Re: Re:Trojan Horse Detection tools(Possibly off-topic)

["Jon Pastore" <jpastore () idetech net>]

not that I qualify as an expert in this realm but, I would suggest if you
know the language I would look for a few basic this like search for syntax
that open sockets for transmitting data... this should narrow your search or
opening file handles to places that make no sense or logging info that has
nothing to with the intended purpose of the application...

also be weary of code frmo untrusted sources it's always a good idea to have
a test enviroment like a segmented network that has nothing to do with your
production enviroment...

-Jon
----- Original Message -----
From: "Rahul Chander Kashyap" <rahul () nsecure net>
To: <SECURITY-BASICS () securityfocus com>
Sent: Saturday, April 12, 2003 5:42 AM
Subject: Re:Trojan Horse Detection tools(Possibly off-topic)


> Hi Sridhar,
>  As far as i know, u have to go thru the whole code because a
> trojan/backdoor
>  can be embedded into code very cleverly ;-) and even experts might not be
>  able to detect it!
>  what i wud do if i were in ur case wud be to go thru the source code of
> some
>  trojans/backdoors[there are many available] and try to get an idea from
>  those :-)
>
>  [And yeah in case a tool to detect this exists,i'm looking forward to
it!]
>  All the best!
>  Regards,
>  Rahul Kashyap
>  Software Developer,
>  nSecure Software (P) Ltd.
> Bangalore-71
>  www.nsecure.net
>  ----------------------
>  Layered Defence
>  ----------------------
>  ------
>  This message is intended for the addressee only. It may contain
>  privileged or Confidential information. If you have received this
>  message in error, please notify the sender and destroy the message
>  immediately. Unauthorized use or reproduction of this message is
>  strictly prohibited.
>  ------
>
> > ----- Original Message -----
> > From: "Sridhar J" <sridhar.jayaraman () wipro com>
> > To: <security-basics () securityfocus com>
> > Sent: Friday, April 11, 2003 10:20 AM
> > Subject: Trojan Horse Detection tools(Possibly off-topic)
> >
> >
> > Hi all
> >
> > Are there any tools to detect Trojan horse code? Assume that I have the
> > source code, but code inspection is very cumbersome and sufficient
> > expertise is needed, which is difficult to expect from developers.
> >
> > ----------
> > Regards
> > Sridhar J
> > ----------
> > "What you do in this world is a matter of no consequence;The question
> > is, what can you make people believe that you have done."
> > --Sherlock Holmes in "A Study in Scarlet"
>
>
> -------------------------------------------------------------------
> Is SPAM over-loading your e-mail server, disk space or bandwidth?
> SurfControl E-Mail Filter is flexible, intelligent and policy-driven
> protection.
> http://www.securityfocus.com/SurfControl-security-basics2
> Download your free fully functional trial, complete with 30-days of free
technical support.
> Stop SPAM before it stops you.
> -------------------------------------------------------------------


-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------