Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]



One issue here is, who gets to define these terms?  The technical
definitions of these various forms of attack comes to us by way of
those who created them, but the meanings become interpreted over time
throught the use and misuse of them by the general public.  Words mean
what you use them to mean.  Whose definition is authoritative?

FWIW, here are the definitions as I have come to know them:

Virus: 	any program capable of replicating itself in some manner.

Worm: 	any program which automatically seeks to gain entrance to remote
	systems, and which when it succeeds, starts a new instance of
	itself on the new host

Trojan: any program which secretly does something other than what it
        purports to do

Backdoor: any program used to provide a non-conventional means of
	remotely accessing a system

Bot:	any program which automatically intercepts events and acts on
	them on behalf of its user

So then, a worm is a specific kind of virus, because it
self-replicates.  Many of the other definitions of these terms I've
seen place arbitrary restrictions on them, such as "it propogates by
e-mail" or "it contains X form of malware" -- in general, these
additional restrictions are artificial, deriving from more common
examples of such malware, and from more common usages in modern
language.  These classifications are intented to be a bit more general
than that.

It is also worth noting that it is possible to have examples of all of
these which are not malicious in intent, though you may have to use
your imagination to come up with useful examples...  I leave that as
an exercise for the reader.  :)

-- 
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.
Replying to it will result in undeliverable mail.
Sorry for the inconvenience.  Thank the spammers.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030820/454137b9/attachment.sig>



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org