The ability of Trojan depends on user. Because after Trojan was known to be a hacker’s tool to hacking, there are some programmers decide to reduce power and make it easier to use in computer networking industry. For example: NetBus is a kind of Trojan, which reduced power and included security function in the program to prevent the hacker hack into server. Programmer designed function to ask password when client want to connect with server.

But as we know, some of hackers have ability to build or adapt Trojan for themselves. For example: BO (Back Orifice), designer added some function to combine the server file with other file for easy to deceive people to open it. That file will execute the original file and Trojan server together. That function was called “silk rope”. It’s an add-on of BO2K.

Because some Trojan will define by anti-virus to be a type of virus, Hackers will keep their Trojan by freeze it or use ZIP program to stop Trojan activity. And this way Trojan can be cloak from some anti-virus. There are some anti-virus can scan in zip file too.

For example: PC-cillin 2000, I use this program in my computer. When I installed any Trojan program to do this web site, it always warned me that it could found a Trojan and suggested to delete it. Sometime while I use other program, it automatic scanned and found the Trojan server. It will remove Trojan server by itself. It wills well for all of you who want to protect yourself from Trojan. But for me in that moment, this program is my barrier to learn that how to use Trojan. So I will close it every time I used Trojan. And I think that I have to format my computer again after finish this job.

In this topic, we’re not mean that how can you download Trojan program. Because there are a lot of web site which provide the Trojan (include our web site). But we will tell you that the way, which hacker will send Trojan to you.

First way, they will send an e-mail to you and tell you that they sent a demo program, update program or update driver to customer who registered at they site. That may be a pure Trojan, which changed only name or the Trojan combined with some application by “silk rope”. They will not worry, if you know that they send Trojan to you. Because the e-mail address that they use for send to you is a fake address.

The Trojan that they will send to you in this way almost is Back Orifice. Because this Trojan has a function that can send your IP address to hacker via e-mail every time that you online. This function wills has a real e-mail address of hacker who send this Trojan to you. And this way you will find that who send you this Trojan.

Second way, this type of hacker will be a user who online in IRC chat room. They will online and chat with you like normal person. And will try any way to make you get their find. The type of Trojans files, which you can find in this type of hacking are a pure server file, server file in zip or combined file.

Third way, hackers are ICQ users who contact with you and try to send you a file. This hacking type just like a second type, but a lot of people will trust these hackers who contact via ICQ more than IRC chat user. Hacker will control this ICQ user easier than the first way. Because every time that you online, the ICQ program will open itself. Hacker will know and start to check your IP address and connect to Trojan.

Last way, hackers will site in front of your computer and install server file in there. These hackers will be your friend, mechanic or technician who you trusted or have a chance to use your computer. They will disable your anti-trojan and run server file, even you are sitting beside them.

After you run Trojan server file, hacker can get a lot of information of your computer.

• First is your computer specific, they can know your system type or hardware information. Sometime hackers are known computer information more than owner of itself.
  

• Second is your keyboard input, they will know that what are you typing. You may typing a secret information or password in that moment.
  

• Third is your file, hacker can access to your file and copy, move, delete or make you run that file from anywhere.
  

• Forth is your password, there are some data that left in your computer, which contain information about password. In that kind of information, they will contain Credit card number for your online shopping program too.
  

• Last one is your Internet account. This is most popular of hacking. Because a lot of hackers are people whom online to Internet. They want to have a free and fast account for use. But sometime they use your account to hack other organization and you have to respond for their activity. That all is what can they get from Trojan.

 

This is a trick of hacker. When they can connect to your computer, they will disable all of your protection as fast as they can. Because in Trojan, there is a function to shutdown any program that you opened. After that they will feel free to do anything on your computer.

There is a basic to know that Trojan captured your computer. There is a function in DOS that check all using port at the moment.

First, type “netstat –an” in DOS when you didn’t online. If you aren’t captured the result will be like this.

But if you are captured, there is some port that you don’t know was run. You can check it by remember that port and go to check in Internet about port that Trojan will captured (There are list of Trojan in our web site). You can detect that who controlling Trojan by this way too. When you online and there is an IP address that connect to your computer by port that run when off-line, that is an address of hacker who connecting to you.

 

The easy way is download program called “The cleaner”. This program cans remove about 101 Trojan (include BO and NetBus).

These are some list of the most Trojans and possible port that Trojan will capture to control your computer from http://www.onctek.com. There is some special information in that site. Just click to Trojan’s name that has linked.