Next: Heads up Computing
Up: VirusesWorms, Trojans and
A trojan horse is a program which hides itself in another apparently
benign program. When the victim runs the apparently benign program he
or she also ends up running the hidden trojan program.
There are examples of Unix trojan horse programs on the Internet. For
example in one incident, a well known anonymous ftp archive
was broken into. The attackers modified a popular program available
from this site, allowing them to break into computers which
subsequently down-loaded and installed this program.
There are a few common sense rules you can use to protect yourself
from trojan horses.
- Avoid down-loading binary programs from the Internet. It's much
better to down-load the source code for a program, and compile it
yourself. Those who create trojan horses shy away from putting the
trojan horse into source code, since a trojan can be discovered by
examining the source code.
- When feasible, examine the source for the program before you
- Try to only down-load programs from well known - hopefully well
- Take advantage of MD5 checksums if available. Often included in
the announcement or the documentation will be the MD5 checksum of the
files you down-load to obtain the program (e.g. the ``.tar'' file).
After you've down-loaded the files, use the command md5 <filename>
to generate a MD5 checksum for comparison with the known good MD5
- Most major packages have a mailing list or a newsgroup associated
with them. Use resources such as these to stay in touch with the
community of folks using this package. This way, you'll hear of a
problem such as a trojan horse being introduced into the software you
Fri Oct 25 16:31:41 EDT 1996