swati16
Member
Difference between all sorts of Malicious stuff
Reply with quoteQuote
This tutorial is written by Me (NewAge[X]), and is oriented for Total nawbs
that has no understanding the difference between a Trojan, Worms, Viruses,
Macro Viruses, Polymorphic Viruses, RootKits, Backdoors, LogicBombs and
TimeBombs, Bots and so this make me very angry :|
-----------------
~Trojan:
From Greek mythology, is a term used to describe malware that appears, to
the user, to perform a desirable function but, in fact, facilitates
unauthorized access to the user's computer system. Doesn't spread by itself.
[thX to SERVIC3]
~Worm:
Used for automatic exploitation of computer systems and needs no hacker
interaction. Its like a hellfire, once you start it up, it just spreads and
spreads until someone stops it. Worm itself does malicious stuff and
installs some other piece of virus code, like a Bot. As an Example look up
the "Conficker" worm.
~Virus (or Virii as some call it):
Mainly used for corrupting a computer system, destroying data or taking down
a network or anything else that does something destructible.
~Macro Virus:
Usually comes in a Word or Exel documents, because it is created in a Macro
programming environment, the ones that MS Office has. It has this tiny but
powerful "VB" scripting environment. Doesn't spread.
~Polymorphic Virus:
These kind of viruses can and always does change their "form" and
everything, literally. Their unique engine allows them to become different
in size, name, look and mutated code every time it infects something. This
is more an engine then a Virus.
~RootKit:
This is just basically a "box" that carries out a payload of malicious
codes, already compiled and waiting to be released. When a rootkit gets its
roots into your system, they become very nasty as they hide everything, like
processes, files and more.
~BackDoor:
See [~Trojan] above. Although this sometimes are just a backdoor with no
malicious stuff. It just opens a back door to the system and nothing more.
As an example look up "NetCat".
~LogicBomb:
These are same as [~Virus a.k.a Virii] but with a event watcher attached to
it. So when the specified event occurs, lets say some program pops up a
message dialog, the event viewer reacts and launches the virus.
~TimeBomb:
Same as [~LogicBomb] but instead of a Event watcher it has a ticking clock.
When the clock reaches the specified time or date or both, it launches its
payload.
~Bot:
Some people mistakes them with "BotNet". Bot and BotNet are from the same
category but are completely different things. Bot is a malicious piece of
code that turns your computer into a zombie slave. More realistic
explanation would be that your computer gives the control to the hacker too
by connecting to specified IRC server and being there waiting for commands.
A BotNet is an IRC server channel full of bots connected into one Net so
that a hacker with one command can control all of his bots.
----------------------
Well I think thats about it, hope you got this understanding and won't drive
me crazy Cry if something isn't very correct, please tell me and I'll
correct it.
Reply with quoteQuote
This tutorial is written by Me (NewAge[X]), and is oriented for Total nawbs
that has no understanding the difference between a Trojan, Worms, Viruses,
Macro Viruses, Polymorphic Viruses, RootKits, Backdoors, LogicBombs and
TimeBombs, Bots and so this make me very angry :|
-----------------
~Trojan:
From Greek mythology, is a term used to describe malware that appears, to
the user, to perform a desirable function but, in fact, facilitates
unauthorized access to the user's computer system. Doesn't spread by itself.
[thX to SERVIC3]
~Worm:
Used for automatic exploitation of computer systems and needs no hacker
interaction. Its like a hellfire, once you start it up, it just spreads and
spreads until someone stops it. Worm itself does malicious stuff and
installs some other piece of virus code, like a Bot. As an Example look up
the "Conficker" worm.
~Virus (or Virii as some call it):
Mainly used for corrupting a computer system, destroying data or taking down
a network or anything else that does something destructible.
~Macro Virus:
Usually comes in a Word or Exel documents, because it is created in a Macro
programming environment, the ones that MS Office has. It has this tiny but
powerful "VB" scripting environment. Doesn't spread.
~Polymorphic Virus:
These kind of viruses can and always does change their "form" and
everything, literally. Their unique engine allows them to become different
in size, name, look and mutated code every time it infects something. This
is more an engine then a Virus.
~RootKit:
This is just basically a "box" that carries out a payload of malicious
codes, already compiled and waiting to be released. When a rootkit gets its
roots into your system, they become very nasty as they hide everything, like
processes, files and more.
~BackDoor:
See [~Trojan] above. Although this sometimes are just a backdoor with no
malicious stuff. It just opens a back door to the system and nothing more.
As an example look up "NetCat".
~LogicBomb:
These are same as [~Virus a.k.a Virii] but with a event watcher attached to
it. So when the specified event occurs, lets say some program pops up a
message dialog, the event viewer reacts and launches the virus.
~TimeBomb:
Same as [~LogicBomb] but instead of a Event watcher it has a ticking clock.
When the clock reaches the specified time or date or both, it launches its
payload.
~Bot:
Some people mistakes them with "BotNet". Bot and BotNet are from the same
category but are completely different things. Bot is a malicious piece of
code that turns your computer into a zombie slave. More realistic
explanation would be that your computer gives the control to the hacker too
by connecting to specified IRC server and being there waiting for commands.
A BotNet is an IRC server channel full of bots connected into one Net so
that a hacker with one command can control all of his bots.
----------------------
Well I think thats about it, hope you got this understanding and won't drive
me crazy Cry if something isn't very correct, please tell me and I'll
correct it.