Anti-Trojan Program? Is it possible?

blackhalo15

Booby Pie
Joined
Aug 7, 2003
Messages
209
Is it possible to make some kind of software, that will destroy files on an attackers machine? For example, lets say Bob wants to hack Jim. Bob tries to connect to Jim's computer using a "backdoor trojan virus" (I believe that's what they call it.) Is it possible for Jim to write some program that will keep Bob from connecting to his machine, and in the process destroy the trojan that Bob tries to connect with, so that Bob wouldn't be able to use his little trojan do hickey on anybody else?

And another thing... I heard that people can embed "Java" code into a webpage, that will automaticly download files, such as trojans on your machine. How is this done? Or is it just a rumor? If it can be done, then is there a way someone can write a program to block these trojans? (Unless of course anti-virus software already does this.)

Sorry, but I'm just curious. I'm just now starting to learn C#. I am very very very noobie. But I think it would be awesome if someone wrote a program that could do that:)
 
Well, as long as your program on changes files on your computer, then that's OK. If you are thinking of some sort of program that manipulates a trojan placed on your machine to attack the person who placed it on your machine, then I think that 1.) It would be difficult and 2.) it is probably just as illegal as what the first person did.

As for Java downloading programs: yes. It does happen, and happens a lot. Cookies for example, as well as other data miners etc. Logging in to CFC causes the 'Red Sherrif' data miner to be loaded on your PC. There are programs to remove these - mentioned in numerous threads on this forum. Adaware and spybot Search & destroy are the best.

This thread by Jeratain is a great source of this sort of info. I can't remember if he mentions it (he probably did!) but you should also get a firewall (zonealarm for example).
 
Originally posted by Jeratain
Basic answer to your question in one word: Firewall

Slightly more advanced answer: a software firewall that monitors outbound traffic from your machine as well as blocking unauthorized inbound traffic. ZoneAlarm (www.zonealarm.com) is one of the firewalls that does this, but not all of them do.
 
Hmmmm, well, I do think I'm going to have to get "zonealarm". And thanks:) But I still think someone should find a way to make a firewall that will somehow destroy the trojan that the attacker tried to attack with.
 
Originally posted by IglooDude


Slightly more advanced answer: a software firewall that monitors outbound traffic from your machine as well as blocking unauthorized inbound traffic. ZoneAlarm (www.zonealarm.com) is one of the firewalls that does this, but not all of them do.
If you are using Windows XP, then when SP2 is released the Internet Connection Firewall config tools will provide much finer control over the firewall than what's available in SP1, basically making ZoneAlarm a third party program that can do the same thing. I'm not disqualifying ZA, just saying it wont be necessary in the near future.
 
The real problem with trying to zap someone who has sent you a Trojan or virus is determining exactly where it came from.

A lot of this junk is sent via third party...i.e. a computer that has been hijacked by the attacker. The recent problems with MyDoom is a good example. You run the risk of messing up someone who really had no idea that they sent you one of the nasties.

You would have to tie in to a tracking program like Traceroute and they don't always have the greatest success in finding the origin.
 
Originally posted by Jeratain
If you are using Windows XP, then when SP2 is released the Internet Connection Firewall config tools will provide much finer control over the firewall than what's available in SP1, basically making ZoneAlarm a third party program that can do the same thing. I'm not disqualifying ZA, just saying it wont be necessary in the near future.

Yeah, but knowing Microsoft, the firewall will contain some horrible bug that lets people get into your computer. ;) And while Microsoft is good at bundling basic extra programs, third-party programs can often do the same things much much better. Firefox or Opera are much better than Internet Explorer, WinAmp or Media Player Classic are much better than Windows Media Player, and I suspect free third-party firewalls will still be better than whatever Microsoft comes up with.
 
DreadCthulhu said:
Yeah, but knowing Microsoft, the firewall will contain some horrible bug that lets people get into your computer. ;) And while Microsoft is good at bundling basic extra programs, third-party programs can often do the same things much much better. Firefox or Opera are much better than Internet Explorer, WinAmp or Media Player Classic are much better than Windows Media Player, and I suspect free third-party firewalls will still be better than whatever Microsoft comes up with.

People ask for security, but then get annoyed and open up their firewalls, and IE, to do such things as allow java script, or Active X programs to run directly from websites. Security is more a problem of tedium than technicality.
 
Back
Top Bottom