index_17
Auerbach Publications
© 2001 CRC Press LLC
08/01
Trojans have become very sophisticated and easy to use, mostly be-
cause of huge weaknesses in popular operating systems and very re-
sourceful programmers. A typical system sitting on the Internet can have
a Trojan installed that can not only be used to gain access to the system,
remotely control portions of the host system, obtain data stored locally,
and collect keyboard input but can notify the attacker when the host sys-
tem is online and ready for access. In some cases, information can be
collected offline and sent to the attacker when the Internet connection is
reestablished by the victim. It is this vulnerability that represents the
worst-case scenario, and unfortunately, it is commonplace for a typical
home system to be affected.
In a case where the Trojan cannot be installed or implemented fully,
an attacker could gain enough access, even if temporarily, to collect vital
information about the targeted system or user, ultimately leading to more
attacks with greater results. It can be argued that antivirus programs and
host-based firewall applications can assist the user in reducing the vul-
nerabilities and helping in discovering them and possibly eradicating
them. Unfortunately, the implementation, maintenance, and daily secure
operation of such applications rests in the hands of the user. Neverthe-
less, it is complicated enough protecting refined, highly technical envi-
ronments with dedicated personnel, much less remote systems spread all
over the Internet.
A STEP BACK
Early in the adoption of the Internet, systems were attacked, sometimes
resulting in unauthorized access and the loss of data or the disclosure of
proprietary information. As the threats became greater, increasingly more
sophisticated, and difficult to stop, firewalls were implemented to reduce
the direct exposure to the attack. In combination, systems that were al-
lowing certain services were hardened against known weaknesses to fur-
ther the overall protection. Furthermore, these hardened, specific
systems were placed on isolated networks, referred to as DMZs, to pro-
tect the internal network from attacks launched from them or weakness-
es in their implementation. With all these measures in place, hackers to
this day continue to gain astounding access to internal systems.
Today, a firewall is a fundamental fixture in any Internet facing con-
nection, and sometimes in huge amounts protecting vast numbers of sys-
tems and networks. It has become the norm, an accepted fact of Internet
life and an expensive one as well. Protecting the internal systems and re-
sources from the Internet is paramount, and enormous work and financ-
es are usually dedicated to supporting and maintaining the perimeter.
It is reasonable to state that much of the protection implemented is to
protect proprietary data or information from dissemination, modification,
or destruction. The data in question remains within the security envelope