A Trojan horse is a program whose purpose is to capture Ids and passwords from unsuspecting users. The program is designed to mimic the normal log-on procedures of the operating system. When the user enters his or her ID and password, the Trojan horse stores a copy of them in a secret file. At some later date, the author of the Trojan horse uses these Ids and passwords to access the system and masquerade as an authorized user.
Threats from destructive programs can be substantially reduced through a combination of technology controls and administrative procedures. The following examples are relevant to most operating systems.
• Purchase software only from reputable vendors and accept only those products that are in their original, factory-sealed packages.
• Examine all upgrades to vendor software for viruses before they are implemented.
• Establish an educational program to raise user awareness regarding threats from viruses and malicious programs.
• Install all new applications on a stand-alone computer and thoroughly test them with antiviral software prior to implementing them on the mainframe or LAN server.
• Routinely make back copies of key files stored on mainframes, servers, and workstations.
• Use antiviral software (also called vaccines) to examine application and operating system programs for the presence of a virus and remove it from the affected program Antiviral
programs are used to safeguard mainframes, network servers, and personal computers. Most antiviral programs run in the background on the host computer and automatically test all files that are uploaded to the host. However, the software works only on known viruses. If a virus has been modified slightly (mutated), there is no guarantee that the vaccine will work. It is therefore important to maintain the current version of the vaccine.