Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Wed, Aug 20, 2003 at 11:20:23AM -0400, Derek Martin wrote: > On Wed, Aug 20, 2003 at 10:17:41AM -0400, Jeff Kinz wrote: > > > > Trojan - any program described to be benign or beneficial but actually > > > > a worm or virus in disguise. See "Trojan Wars". > > None of the specifics you give here conflict with the general definition > > I gave above. > > From a purely semantic perspective, it does. You state that a trojan > is a worm or virus in disguise. This is false. In order to be a Yes - your right, I was too narrowly focused on the topic of discussion. quoting myself: (Mine behind hast been bit by mine own verbiage! oucheth... :-) ) > From a practical perspective, it's close enough. > > One issue here is, who gets to define these terms? The technical > definitions of these various forms of attack comes to us by way of > those who created them, but the meanings become interpreted over time > throught the use and misuse of them by the general public. Words mean > what you use them to mean. Whose definition is authoritative? > > FWIW, here are the definitions as I have come to know them: > > Virus: any program capable of replicating itself in some manner. > > Worm: any program which automatically seeks to gain entrance to remote > systems, and which when it succeeds, starts a new instance of > itself on the new host > > Trojan: any program which secretly does something other than what it > purports to do > > Backdoor: any program used to provide a non-conventional means of > remotely accessing a system > > Bot: any program which automatically intercepts events and acts on > them on behalf of its user I like these definitions. There are both general enough to not miss possible modius operandi and yet they truly reflect the nature of entity. One quibble - (well sure, there had to be one didn't there? :) ) Doesn't a virus have to reproduce by inserting its executable code within or by replacing an existing executable on the victimized host system? Isn't that what distinguishes it from a worm? > > So then, a worm is a specific kind of virus, because it > self-replicates. Hmm - I'm trying to seperate worms and virii into different beasts. You are making a worm a sub-species of virus. hmmm. Could go either way I guess. But I think the insertion of virii's executable code into an existing executable is an important distinction. -- Jeff Kinz, Open-PC, Emergent Research, Hudson, MA. jkinz at kinz.org copyright 2003. Use is restricted. Any use is an acceptance of the offer at http://www.kinz.org/policy.html. Don't forget to change your password often.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |