|
Network Chico security
terms glossary
| @ | A
| B | C | D
| E | F | G
| H | I | J
| K | L | M
| N | O | P
| Q | R | S
| T | U | V
| W | X | Y
| Z |
Welcome to the Network Chico
computer security terms glossary.
=A=
Adware or Ad
ware: Software that downloads and displays advertisements.
This kind of software is often bundled with Freeware. The software
license may say that by installing the software you agree to
accept advertising. See also Spy ware or Spyware.
Alias: Unfortunately,
there is no one standard, accepted rule for naming viruses. Hence,
even though informal groups, such as CARO, have discussed conventions
for virus naming, differences still exist between antivirus software
companies and research organizations. Thus where the term ‘alias’
or ‘also known as’ occurs, it refers to different names
that the same virus may be given by other sources.
Annoyance: Any trojan
that does not cause damage other than to annoy a user, such as
by turning the text on the screen upside down, or making mouse
motions erratic.
ANSI Bomb: Character sequences
that reprogram specific keys on the keyboard. If ANSI.SYS is
loaded, some bombs will display colorful messages, or have interesting
(but unwanted) graphical effects.
Anti-antivirus Virus:
Another term for a retro-virus. Anti-emulation: To reliably detect
polymorphic viruses, scanners include code emulators to simulate
the running of executable code and check whether it decrypts
to a known virus. An emulator must stop emulating a program once
it is no longer necessary to continue doing so and for performance
reasons many emulators have simple rules for quickly determining
a stopping point. Some polymorphic viruses include tricks attempting
to defeat these code emulators by fooling them into quitting
the emulation before the decryption code has finished its work.
Such methods are commonly called anti-emulation techniques.
Anti-heuristic: Efforts
by virus writers to avoid having their code detected as a possible
new virus by heuristic detection are known as anti-heuristic
techniques. What works depends on the heuristics approach of
different scanners, but some code obfuscation techniques seem
to clearly be anti-heuristic.
Antivirus Virus: The idea
of making an antivirus program itself viral so it can propagate
to where it is most needed is a very old one. Such a program
would be an antivirus virus. It is universally agreed among reputable
antivirus researchers to be a very bad - even dangerous - idea,
and should be avoided at all costs.
AOL Pest: Any password
stealer, exploit, DoS attack, or ICQ hack aimed at users of AOL.
ICQ is an instant messenger service from mirabilis.com, now AOL.
ICQ is a favorite service among hackers, and ICQ features are
built into many trojans (such as stealing user's passwords, UINs,
or notifying the hacker). Users of ICQ are warned "By using
the ICQ service and software... you may be subject to various
risks, including... Spoofing, eavesdropping, sniffing, spamming,
breaking passwords, harassment, fraud, forgery, 'imposturing',
electronic trespassing, tampering, hacking, nuking, system contamination
including without limitation use of viruses, worms and Trojan
horses causing unauthorized, damaging or harmful access and/or
retrieval of information and data on your computer and other
forms of activity that may even be considered unlawful."
Appender: A virus that
inserts a copy of its code at the end of its victim file is known
as an appender or appending virus. (c.f. Cavity Infector, Companion
Virus, Overwriter, Prepender)
Armored Virus: Viruses
that use special tricks to make tracing them in a debugger and/or
disassembling them difficult are said to be 'armored'. The purpose
of armoring is primarily to hinder virus analysts reaching a
complete understanding of the virus' code. An early example of
an armored virus is Whale.
AV Killer: Any hacker
tool intended to disable a user's anti-virus software to help
elude detection. Some will also disable personal firewalls.
AVED: AntiVirus Emergency
Discussion list: A mailing list for professional antivirus
researchers allowing them to alert other researchers to emerging
or ongoing 'crisis' or 'emergency' virus events. These may be
localized to a geographic or language-based region or known to
be approaching a wordlwide scale. It also acts as a forum for
these researchers to discuss such events, what precursors count
as sufficient grounds to make posting alerts to users about a
newly discovered virus and at what point involving the news media
seems appropriate. Aside from the discussion list, another list
facilitates the secure distribution of emergency samples and
members of the list are expected to send samples of any viruses
the organizations they work for consider worthy of raising public
warnings about. Senior Computer Associates virus analysis staff
are represented on the AVED mailing lists and board.
| @ | A
| B | C | D
| E | F | G
| H | I | J
| K | L | M
| N | O | P
| Q | R | S
| T | U | V
| W | X | Y
| Z |
|
