Backdoors : An Introduction

Since the early days of intruders breaking into computers, they have tried

to develop techniques or backdoors that allow them to get back into the

system. In this paper, it will be focused on many of the common backdoors

and possible ways to check for them. Most of focus will be on Unix

backdoors with some discussion on future Windows NT backdoors. This will

describe the complexity of the issues in trying to determine the methods

that intruders use and the basis for administrators understanding on how

they might be able to stop the intruders from getting back in. When an

administrator understands how difficult it would be to stop intruder once

they are in, the appreciation of being proactive to block the intruder from

ever getting in becomes better understood. This is intended to cover many

of the popular commonly used backdoors by beginner and advanced intruders.

This is not intended to cover every possible way to create a backdoor as

the possibilities are limitless.

The backdoor for most intruders provide two or three main functions:

Be able to get back into a machine even if the administrator tries to

secure it, e.g., changing all the passwords.

Be able to get back into the machine with the least amount of visibility.

Most backdoors provide a way to avoid being logged and many times the

machine can appear to have no one online even while an intruder is using

it.

Be able to get back into the machine with the least amount of time. Most

intruders want to easily get back into the machine without having to do all

the work of exploiting a hole to gain access.

In some cases, if the intruder may think the administrator may detect any

installed backdoor, they will resort to using the vulnerability repeatedly

to get on a machine as the only backdoor. Thus not touching anything that

may tip off the administrator. Therefore in some cases, the

vulnerabilities on a machine remain the only unnoticed backdoor.

Amol Wagh

Author is a Tech blogger & loves to share his work on web by writing guidelines for Ethical Hacking students & Security professionals. Performing various types of hacking from pen test to smartphone hacking – He enjoys hacking just for personal research purpose.

Working with more of ‘grey as well as black hat’ hackers for learning advanced hacking as well as defending techniques & share them with learners. His prime area of research is Cyber Criminals & currently working on a Video Product Development to teach hacking & Pen Testing for absolute beginners.