In IT, we hear many different terms. One of the most confusing scenarios is when a computer becomes infected with malware since the infection can be referred to as viruses, malware, adware, spyware, rootkits, etc. Some of these terms have the same meaning, some are sub-categories, and some are even just simply network tools. Some of the different forms of malware can be trojans, worms, hacktools, password revealers, etc. depending on the purpose of the program. To clarify things a bit, here is a list of common “infection” terms and their definitions:
Malware: Short for malicious software, (sometimes referred to as pestware) designed to harm or secretly access a computer system without the owner's consent. The expression is a general term used to define a variety of forms of hostile, intrusive, or annoying software or program code. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program. Essentially, it is the broadest term to cover all forms of infections.
Virus: A computer program that can copy itself and infect another computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, carried it on an external drive, or unintentionally spread it through email. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
Worm: A self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes (computers on the network), and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Spyware: A type of malware that can be installed on computers which collects small pieces of information about users without their knowledge. Spyware is typically hidden from the user and can be used to observe and collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet connection or functionality of other programs.
Adware: Advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up. The object of the Adware is to generate revenue for its author. Adware, by itself, is harmless; however, some adware may come with integrated spyware such as key loggers and other privacy-invasive software.
Rootkit: Software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. The term rootkit is a concatenationof "root" (the traditional name of the privileged account on Unix operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware. Rootkits are considered to be one of the most difficult forms of malware to detect and clean as one of their main functions is to remain undetected, sometimes by residing in the kernel; reinstallation of the operating system is sometimes the only alternative.
Trojan: Software that appears to perform a desirable function for the user prior to run or install, but (perhaps in addition to the expected function) steals information or harms the system. The term is derived from the Trojan Horse story inGreek mythology.
HackTool: Can be malware used by hackers for various purposes. It can include port scanners , and sniffers , keystroke loggers and tools for sending spam. Many types of legitimate network utilities that administrators use are falsely identified as hacktools as they can be used by the administrator to obtain important information about a network they are responsible for. For example, a password revealer can be used to record a user’s password for their email prior to reformatting their system. This can be quite handy since the user may not be available to ask or may have forgotten it since it is cached. Other tools can be used to scan networks to obtain information about the computers on the network such as IP addresses, hostnames, and variousther details that are necessary to properly manage a network.
Some people live with the illusion that they have protected their home networks from internet attacks by purchasing a firewall. Manufacturers even promote this by identifying their products as firewalls. Sadly, most users are not protected by a firewall, but by the simple router.
Source: Northern Computer
No comments:
Post a Comment