This article is about the mythological Trojan Horse. For other uses, see Trojan horse (disambiguation).
Detail from The Procession of the Trojan Horse in Troy by Domenico Tiepolo (1773), inspired by Virgil's Aeneid.
The Trojan Horse was a tale from the Trojan War, as told in Virgil's Latin epic poem The Aeneid. The events in this story from the Bronze Age took place after Homer's Iliad, and before Homer's Odyssey. It was the stratagem that allowed the Greeks finally to enter the city of Troy and end the conflict. In the best-known version, after a fruitless 10-year siege of Troy the Greeks built a huge figure of a horse inside which a select force of 30 men hid. The Greeks pretended to sail away, and the Trojans pulled the Horse into their city as a victory trophy. That night the Greek force crept out of the Horse and opened the gates for the rest of the Greek army, which had sailed back under cover of night. The Greek army entered and destroyed the city of Troy, decisively ending the war.
The priest Laocoön guessed the plot and warned the Trojans, in Virgil's famous line "Timeo Danaos et dona ferentes" (I fear Greeks even those bearing gifts)[1], but the god Poseidon sent two sea serpents to strangle him, and his sons Antiphantes and Thymbraeus, before he could be believed. King Priam's daughter Cassandra, the soothsayer of Troy, insisted that the horse would be the downfall of the city and its royal family but she too was ignored, hence their doom and loss of the war.
A "Trojan Horse" has come to mean any trick that causes a target to invite a foe into a securely protected bastion or place, now often associated with "malware" computer programs presented as useful or harmless in order to induce the user to install and run them
Monday, March 22, 2010
Salami attack
In the salami technique, cyber criminals steal money or resources a bit at a time. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program, into the bank’s servers, that deducts a small amount of money (say Rs. 5 a month) from the account of every customer. No account holder will probably notice this unauthorized debit, but the cyber criminal will make a sizable amount of money every month.
The classic story about a salami attack is the old ” collect-the-roundoff ” trick. In this scam, a programmer modifies arithmetic routines, such as interest computations. Typically, the calculations are carried out to several decimal places beyond the customary two or three kept for financial records. For example, when currency is in dollars, the round off goes up to the nearest penny about half the time and down the rest of the time. If a programmer arranges to collect these fractions of pennies in a separate account, a sizable fund can grow with no warning to the financial institution.
To quote an example, an employee of a bank in USA was dismissed from his job. Disgruntled at having been supposedly mistreated by his employers the man first introduced a logic bomb into the bank’s systems.
Logic bombs are programmers, which are activated on the occurrence of a particular predefined event. The logic bomb was programmed to take ten cents from all the accounts in the bank and put them into the account of the person whose name was alphabetically the last in the bank’s rosters. Then he went and opened an account in the name of Ziegler. The amount being withdrawn from each of the accounts in the bank was so insignificant that neither any of the account holders nor the bank officials noticed the fault.
It was brought to their notice when a person by the name of Zygler opened his account in that bank. He was surprised to find a sizable amount of money being transferred into his account every Saturday.
The classic story about a salami attack is the old ” collect-the-roundoff ” trick. In this scam, a programmer modifies arithmetic routines, such as interest computations. Typically, the calculations are carried out to several decimal places beyond the customary two or three kept for financial records. For example, when currency is in dollars, the round off goes up to the nearest penny about half the time and down the rest of the time. If a programmer arranges to collect these fractions of pennies in a separate account, a sizable fund can grow with no warning to the financial institution.
To quote an example, an employee of a bank in USA was dismissed from his job. Disgruntled at having been supposedly mistreated by his employers the man first introduced a logic bomb into the bank’s systems.
Logic bombs are programmers, which are activated on the occurrence of a particular predefined event. The logic bomb was programmed to take ten cents from all the accounts in the bank and put them into the account of the person whose name was alphabetically the last in the bank’s rosters. Then he went and opened an account in the name of Ziegler. The amount being withdrawn from each of the accounts in the bank was so insignificant that neither any of the account holders nor the bank officials noticed the fault.
It was brought to their notice when a person by the name of Zygler opened his account in that bank. He was surprised to find a sizable amount of money being transferred into his account every Saturday.
Computer virus
A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.[2][3]
As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, adware, and spyware programs that do not have the reproductive ability. Malware includes computer viruses, worms, trojans, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan is a program that appears harmless but hides malicious functions. Worms and Trojans, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious and go unnoticed.
As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, adware, and spyware programs that do not have the reproductive ability. Malware includes computer viruses, worms, trojans, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan is a program that appears harmless but hides malicious functions. Worms and Trojans, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious and go unnoticed.
Subscribe to:
Posts (Atom)