Cybersecurity Curriculum: Defending Against Trojan Horses, Spyware, and Adware

Flashcards to review concepts related to defending against Trojan Horses, Spyware, and Adware.

What are some typical actions Trojan Horses take?

Delete files, spread other malware, launch DDoS attacks, search for personal information, install back doors.

Name some notorious Trojan Horses.

Back Orifice, Anti-Spyware 2011, Sheldun, Brain Test, FinFisher, NetBus, FlashBack, GameOver Zeus, Linux Trojan Horses, Portal of Doom.

How does Back Orifice work?

Allows control over TCP/IP, is self-installing, can be attached to legitimate applications, doesn't appear in the task list, and is best removed through the registry.

How does NetBus work?

Similar to Back Orifice, only works on port 20034, simple to check for infection, removal through the registry, and has an easy-to-use GUI.

What are some capabilities of the Portal of Doom Trojan Horse?

Open/close CD tray, shut down system, open files/programs, access drives, change passwords, log keystrokes, take screenshots.

What are some symptoms of a Trojan Horse infection?

Home page changes without user action, password/username/account changes, screen saver changes, mouse setting changes, and devices working on their own.

What technological measures can be taken to prevent Trojan Horses?

Use antivirus software, firewalls, and intrusion detection systems.

What policy measures can be taken to prevent Trojan Horses?

Never download unsafe/unexpected attachments, close unused ports, avoid downloading browser skins/toolbars/screen savers/animations, scan downloads before use, be cautious of hidden file extensions.

What are the two methods to remove Gator (Adware)?

Add/remove programs and the registry.

What are some concerns regarding RedSheriff (Spyware)?

Uncertainty about what data is collected and negative reactions to website monitoring.

What are two popular antispyware applications?

Spy Sweeper and Zero Spyware.

What are some antispyware policies that can be implemented?

Avoid downloading unsafe attachments, configure browser to block cookies (especially third-party), block scripts without user awareness, utilize pop-up blockers.

What types of downloads should be avoided if their safety is uncertain?

Applications, browser skins, screen savers, and utilities.

What ports are used by Back Orifice?

31337 and 31338

What is the best way to protect against Trojan Horses and Spyware?

Virus scanners and appropiate policies

Why is adware more of a nuisance than a real security threat?

There is a threshold of adware that can make a system unusable