November 13, 2006

How Trojan hacks your system

Nowadays, the number of Trojan software used to intrude to PC is much more than before, and their ability, functionality, and danger are all increased. Many people even never notice while their PC been intruded. Thus, here i want to share some tips for reference.

To protect our home, we need to erect a fence and a door. PC has its own door too, namely port. When we surf online, chat with others, emailing, etc. we need to use a protocol called TCP/IP protocol. Most of the communications on the Internet is based on this TCP/IP protocol. If Internet is a highway, then your computer will be the house beside the highway, and you need a door (port) to enter this house, and TCP/IP protocol is your vehicle.

Computer has 256 x 256 doors, which from 0 to 65535 doors, and TCP/IP called it “port”. When you are emailing, the email software in your computer sends data out through port 25, and when you receive a mail, your email software will get it from port 110. Now, when you are reading this article, your computer open port 80 to get this article from my site to your screen. A newly installed PC will open its port 139, and it is for your to connect to Internet. Hackers are not God, they also need to pass through certain port to enter to your computer.

Then how a hacker get into your PC? Of course, they are also using TCP/IP to pass through a port and entering into your PC. If your computer have “content sharing” for files and folders is set to on, then hackers can go into your PC through port 139, beware. Windows has bugs, no matter how long is your password set for your content sharing, hackers need only few seconds to go into your “house”. Therefore, for security purpose, do not set “content sharing” to allow others to share your files in your PC.

Except port 139, if you do not leave any other port open, a hacker can’t intrude your PC. Then how a hacker intrude your PC? The answer is, using a Trojan software. For example, a classic Trojan software named netspy.exe. If you execute this program, it will request Windows Operating system to execute it every time you start your PC. If netspy.exe has been executed, it will open port 7306. And the hackers can go into your PC through this opened port.

The only reason why people create Trojan Horse software is to hack systems. It hides and works silently in your PC, and will not leave any trace on your screen. Microsoft Windows, by default does not contain any network monitoring software. Thus, to find out the track of trojan software or hacker’s track, a third party software is needed.

General thumb rule is to have a good browsing practice. Always use firewalls. Never download anything from unknown sites. Update your copy of OS regularly. Patch it when needed. Use Antispy and Antivirus softwares regularly.

Happy Browsing!!