1.5 MMC Terminology

Team-Fly    

 
Malicious Mobile Code: Virus Protection for Windows
By Roger A. Grimes
Table of Contents
Chapter 1.  Introduction

1.5 MMC Terminology

Here are some other malicious mobile code terms used throughout the computer security industry that you will need to understand while reading this book.

Antivirus

Antivirus (AV) programs, research, and researchers are dedicated to preventing the unknown spread of malicious mobile code. Whereas, the term AV is used to explicitly describe researchers working against computer virus programs, the lines of battle now include viruses, worms, Trojans, malicious Java applets, and other intentionally written rogue programs. An antivirus researcher rarely deals only in viruses, and it is the rare antivirus program that only detects viruses. However, because viruses are the most prolific type of malicious code, the term AV is often used when the intent is to describe all malicious code.

Backdoor

A backdoor is a subroutine within a malicious program that allows hackers to access previously secure computer systems without the knowledge of the owner/ user /administrator. Many sophisticated Trojans today (such as Back Orifice , The Thing , or NetBus ) are backdoor programs.

Construction kits

Today, many malicious code creators don't even know how to program. Other hackers have created construction kits that allow nonprogrammers to make up their own viruses and Trojans by simply choosing a few options. The kit compiles the code and produces the harmful bug.

Exploit

An exploit is a rogue code action that takes advantage of a security flaw in a particular system or language. Exploits are considered by most experts to be examples of talented code writers. A Trojan that deletes files or formats hard drives isn't considered an exploit, whereas, a virus that spreads via email and uses an undocumented operating system API would be.

False-positive

A false-positive means a virus scanner reported that a rogue program was present, when one was not. This result can be more frustrating than finding a virus. The opposite outcome, not detecting a rogue program when one is present, is called a false-negative . Good antivirus programs have neither of these in great quantities .

High-level language

A high-level programming language is typically a programming language that works at the application layer level of a computer and does not interact directly with the CPU, like assembly language does. High-level languages (HLL) must be interpreted or compiled to machine language prior to running. Malicious mobile code written in an HLL is usually bigger and slower than its assembly language counterpart .

Platform

A computer platform is a specific combination of computer hardware and software. MacIntosh computers are a different platform than a Unix-based minicomputer. Windows NT running on an IBM-compatible PC is a different platform than Windows NT running on alpha-based hardware.

Trusted

A computer program is considered trusted if the user or system has reasonable confidence that the code will function as intended and not harm their system or data. Trustworthiness is almost always attested to by the code's creator or a trusted third party.

Untrusted

Untrusted code is any program or code not examined or attested for trustworthiness by a reliable source. Most code in untrusted.


Team-Fly    
Top


Malicious Mobile Code. Virus Protection for Windows
Malicious Mobile Code: Virus Protection for Windows (OReilly Computer Security)
ISBN: 156592682X
EAN: 2147483647
Year: 2001
Pages: 176

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net