1-866-PLYNT-24
|
How do I check if there's a backdoor in my application?
The best way to know if you've a back door in your app is to do a code audit. A remote pen test might find it, but the chances are low.
Companies check for back doors when a security critical software is purchased from a 3rd party. The fear is that developers might have inserted code that lets them get back into the app on a later date.
During the audit, here're a few things the auditor will do to check for back doors:
- Look for undocumented ports being opened
- Monitor registry access for anything suspicious
- Track the files being opened
- Monitor if other execuatbles are launched
- Watch for network connections going out
- Check for hard-coded special passwords in the code
- Look for "special" users in the user database
Sysinternals has several tools that help the auditor: Regmon, Filemon, Process Explorer, PSTools, Strings, Rootkit Revealer, etc.