BackDoors Seminar
-
Upload
chaitali-patel -
Category
Documents
-
view
13 -
download
0
Transcript of BackDoors Seminar
BackdoorsA type of hacking tool..
What is Backdoor?A backdoor in a system is a method of bypassing
normal authentication and gain access.The backdoor access method is sometimes
written by the programmer who develops the program.
It is found in multi network scenario. A network administrator may intentionally create or install a backdoor program for troubleshooting or other official use.
Hackers use backdoors to install malicious software files or programs, modify code or detect files and gain system access.
Vulnerabilities There are 3 main vulnerabilities
that introduce backdoor in application:
1. Buffer Overflow Attack
2. Cross-site Scripting
3. Remote Administration or Troubleshooting
Hard-wired Backdoor
• 'Back doors' are commonly built into computer systems by programmers to allow quick and easy access – but on a chip of this sort, represent a dangerous vulnerability.
• An attacker can disable all the security on the chip, reprogram cryptographic and access keys or permanently damage the device.
Rakshasa BackdoorRakshasa Backdoor is termed as “Permanent
Backdoor” i.e. hard to detect.Rakshasa is able to compromise more than a
hundred different motherboards. Rakshasa malware infects the host BIOS,
taking advantage of a potentially vulnerable aspect of traditional computer architecture.
Any peripheral, such as a network card or a sound card can write to the computer’s RAM or to smaller portions of memory allocated to any of the other peripherals.
Hence the impact could be devastating.
Cont.. Rakshasa has been developed with open source BIOS
software and because of their compatibility with most hardware, it’s hard to detect.
When the machine boots up, malware downloads all the malicious code it needs.
It disables the resident antivirus and stores the code in memory. In doing so, it avoids leaving traces on the hard disk that could be detected as infectious.
The most important issue about Rakshasa malware isn’t related to how it can infect victims randomly. But the possibility of using it as a backdoor in hardware.
In many cases doubt has been raised about if backdoors are present in Chinese devices, telecommunications in particular.
Motivations of Backdoor Attacks
The main motivations of backdoor attacks are:
Hardware cloningBreaking services, obtaining them with piracyImitating user authentication for system
accessInformation leakageUnlocking devices, to gain access to an
internal shell or to increase control of a system
Unlocking hidden features
Preventive Measures
Obtain & Install Security Updates• It helps you to improve your computer's security
settings.• Operating System should provide security
updates frequently(e.g. Windows Defender in Windows, XProtect in Mac, Snort in Linux)
Update your anti-spyware software definitions• Configure your anti-spyware software to check for
updates at least on a daily basis.• Also, make sure your anti-spyware software is
loaded when your computer starts and that it is automatically updating it's spyware definitions.
Scan for Backdoors• Download “SpyHunter's Scanner ” to check for
Backdoors.
http://www.wiki-security.com/wiki/Parasite_Category/Backdoors
http://www.dailymail.co.uk/sciencetech/article-2152284/Could-vulnerable-chip-allow-hackers-Boeing-787-Back-door-allow-cyber-criminals-way-in.html
http://resources.infosecinstitute.com/hardware-attacks-backdoors-and-electronic-component-qualification/
Bibliography
Thank You..!!
Prepared By:Chaitali Patel