To Quote Ed Skoudis' "Malware: Fighting Malicious Code" "A Trojan horse is a program that appears to have some useful or benign purpose, but really masks some hidden malicious functionality."
"A Backdoor is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker's own terms." What this means is that many times they are found together but a Trojan is not necessarily a backdoor and a backdoor is not necessarily a trojan. In the case Jason was saying the Trojan was forcing the use of the Backdoor. Does this clear it up at all? Chuck Fullerton CEH, OPST, CISSP -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Coombs Sent: Wednesday, August 10, 2005 8:59 PM To: Donald J. Ankney Cc: Full-Disclosure Subject: Re: [Full-disclosure] Re: Help put a stop to incompetent computerforensics Donald J. Ankney wrote: > Your definition is just a subset of the standard, broader one. When a word causes widespread misunderstanding such that you simply can't use it to communicate ideas clearly, the old meaning becomes archaic. I think that's what has happened with Trojan. Proof of this can be found in the list of malware that anti-Trojan software is designed to detect -- without double-checking this, just from memory, I'm going to say that the list of malware detected by the typical anti-Trojan software product is limited to malware that meets my definition and does not include the broader definition. That causes a real problem, in practice, since if the anti-Trojan doesn't stop spyware then how can spyware be a Trojan? Regards, Jason Coombs [EMAIL PROTECTED] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
