With the passage of time, the development of Trojan horse technology is becoming more and more mature, but the safety awareness of netizens is also generally improved, and the initial concept of virus firewall has emerged. During this period, intruders must master more advanced social engineering means and initial invasion technology in order to make the other side suffer. Although the concealment of Trojan horse has been relatively improved during this period, it is still based on the mode of finding connection between client and server. Due to the emergence of virus firewall, the efficiency of netizens in judging and killing Trojans has been greatly improved. Most people also know that "people are not old" and no longer accept strangers' programs easily, which makes Trojans no longer run amok like some time ago. However, because the virus firewall is a new product, there are still relatively many people who have not installed it, so that many old Trojans can still run amok.
Later, with the birth of network firewall technology and the maturity of virus firewall technology, Trojan authors were forced to follow the footsteps of anti-virus manufacturers to update their works to avoid the premature death of horses. At the same time, due to the emergence of network firewall technology, computers are no longer directly connected to the network, especially the strategies of "intercepting external data connection requests" and "auditing internal program access network requests" realized by network firewall, which have led to the failure of most Trojans. Trojans in this period gradually split into two factions: one faction still uses the way of connecting clients to servers, but changes to other transmission channels, such as email and FTP. , or dismantle the network firewall internally to make it unimpeded; The other changed the idea of intrusion, from "client connecting server" to "server connecting client", and added a little social engineering technology, thus breaking through the limitation of network firewall, and thus a new Trojan horse technology-"rebound Trojan horse" was born. During this period, the war between the aggressor and the victim finally rose to the technical level. If you want to protect yourself, there is no other way but to install network firewall and virus firewall and contact network attack and defense technology. This "basic interaction" has been maintained until today's XP era.
In the XP era, the network speed has made a qualitative leap, and more and more hacker attacks and defenses have surfaced. Because the system has changed, an operating system specially designed for network applications will inevitably have network-related defects. Yes, the weakness of WinXP compared with Win9x is that there are too many network vulnerabilities. Whether it's a letter spread by Trojan using MIME vulnerability or a Trojan spilled by LSASS, you can share a piece of meat on XP system. You may say that Win9x also has many loopholes, but why is there no trouble with XP? This is because the network function of Win9x is so weak that almost no system components need to rely on the network to run! So now users not only wrap themselves up with network firewall and virus firewall, but also go to Microsoft's system update site every three days to install various bug fixes. ...
The harm caused by Trojan horse may be amazing, because it has the ability to remotely control machines and grab screens, buttons, audio and video, so its harm degree far exceeds that of ordinary viruses and worms. Deeply understand the operation principle of Trojan horse, and take correct defensive measures on this basis. Only in this way can the harm caused by Trojan horses be effectively reduced.