In Linux, the three most common commands that hackers usually attempt to Trojan are:

John wishes to install a new application onto his Windows 2000 server.
He wants to ensure that any application he uses has not been Trojaned.
What can he do to help ensure this?

Jason’s Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the
trojan communicates to a remote server on the Internet. Shown below is the standard “hexdump”
representation of the network packet, before being decoded. Jason wants to identify the trojan by
looking at the destination port number and mapping to a trojan-port number database on the
Internet. Identify the remote server’s port number by decoding the packet?

Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024
ports?

Sniffing is considered an active attack.

A file integrity program such as Tripwire protects against Trojan horse attacks by:

Erik notices a big increase in UDP packets sent to port 1026 and 1027 occasionally. He enters the
following at the command prompt.
$ nc -l -p 1026 -u -v
In response, he sees the following message.

cell(?(c)????STOPALERT77STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION.
Windows has found 47 Critical Errors.
To fix the errors please do the following:
1. Download Registry Repair from: www.reg-patch.com
2. Install Registry Repair
3. Run Registry Repair
4. Reboot your computer
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION!
What would you infer from this alert?

Exhibit:
ettercap –NCLzs –quiet
What does the command in the exhibit do in “Ettercap”?

A remote user tries to login to a secure network using Telnet, but accidently types in an invalid
user name or password. Which responses would NOT be preferred by an experienced Security
Manager? (multiple answer)

A POP3 client contacts the POP3 server: