X hits on this document

315 views

0 shares

0 downloads

0 comments

110 / 120

Figure 10.1. Process Monitor session for the Password Vault application.

Most of the malicious operations carried out by Trojans can be detected using

Process Monitor, including those that contain Backdoors. Of course, Process Monitor

itself doesn't identify malware, it simply reports what a process is doing. With a little bit

of ingenuity, one can identify activities that don't seem to fit with the advertised

functionality of a program. For example, a program that accesses registry keys, files, or

network locations that are unrelated to it, is probably malicious. It's common practice

these days for users to download free software from the Internet, and because we've been

convinced that open-source software, which is sometimes confused with free software,

should have the fewest number of vulnerabilities, we do it without much afterthought.

Incidentally, the data on the number of vulnerabilities found in popular Internet browsers

102

Document info
Document views315
Page views316
Page last viewedSun Dec 04 08:59:43 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments