Tuesday, November 16, 2010

Week 13: Clear/Backdoors






Essentially what first got me interested in the concept of backdoors in computer programs was a novel I read called "Digital Fortress," by Dan Brown.  The book is about a team of codebreakers that work for the government, and their main job is to intercept codes from other countries, as well as domestic terrorist groups, to try and monitor their activities.  The book mentions the concept of backdoors several times.  I was immediately intrigued by this topic, because I had never heard of it before.  The book did a great job of teaching and explaining what backdoors are, and how they are written, while incorporating fictional characters and a plot as well.

The definition of a backdoor in a computer system is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected.  The backdoor may take the form of an installed program, or may subvert the system through a rootkit.  Once perpetrators gain access to unsecure computers, they often install a backdoor or modify an existing program to include a backdoor, which allows them to continue to access the computer remotely without the user's knowledge.  Malicious programs that open backdoors can be found in emails, ad banners, web sites, and downloads.  Trojan horses are a popular method of opening backdoors. 

There are programs that spend 24 hours a day surfing the web in search of unprotected and unknown backdoors.  They run around "pinging" IP's until they find one that sends back a signal indicating that access can be granted.  A program such as CallerIP scans all the ports (where your modem or cable or telephone is plugged in) on your system and alerts you to any malicious backdoors that can provide unauthorized access to your computer.

Websites Cited:  http://www.fraudaid.com/security_products/articles_information/what_is_a_backdoor.htm
                          http://en.wikipedia.org/wiki/Backdoor_(computing)

No comments:

Post a Comment