Viruses, Trojan Horses, Worms
Despite all the hype about viruses and worms, the Security+ exam actually does not heavily test on viruses and the like. However, you will probably see at least a few questions on these topics and we will therefore go into some detail on the differences between different types of malicious programs and how they can be avoided or prevented from propagating.
A computer virus is malicious software that propagates itself upon the action of a user. For example, some viruses send emails promising great information on how to get rich quickly or pleasant images. The user then opens some sort of executable attachment (that is almost certainly not what is promised) and the virus either immediately acts or waits as a dormant drone to act, either upon the request of a master host or some sort of time period. Viruses typically inflict damage by either destroying files categorically or installing new files that drastically affect the performance of the computer. Most viruses also act to “insert” themselves into various executable files, increasing the likelihood that a user will re-run the malicious executable file.
One of the core tendencies of any computer virus is propagation. Most viruses include some mechanism for both local and network propagation, including the sending of instant messages, the setting up of web servers, and of course, emails. However, viruses are not truly “self-propagating” in the sense that the virus is actually incapable of “forcing” itself on another host machine in most cases. A virus typically needs user interaction to act (such as opening an attachment). This need for user interaction is usually seen as what separates a virus from a worm.
Unlike the friendly creatures that crawl beneath the crust, computer worms can be extremely destructive and costly malicious programs that self-propagate to cause unbelievable damage to computer networks across the world. Alternatively, worms can help provide us the wonders of Google and Yahoo search engines. How can a worm be so good and yet so bad?
Actually, worms are not inherently evil. Worms are simply pieces of software that are able to (through various means) self-propagate about the Internet. In many cases, computer worms provide various services that we all love and utilize. One such worm is the World Wide Web Worm, which “crawls” the Internet to pick up data from web pages for categorization and indexing that we later utilize through popular search engines. Other “friendly” worms work to quickly patch software that is vulnerable to attacks by – you guessed it – other worms!
However, some worms also do irreparable damage to computers. Many of these worms, which carry malicious payloads, install self-destructive software or a backdoor into the PC. Remote control of infected hosts is often a primary goal of worm writers who seek to crash high-profile websites and services through “Denial of Service” attacks.
Trojan Horses and Backdoors
A Trojan horse or backdoor is any software that attempts to give a remote user unauthorized access to a host machine or user account. Some backdoors actually serve a legitimate purpose (SSH, for example, might be classified as a “backdoor”) but in general,the terms “backdoor” and especially “Trojan horse” are associated with malicious intent.
Some popular Trojan horses include:
- VNC (can be used legitimately but also used for unauthorized access in conjunction with a worm)
**Source by wikipedia**
To Become Cretified For CompTIA Security+ Please Visit This Link ;