|
Network Chico security
terms glossary
| @ | A
| B | C | D
| E | F | G
| H | I | J
| K | L | M
| N | O | P
| Q | R | S
| T | U | V
| W | X | Y
| Z |
Welcome to the Network Chico
computer security terms glossary.
=D=
Data Diddlers: This is
a popular name for a virus that contains a data modifying payload.
This type of virus may, for example, change 0's to 9's in an
Excel spreadsheet or, like Jal.A, it may replace certain words.
Unfortunately, the changes made by some of these viruses may
be almost unnoticeable in large amounts of data. Hence, users
may not realize that they are infected for quite some time, necessitating
possibly lengthy and costly clean-up procedures.
DDoS, DDOS: Distributed
Denial of Service. Attempts to DoS large sites using most forms
of resource exhaustion attack, and particularly network bandwidth
wasting strategies, are often impossible for a single attacking
machine because of the sheer scale of resources available to
the attacked site. One solution to this is the distributed denial
of service approach, whereby a number of machines with 'attack
services' installed on them are simultaneously commanded to attack
a target system. Each of these DDoS 'agents' contributes part
of the total 'load' that eventually topples the attacked service
or server, or each agent contributes part of the bandwidth necessary
to clog the network connections to the attacked server. See also
Denial of Service. By late 1999, code from several DDoS systems
had been captured from compromised machines. These were mostly
the agents (the part that implements the attack service), but
a few examples of masters - the component that keeps track of
the agents availability and sends the commands to begin and end
an attack - were also captured. At the time, some networks of
these DDoS agents were discovered to contain several hundred
active agents. Although most of these systems have been designed
and written for Unix (and particularly Linux)
machines, some implementations for PCs also exist.
Decoy File: See the first
meaning of Goat File.
Denial of Service: An
attack on a computer system intended to reduce, or entirely block,
the level of service that 'legitimate clients' can receive from
that system. These range in scope from network bandwidth wasting
and/or swamping through exhausting various machine resources
(memory, disk space, thread or process handles, etc) required
by the process(es) providing the service. They usually work by
exploiting vulnerabilities that eventually crash the service
process or the underlying system. Although not commonly associated
with viruses, denial of service components are included in some
viral payload routines. (Also see DDoS.)
Destructiveness: This
is measured based on the amount of damage that a malicious program
can possibly achieve once a computer has been infected. These
metrics can include attacks to important operating system files,
triggered events, clogging email servers, deleting or modifying
files, releasing confidential information, performance degradation,
compromising security settings, and the ease with which the damage
may be fixed. CA uses this metric to measure the potential damage
that a malware's payload can deliver. This metric is given the
least weight, in combination with Wild and Pervasiveness metric,
to calculate the overall threat assessment.
Dialer: Software that
dials a phone number. Some dialers connect to local Internet
Service Providers and are beneficial as configured. Others connect
to toll numbers without user awareness or permission.
Direct Action: A virus
that attempts to locate and infect one or more targets when it
is run, and then exits is referred to as direct action virus.
In single-tasking operating systems such as DOS, direct action
viruses usually only infect a small number of targets during
each run, as the 'find then infect' process slows the normal
execution of the infected host from which the virus is running
and significant slowing of a machine is likely to warn its user
of the presence of something 'untoward'.
DOS:
- Disk Operating System - most famously, MS DOS and IBM DOS,
but also DR DOS and others.
- Denial of Service (although the acronym DoS is somewhat preferable
here to avoid confusion).
Downloader: A downloader
is a program that automatically downloads and runs and/or installs
other software without the user's knowledge or permission. In
addition to downloading and installing other software, it may
download updated versions of itself. A downloader may install
itself in a manner that allows it to constantly check for updated
files. For example, it may add an entry to the following registry
key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Dropper:A program that
installs a virus, but is not, itself, infected is known as a
dropper. These are not very common and probably most are for
installing boot viruses.
| @ | A
| B | C | D
| E | F | G
| H | I | J
| K | L | M
| N | O | P
| Q | R | S
| T | U | V
| W | X | Y
| Z |
|
