Trojan
Trojan Program (Trojan Horse)
A Trojan program is a harmful computer program, but one that appears to be something useful - a deception like the Trojan horse described in the Greek legends. The difference between a virus and a Trojan program lies in how the malicious code is used. Viruses replicate and can potentially cause damage when they run on a user's computer. Trojan programs can also create a back door, which opens the system to additional attacks. The often hidden or obscure nature of the back door makes the attacker's activities difficult to detect.
Viruses, worms, and Trojan programs are a major security threat. They can damage
files, enable attackers to control computers, and prevent applications from functioning
correctly. When creating a network defense perimeter, you need to consider guarding
against all three. Firewalls and Intrusion Detection Systems do not block malicious
code on their own; you need to install anti-malware software or proxy servers that
can be configured to filter out malicious code and delete it before it causes harm.
Defenses
User Awareness and Information Security Training: Empowering the user is always the first line of defense. Diligent and educated
users will automatically be wary of Trojan delivery methods. Many popular scenarios
that install Trojan software are pirated programs, movies and music, key-generator
and crack files, cracker software, fake anti-virus alters (see photograph inset on
this page). Trojans require user intervention to execute, thus user awareness training
is a strong first line of defense.
Anti-Virus / Anti-Malware End-Point Protection: Not just for viruses, anti-virus software protects against worms, Trojan Horses,
and more. There are many free anti-virus solutions for home users, for Windows, Linux
and Macintosh computers. Regardless of the operating system you use, anti-virus is
a must-have. This protection provides a second layer of defense, and will intervene
if the computer user (or some background program process) attempts to execute or interact
with a virus. Furthermore, anti-virus solutions typically quarantine the malicious
program, placing it in an isolated location which can allow for further review by
a technician or information security practitioner.