A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously used, to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by other computers.
In computers, a virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD. The immediate source of the e-mail note, downloaded file, or diskette you've received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer.
SOURCE: http://searchsecurity.techtarget.com/definition/virus
A computer virus is a potentially damaging computer program that affects, or infects, a computer negatively b altering the way the computer works without the user's knowledge or permission.
SOURCE: Discovering Computers 2007 by Gary Shelly
A computer virus is a potentially damaging computer program that affects, or infects, a computer negatively b altering the way the computer works without the user's knowledge or permission.
SOURCE: Discovering Computers 2007 by Gary Shelly
WORM
Worms are malicious programs that make copies of themselves over and over, on the local drive, network, email, or Internet. In other words, the sole purpose of a worm is to reproduce, unlike a virus which attempts to infect, i.e. embed its code into, other files.
In a computer, a worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks. This term is not to be confused with WORM (write once, read many).
SOURCE: http://searchsecurity.techtarget.com/definition/worm
A worm is a program that copies itself repeatedly, for example in memory or on network, using up resources and possibly shutting down the computer or network.
SOURCE: Discovering Computers 2007 by Gary Shelly
A worm is a program that copies itself repeatedly, for example in memory or on network, using up resources and possibly shutting down the computer or network.
SOURCE: Discovering Computers 2007 by Gary Shelly
TROJAN HORSE
In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.
The term comes from Greek mythology about the Trojan War, as told in theAeneid by Virgil and mentioned in the Odyssey by Homer. According to legend, the Greeks presented the citizens of Troy with a large wooden horse in which they had secretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city.
PAYLOAD
The term used to describe the malicious activity that is the result of an activated computer virus. While not all viruses have a payload, some payloads will perform destructive actions.
1) The essential data that is being carried within a packet or other transmission unit. The payload does not include the "overhead" data required to get the packet to its destination. Note that what constitutes the payload may depend on the point-of-view. To a communications layer that needs some of the overhead data to do its job, the payload is sometimes considered to include the part of the overhead data that this layer handles. However, in more general usage, the payload is the bits that get delivered to the end user at the destination.
2) The eventual effect of a software virus that has been delivered to a user's computer.
HONEYPOT
A Honey Pot system is setup to be easier prey for intruders than true production systems but with minor system modifications so that their activity can be logged of traced. The general thought is that once an intruder breaks into a system, they will come back for subsequent visits. During these subsequent visits, additional information can be gathered and additional attempts at file, security and system access on the Honey can be monitored and saved.
Honeypots are an exciting new technology with enormous potential for the security community. The concepts were first introduced by several icons in computer security, specifically Cliff Stoll in the book The Cuckoo's Egg", and Bill Cheswick's paper " An Evening with Berferd." Since then, honeypots have continued to evolve, developing into the powerful security tools they are today. The purpose of this paper is to explain exactly what honeypots are, their advantages and disadvatages, and their value to the security. A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource.BOTNET
The term bot is short for robot. Criminals distribute malicious software (also known as malware) that can turn your computer into a bot (also known as a zombie). When this occurs, your computer can perform automated tasks over the Internet, without you knowing it. Criminals typically use bots to infect large numbers of computers. These computers form a network, or a botnet. Criminals use botnets to send out spam email messages, spread viruses, attack computers and servers, and commit other kinds of crime and fraud. If your computer becomes part of a botnet, your computer might slow down and you might inadvertently be helping criminals.
Botnet is a jargon term for a collection of software robots, or bots, which run autonomously.Botnets have become a significant part of the Internet, albeit increasingly hidden. Due to most conventional IRC networks taking measures and blocking access to previously-hosted botnets, owners must now find their own servers. Often, a botnet will include a variety of connections, ranging from dial-up, DSL, cable, educational, and corporate. Sometimes, an owner will hide an IRC server installation on an educational or corporate site, where high-speed connections can support a large number of other bots. Exploitation of this method of using a bot to host other bots has proliferated only recently, as most script kiddies do not have the knowledge to take advantage of it.
SPOOFING
Spoofing is a technique used by computer hackers to gain unauthorized access to our computers by sending a message with an IP address saying it is coming from trusted host. This is IP Spoofing and there is also email spoofing, content spoofing and etc.
Spoofing, particularly "Email spoofing" is a relatively new term used to describe fraudulent emails in which the sender's address and other parts of the email header are altered to appear as though the email originated from a different source. For example, you might receive an email that appears to have been sent from a well-known company (like MicroSoft), a government agency or even Consumer Fraud Reporting. In reality, none of those organizations would be likely to send any unsolicited email (that which you didn't sign up for and expect to receive). In short, spoofing is a counterfeit email with stolen email addresses used without the real address owner's knowledge or permission.
Spoofing is a technique commonly used by spammers and scammers using phishing to hide the real origin of an email message. By changing certain properties of the email, such as the "From", "Return-Path" and "Reply-To" fields (which are found in the message header), these criminals can make the email appear to be from someone other than the actual sender. And unfortunately, there is nothing that can be done about it at present, no more than there anything to stop someone from writing a false return address on a postal letter and dropping it in a mailbox.
DENIAL OF SERVICE ATTACK
In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer.
The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a "denial of service" because you can't access that site.An attacker can use spam email messages to launch a similar attack on your email account. Whether you have an email account supplied by your employer or one available through a free service such as Yahoo or Hotmail, you are assigned a specific quota, which limits the amount of data you can have in your account at any given time. By sending many, or large, email messages to the account, an attacker can consume your quota, preventing you from receiving legitimate messages.
DoS attack, denial-of-service attack, is an explicit attempt to make a computer resource unavailable by either injecting a computer virus or flooding the network with useless traffic. There are two types of DoS attacks: computer attack and network attack.
BACKDOOR
A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves, as part of anexploit. In some cases, a worm is designed to take advantage of a back door created by an earlier attack. For example, Nimda gained entrance through a back door left by Code Red.
Whether installed as an administrative tool or a means of attack, a back door is a security risk, because there are always crackers out there looking for any vulnerability to exploit. In her article "Who gets your trust?" security consultant Carole Fennelly uses an analogy to illustrate the situation: "Think of approaching a building with an elaborate security system that does bio scans, background checks, the works. Someone who doesn't have time to go through all that might just rig up a back exit so they can step out for a smoke -- and then hope no one finds out about it."
A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network.
FIREWALL
The term "fire wall" originally meant, and still means, a fireproof wall intended to prevent the spread of fire from one room or area of a building to another. The Internet is a volatile and unsafe environment when viewed from a computer-security perspective, therefore "firewall" is an excellent metaphor for network security.
A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware andsoftware, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
