Network Security

Q2: What are the types of malicious software? Briefly explain each of them.

Ans 1 (b) Security Threats
Trap door is a secret entry point into a program that allows someone that is aware of the trap door to gain access without going through the procedures. Trap doors have been used legitimately for many years by programmers to debug and test programs. This usually is done when the programmer is developing an application that has an authentication procedure, or a long setup, requiring the user to enter many different values, to run the application. To debug the program, the developer may wish to gain special privileges or to avoid all the necessary setup and authentication. Trap doors become threats when they are used by unscrupulous programmers to gain unauthorized access. It is difficult to implement operating system controls for trap doors. Security measures must focus on the program development and software update activities.

Logic Bomb One of the oldest types of program threat, predating viruses and worms, is the logic bomb. The logic bomb is code embedded in some legitimate program that is set to explode‖ when certain conditions are met. Examples of conditions that can be used as triggers for a logic bomb are the presence or absence of certain files, a particular day of the week or date, or a particular user running the application. eg: a logic bomb checked for a certain employee ID numb and then triggered if the ID failed to appear in two consecutive payroll calculations. Once triggered, a bomb may alter or delete data or entire files, cause a machine halt, or do some other damage.

A Trojan horse is a useful program or command procedure containing hidden code that, when invoked, performs some unwanted or harmful function. Trojan horse programs can be used to accomplish functions indirectly that an unauthorized user could not accomplish directly. For example, to gain access to the files of another user on a shared system, a user could create a Trojan horse program that, when executed, changed the invoking RT 801 20 Security in Computing user‘s file permissions so that the file‘are readable by any user. The author could then induce users to run the program by placing it in a common directory and naming it such that it appears to be a useful utility.

Viruses A virus is a program that cans infect other programs by modifying them: the modification includes a copy of the virus program, which can then go on to infect other programs. A computer virus carries in its instructional code the recipe for making perfect copies of itself. Lodged in a host computer, the typical virus takes temporary control of the computer‘s disk operating system.

Worms Network worm programs use network connections to spread from system to system. Once active within a system, a network worm can behave as a computer virus or bacteria, or it could implant Trojan horse programs or perform any number of disruptive or destructive actions.
To replicate itself, a network worm uses some sort of network vehicle. Examples include the following
• Electronic mail facility: A worm mails a copy of itself to other systems
• Remote execution capability A worm executes a copy of itself on another system.
• Remote login capability: A worm logs onto a remote system as a user and then uses commands to copy itself from one system to the other.
The new copy of the worm program is then run on the remote system where, in addition to any functions that it performs at that system, it continues to spread in the same fashion. A network worm exhibits the same characteristics as a computer virus:

Zombie is a computer that has been taken over by another controlling computer. The source computer contacts and utilizes the victim computer via the internet and uses the victim's computer network to send spam in the form of posts, comments or email. Often times, the zombie computer will not be able to recognize that the process is happening. The source computer will use a Trojan horse, malware or other viruses or cracker software to take over the victim's computer. The zombie code can be transferred through opening an email, download or an attachment onto a victim's computer. Once installed, the source computer also can execute DoS (denial-of-service) or host phishing attacks against web sites in addition to spam attacks.


If Error Please Whatsapp @9300930012