| |
|
|
|
|
 |
|
Attachment
An attachment is a file(s) that is added to an outgoing mail, e.g. a picture or a word document. Attachments are the most common carriers of viruses and you should never open an attachment that comes from an unknown source.
|
Ad-aware/Spyware
Software that downloads and displays advertisements. This type of software is often bundled with software that is available freely on the Internet.
|
Blacklist
There are two kinds of blacklists
IP-blacklists: Publication of a group of IP addresses known to be sources of spam. The goal of these blacklists is to provide a list of IP addresses that a network can use to filter out undesirable traffic. However, since spammers are constantly changing their IP addresses, IP-blacklists are only usable up to a point.
Per-user blacklists: Lists of e-mail addresses or domain names from which spam filters will allow messages to be received. The list can be gradually compiled over a period of time, and can be edited whenever the user wants.
|
Backdoor
A program that allows access to a computer's resources via
network connection. Backdoors can create a security hole in
your system that can be used to access your computer.
|
Bug
A fault in a computer system, usually associated with software.
|
Disinfection
Cleaning or deleting a virus infection.
|
Dropper
A program that installs a virus without being infected itself.
|
EICAR
EICAR is a product of the European Institute for Computer
Antivirus Research and is a special test file. This dummy
file is detected by antivirus products exactly like if it
were a virus. Naturally, the file is not a virus. When executed,
EICAR.COM will display the text 'EICAR-STANDARD-ANTIVIRUS-TEST-FILE'
and exit.
|
Executable files
A file in a format that the computer can directly execute.
Executables in DOS and Windows usually have an .exe or a .com
extension.
|
False positive
If it is claimed that a suspicious object is found when in
reality it is clean, a false positive is said to have occurred.
This problem is usually fixed in the next release of the virus
signature files.
|
Heuristics
Heuristics are rules that are based on knowledge gained by
experience. The advantage of the heuristic scan is that it
is not fooled by a new variant of an existing virus. However,
it may occasionally report suspicious code in normal programs.
|
Hoax
Hoax warnings are typically scare alerts started by malicious
people and passed on by innocent users who think they are
helping the community by spreading the warning. If you receive
a warning about a security threat, please look into it further
before you forward it to other users.
|
Malware
Software that includes any threatening programs that are meant
to be destructive, such as viruses and worms.
|
Memory resident virus
A virus that stays in memory after it executes and after its
host program is terminated. In contrast, viruses that are
not memory resident only are activated when an infected application
runs.
|
Mass mailers
Mass mailers are worms that attach themselves to malicious
e-mail sent automatically to contacts in an address book or
corresponding list. Typically a mass mailer arrives on a computer
with an infected e-mail message. In some cases an infected
attachment of such message can start automatically, in other
cases a user has to run an attachment to become infected.
|
Polymorphic Virus
A type of virus that changes its code segments so that it
"appears" different from one infected file to another,
therefore making detection more difficult.
|
Spam
Spam is unsolicited e-mail on the Internet. From the sender's
point-of-view, it's a form of bulk mail. To the receiver,
it usually seems like junk e-mail. It's roughly equivalent
to unsolicited telephone marketing calls except that the user
pays for part of the message since everyone shares the cost
of maintaining the Internet. Spammers typically send a piece
of e-mail to a distribution list in the millions, expecting
that only a tiny number of readers will respond to their offer.
Spam has become a major problem for all Internet users.
|
Scan engine
A software that scans computer systems for security threats,
such as viruses and worms. Antivirus scan engines use virus
signature files to receive updates on the latest security
threats. Antivirus scan engines also have to be upgraded once
in a while.
|
Trojan
A Trojan is a program made to appear harmless and a user is
duped in to installing it, or else is installed without their
knowledge.
|
|
Virus
A virus is a piece of programming code usually disguised as
something else that causes some unexpected and usually undesirable
event. A virus is often designed so that it is automatically
spread to other computer users. Viruses can be transmitted
as attachments to an e-mail note, as downloads, or be present
on a diskette or CD. The source of the e-mail note, downloaded
file, or diskette you've received is often unaware of the
virus. Some viruses wreak their effect as soon as their code
is executed; other viruses lie dormant until circumstances
cause their code to be executed by the computer. Some viruses
are playful in intent and effect ("Happy Birthday, Ludwig!")
and some can be quite harmful, erasing data or causing your
hard disk to require reformatting.
Generally, there are three main classes of viruses:
File infectors. Some file infector viruses attach
themselves to program files, usually selected .COM or .EXE
files. Some can infect any program for which execution is
requested, including .SYS, .OVL, .PRG, and .MNU files. When
the program is loaded, the virus is loaded as well. Other
file infector viruses arrive as wholly-contained programs
or scripts sent as an attachment to an e-mail note.
System or boot-record infectors. These viruses infect
executable code found in certain system areas on a disk. They
attach to the DOS boot sector on diskettes or the Master Boot
Record on hard disks. A typical scenario (familiar to the
author) is to receive a diskette from an innocent source that
contains a boot disk virus. When your operating system is
running, files on the diskette can be read without triggering
the boot disk virus. However, if you leave the diskette in
the drive, and then turn the computer off or reload the operating
system, the computer will look first in your A drive, find
the diskette with its boot disk virus, load it, and make it
temporarily impossible to use your hard disk. (Allow several
days for recovery.) This is why you should make sure you have
a bootable floppy.
Macro viruses. These are among the most common viruses,
and they tend to do the least damage. Macro viruses infect
your Microsoft Word application and typically insert unwanted
words or phrases.
|
Virus signature files
Antivirus scan engines rely on virus signature files to feed
them information on new security threats. Virus signature
files are usually updated at least once a week.
|
Whitelist
A whitelist is a list of e-mail addresses or domain names
from which spam filters will allow messages to be received.
The list can be gradually compiled over a period of time,
and can be edited whenever the user wants.
|
Worm
Worms are malicious programs that copy themselves from system
to system, rather than infiltrating legitimate files. Worms
can be mass mailers, like Sobig which sends a copy of itself
to all e-mail addresses in the address book in the infected
computer. Worms can also infect via the Internet, such as
Msblast, which infected computers using a security hole in
the Windows operating system.
|
|
|
|
