A trojan horse could be either:

a) Unauthorized instructions contained within a legitimate program. These instrcutions perform functions unknown to (and probably unwanted by) the user.

b) A Useful program that has been altered by the placement of unauthorized instructions within it.

These instructions perform functions unknown to (and probably unwanted by) the user.

c) Any program that appears to perform a desirable and necessary function but that (because of

unauthorized instructions within it) performs functions unknown to (and probably unwanted by) the user.

Under a restricted environment (a restricted Unix shell or a restricted Windows computer), malicious trojans can't do much, since they are restricted in their actions. But on a home PC, trojans can be lethal and quite destructive.

In the 12th century B.C., Greece declared war on the city of Troy. The dispute erupted when the prince of Troy abducted the queen of Sparta and declared that he wanted to make her his wife, which made the Greeks and especially the queen of Sparta quite furious.

The Greeks gave chase and engaged Troy in a 10-year war, but unfortunately for them, all of their effortswent down the drain. Troy was simply too well fortified.

In a last effort, the Greek army pretended to be retreating, leaving behind a hude wooden horse. The people of Troy saw the horse, and, thinking it was some kind of a present from the Greeks, pulled the horse into their city, without knowing that the finest soldiers of Greece were sitting inside it, since the horse was hollow.

Under the cover of night, the soldiers snuck out and opened the gates of the city, and later, together with the rest of the army, killed the entire army of Troy.

This is why such a program is called a trojan horse - it pretends to do something while it does something completely different, or does what it is supposed to be and hides it's malicious actions from the user's prying eyes.

During the rest of this text, we will explain about the most common types of trojan horses.

These trojans are the most popular trojans now. Everyone wants to have them trojan because they let you have access to your victim's hard drive, and also perform many functions on his computer (open and close his CD-ROM drive, put message boxes on his computer etc'), which will scare off most computer users and are also a hell lot of fun to run on your friends or enemies.

Modern RAT'S (remote administration trojans) are very simple to use. They come packaged with two files - the server file and the client file. Just fool someone into runnig the server file and get his IP and you have FULL control over his/her computer (some trojans are limited by their functions, but more functions also mean larger server files. Some trojans are merely ment for the attacker to use them to upload another trojan to his target's computer and run it, hence they take very little disk space).
You can also bind trojans into other programs which appear to be legitimate.

RAT'S have the common remote access trojan functions like:

keylogging (logging the target's keystrokes (keyboard functions) and sometimes even interfering with them) upload and download function, make a screenshot of the

target's monitor and so on.

Some people use the trojans for malicious purposes. They either use them to irritate, scare or harm their enemies, scare out their friends or enemies and seem like a "super hacker" to them, getting information about people and spying on them or just get into people's computers and delete stuff. This is considered very lame.

Trojans would usually want to automatically start whenever you boot-up your computer.
Most Windows trojans hide from the Alt+Ctrl+Del menu. This is bad because there are people

who use the task list to see which process are running. There are programs that will tell you exactly what processes are running on your computer. Some trojans, however, use fake names and it's a little harder for certain people to realize that they are infected.

Remote administration trojans open a port on your computer and bind themselves to it (make the server file listen to incoming connections and data going through these ports). Then, once someone runs his client program and enters the victim's IP, the trojan starts receiving commands from the attacker and runs them on the victim's computer.

The most popular RATs are Netbus (because of it's simplicity), BO (has many functions and hides itself pretty good) and Sub-seven (lots of functions and easy to use). These are all Windows RATs.

If you havn't done so already, it is advised to get some RAT and play around with it, just to see how the whole thing works. Using RATs for legitimate purposes

Some people use RATs to remotely administer computers they are allowed to have access to.

Password Trojans:

Yes, password trojans. Password trojans search your computer for password and then send them to the attacker or the author of the trojan.These trojans usually send

the information back to the attacker via Email.

These trojans would usually be used to fool system administrators. They can either be binded into a common system utility or pretend to be something unharmful and even quite useful and appealing. Once the administrator runs it, the trojan will give the attacker more priviledges on the system. These trojans can also be sent to less-priviledges users and give the attacker access to their account.

These trojans are very simple. They log all of your keystrokes (including passwords), and then either save them on a file or Email them to the attacker once in a while.

Keyloggers usually don't take much disk space and thus making

them very hard to detect.

Destructive Trojans:

These little fellows do nothing but damaging your computer. These trojans can destroy your entire hard drive, encrypt or just scramble important files and basically make you feel very unpleasent.

Some might seem like joke programs, while they are actually tearing every file they encounter to pieces.

Joke programs are nice, cute and unharmful. They can either pretend to be formatting your hard drive,

sending all of your passwords to some evil cracker, self-destructing your computer, turning in all

information about illegal and pirated software you might have on your computer to the FBI etc'. They are certainly no reason to worry about , but unexperienced computer

users tend to get scared off pretty easily by joke programs.

If you are working on your PC, DO NOT work as root! If you run a trojan as root, you can endanger your

entire system!. Switch to root only when you NEED root, and when you know what you're running. Also, remember that even if you're working on a restricted environment, you may still put the passwords and files you still have access to to risk. Also, if someone has a keylogger on your system, and you type in some passwords (especially the root

password), they will be logged!

Also, DO NOT download any files from untrusted sources (small websites, underground websites, Usenet newsgroups, IRC etc'), even if it comes in the form of source code.

Windows is a whole lot different in this aspect. Make sure you don't run any untrusted software. There are much more evil trojans for Windows than Unix. Remember that some trojans can break into administrator priviledges and then compromise your entire system, since Windows imposes such poor security.

Oh, and one last tip - you should try to download and use at least some of the types of trojans listed above, so you could get to know them better and be able to remove them in case you get infected.(may use virtual PC for this )