|
|
Line 1: |
Line 1: |
− | A threat that '''plague a product'''.While known threats are identified based on signatures, files copied onto the hard drive upon installation, registry keys, protocol analysis and others; we identify unknown threats by studying the product's behavior over a period of time.
| + | #redirect [[:Category:Threat Agent]] |
− | | |
− | [['''The following is a description of few threats:-''']] | |
− |
| |
− | '''REVERSE TROJAN(Server-to-Client)''':
| |
− | | |
− | The most dangerous and malicious program where the server is active and the client passive. This kind of attack can bypass firewalls, IDS, anti-virus softwares, spyware removal tools, etc.
| |
− |
| |
− | '''TIME BOMB''' :
| |
− | | |
− | A dangerous logic in an application which gets activated only on a certain predetermined date and time.
| |
− | | |
− | '''BOTS :'''
| |
− | | |
− | They are a snippet of malicious code that can use your PC as a front for sending unsolicited advertisement emails or chat messages or even launch DoS attacks on remote servers and/or networks.
| |
− | | |
− | '''LOGIC BOMB :'''
| |
− | | |
− | This is another component which was designed to activate under certain conditions.
| |
− | | |
− | '''KEY LOGGERS:'''
| |
− | | |
− | Malicious programs that secretly capture or log all the keyboard inputs, take screen shots, caputure stored passwords and transfer or mail them to the attackers located outside the trusted local network.
| |
− | | |
− | '''SNIFFERS:'''
| |
− | | |
− | Like the name suggests, a Packet Sniffer can sniff network traffic travelling over the network and decode the content. The content might be anything from username and password to confidential emails.
| |
− | | |
− | '''BACKDOORS:'''
| |
− | | |
− | Developers usually put some access points in the software they develop for easy navigation during development and testing. Backdoors / trapdoors are such system access points that are inadvertently left available even after software release.
| |
− | | |
− | '''ROOTKITS:'''
| |
− | | |
− | They are a set of tools that enable the intruder to maintain his stealth after gaining access to the system. In other words, the intruder uses rootkits in order to maintain access to the remote system without the owner’s knowledge.
| |
− | | |
− | '''VIRUS:'''
| |
− | | |
− | Malicious software that causes damage to a computer system. The damage can range from repeatedly displaying a pop-message to crashing the system and loss of important data. It duplicates itself within a computer system, potentially attaching itself to every software application.
| |
− | | |
− | '''WORM:'''
| |
− | | |
− | Propagates through a network thus hogging the bandwidth and slowing down the network considerably.
| |
− | | |
− | '''SPYWARE:'''
| |
− | | |
− | It is a broad category of malicious software which intercepts or takes partial control of a computer's operation without the informed consent of that machine's owner or legitimate user.
| |
− | | |
− | '''TROJAN HORSE :'''
| |
− | | |
− | Same as Virus or Worm, but also sometimes used to send confidential information like username and passwords, back to the perpetrator.
| |
− | | |
− | '''To know more : http://coesecurity.com/services/what_we_test.asp'''
| |