Re: What is the difference between a worm and a trojan ?
From: Jay T. Blocksom (not.deliverable+USENET_at_appropriate-tech.net)
Date: 06/03/04
- Next message: Jay T. Blocksom: "Re: What is the difference between a worm and a trojan ?"
- Previous message: Tx2: "Re: AV software on partial internet connected network?"
- Maybe in reply to: mike3: "Re: What is the difference between a worm and a trojan ?"
- Next in thread: FromTheRafters: "Re: What is the difference between a worm and a trojan ?"
- Reply: FromTheRafters: "Re: What is the difference between a worm and a trojan ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 03 Jun 2004 09:42:33 -0400
[Bogus "Newsgroups:" and "Followup-to:" fixed]
On Wed, 19 May 2004 01:31:55 +0200, in <alt.privacy.spyware>,
pmeister2@lycos.com (Peter Meister) wrote:
>
> Ok, I know the difference between a virus and a trojan. But what is the
> difference between a worm and a trojan?
[snip]
Given your second sentence, I don't have a lot of faith in the first one.
However...
> Is the one a subset of the other type or are they completele different ?
>
> Peter
The terms have become somewhat muddied, both through widespread sloppy usage
and the fact that a great many malicious programs exhibit characteristics of
at least two (sometimes all three) of these particular types of malware.
In short, a "trojan" is any program which masquerades as something
substantively different from what it really is -- typically, but not
necessarily, for nefarious purposes. The key here is that, like the Trojan
Horse of Greek mythology, trojans generally depend on tricking the user into
believing the disguise, and thus naively accepting the threat. A closely
related topic is "Social Engineering".
Both worms and virii are similar, to the extent that they (attempt to)
propagate themselves from one host to the next. Usually, this occurs with
little user intervention; but if it is literally *no* user intervention, it is
best described as a "worm". Also, a pure worm is generally only a threat for
the duration it is permitted to execute, and it's sole (or at least primary)
deleterious effect is the traffic it generates while propagating itself (cf.,
the original ARPAnet worm
<http://sise.ttu.ee/it/vorgutarkvara/itv0010/timeline/tcm.org/html/history/detail/1988-worm.html>).
OTOH, a "virus" is distinguished by its ability to semi-permanently *infect* a
host system, which will then in turn attempt to infect other systems, etc., ad
infinitum. If re-booting the system will clear the parasite, it is not a
virus (tho' it may still be a worm, and/or a trojan).
-- Jay T. Blocksom -------------------------------- Appropriate Technology, Inc. usenet01[at]appropriate-tech.net "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin, Historical Review of Pennsylvania, 1759. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Unsolicited advertising sent to this E-Mail address is expressly prohibited under USC Title 47, Section 227. Violators are subject to charge of up to $1,500 per incident or treble actual costs, whichever is greater. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Next message: Jay T. Blocksom: "Re: What is the difference between a worm and a trojan ?"
- Previous message: Tx2: "Re: AV software on partial internet connected network?"
- Maybe in reply to: mike3: "Re: What is the difference between a worm and a trojan ?"
- Next in thread: FromTheRafters: "Re: What is the difference between a worm and a trojan ?"
- Reply: FromTheRafters: "Re: What is the difference between a worm and a trojan ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
