Inc.
Two is company. Three is a crowd. If one is not enough, use two, if two is not enough, use three. This is credo behind co-ordinated Trojan threat looming on horizon. If you thought you've seen everything there was to see of virus threats, think again. Experts are saying this is "unprecedented", and could be next big one.
Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names of a modern day version of The Three Musketeers. These are Trojans engineered for a hacker attack that will infect computers and open them for use in further attacks.
"Combating computer viruses is essentially a game of hide and seek," says Govind Rammurthy, CEO, MicroWorld Technologies, among leading Security Solutions providers. "Hackers riding piggyback on viruses have only a short window of opportunity to maximize their gain before viruses are detected, neutralized and logged into Virus Definition databases, 'vaccinating' system against those strains.
Without continuing system vulnerability caused by virus infection there is little they can do to further their malicious ends like stealing personal information, credit card details and other sensitive and vital data. To achieve their ends they need to keep system vulnerability going for more time. This co-ordinated Trojan threat is an attempt to keep that 'backdoor' open, essentially buying time," he concludes.
Of three, Glieder leads initial charge. It sneaks past anti-virus protection to download and execute files from a long, hard-coded list of URLs and "plant" infected machine with "hooks" for future use. On Windows 2000 and Windows XP machines, it attempts to stop and disable Internet Connection Firewall and Security Center service (introduced with Windows XP Service Pack 2). Then Trojan accesses URL list to download Fantibag. The way is now paved to launch second stage of attack.
Sulabh, a tester with MicroWorld Technologies says of Fantibag, "Now Fantibag goes about attacking networking feature of infected system to prevent it from communicating with anti-virus firms and denying access to Microsoft Windows Update site. It closes your escape route by making it impossible to download an anti-virus solution and any subsequent Windows security patch to your system. Effectively it helps Mitglieder (the third stage Trojan) open 'backdoor' by shutting other doors on you."
Firewalls :::: What They Are And Why You MUST Have One!Written by Titus Hoskins
A firewall is a system or gateway that prevents unauthorized access to your computer or private network. It is usually first line of defense in protecting your private information or data. A good firewall will help protect you from malicious attacks of spyware, adware, malware, worms, trojans, and hackers.
Firewalls are security mechanisms that control who can access and send data thru your network or computer. They can be applied to both hardware and software on your computer; many systems use a combination of each for greater protection. All data or messages entering or leaving your computer has to pass thru firewall, which checks all messages and blocks those that don't meet your specified security criteria or rules.
To put it in simple terms: think of a firewall as a security guard or a security scanner for your computer or network. Anything going in or out must be checked thru this system and must obey your rules!
Of course, this is just a simple explanation, firewalls can be very complex; consisting of a whole combination of techniques that can be used in concert depending on level of security you wish to achieve.
These firewall techniques may include:
Application gateway -- places security mechanisms on specific applications (FTP, Telnet, etc.)
Packet filters -- examines each packet using your computer and accepts or rejects according to your rules
Circuit-level gateway -- security measures for such connections as TCP (Transmission Control Protocol) or UDP (User Datagram Protocol)