|
|
detect trojans
There are several methods to detect trojans, but most of them can only be
used by advanced users. Port scanning, traffic monitoring, process
monitoring, any suspected activity shown on these procedures can be sign
of trojans.
Nearly all remote access trojans use TCP or UDP sockets, and in many cases
trojans have a default port that they listen to.
A simple netstat -a can reveal some trojans. However, you need some
knowledge and experience about TCP and services before you can get to the
conclusion that your system is infected.
Port scanning does have two distinct advantages - it can detect trojan ports even if the
trojan uses netstat stealth techniques, and it can be used both locally
and remotely.
Always keep in mind that Firewalls, routers and Intrusion Detection
Systems (IDS) can affect the results of a port scan.
TCPView is a free utility
by
Sysinternals which not only lists the IP addresses communicating with your computer, it
tells you what program is using that connection. Armed with this
information you can locate whatever program is sending data out of your
machine and deal with it.
|
|
thespyware.net |
|
|
Loans - Car Insurance - Loans - Credit Counseling
|
|
