ITS Homepage Click here for text version of ITS homepage University at AlbanyUAlbany Site IndexUAlbany Search
Information Security Home
Threat Matrix
Security Threats
System Alerts
Security Defenses
Best Practices
Technical Controls
 
Security Tools
Network Standards


 Phishing Phishing Samples

 robotIcon Bot/Bot Herd

 handClawIcon Hackers

 bombIcon Malware

 computerSafe Password Cracking

 rabbithaticon Social Engineering

 spyicon Spyware

 computerbombicon Viruses

Information Security
 

Malware:

bombIcon Malware: Bots, Back Doors & Rootkits

Malware is a generic term used to refer to any computer program (software) that runs without the full knowledge and consent of the system owner. There are many different types of malware. Common examples include bots, back doors, rootkits, and spyware. Malware often causes computers to operate more slowly, and may damage files.

Bots (AIM Bot, IRC Bot, etc.):
A bot-type infection is one that enables someone to access and control your computer remotely in conjunction with thousands of additional computers that have an identical piece of malware installed. For more detailed information about how bots work and what they are used for, please see the Bot write up.

Back Door:
A back door is software that listens on the network for a remote connection.  Connecting to the back door provides surreptitious access to the computer. Access is usually extensive in that it allows an intruder to poke around your hard drive and see just about anything there is to see.  Some back doors listen passively, waiting for the connection to be made; others announce their presence, attempting to make contact with a command and control system on the Internet. More active back doors are often used in combination with bots.

Rootkits:
A rootkit is a way to disguise the presence of malware on a computer. It gives false information about the state of the system. Rootkits accomplish this by substituting a corrupt version of a legitimate piece of software. For example, one version of a rootkit lies about who is logged into the machine. On Unix computers, typing "who" lists everyone currently logged into the system. A rootkit version of this utility would lie, hiding the fact that an unauthorized user had access to the system.

Rootkits are difficult to detect and remove.

Additional Information on Malware:
Note: Links point to external sites, not run by UAlbany:

Definition of a Key logger - Wikipedia

Definition of a Computer Virus - Wikipedia

Definition of Spyware - Wikipedia

Definition of Malware - Wikipedia

For more detailed information on different tools you can use to counter malware, please visit the Security Tools page.

Glossary

 SiteMap