Full Disclosure mailing list archives
Re: Re: Help put a stop to incompetent computer forensics
From: Blue Boar <BlueBoar () thievco com>
Date: Wed, 10 Aug 2005 15:41:52 -0700
Jason Coombs wrote:
Whether or not the malware does other things as well, everyone I know considers a Trojan to be a type of malware that allows an intruder to gain entry to a system through the front door once the malware has gained entry through some other means such as tricking the user into installing it, forcing itself to install a la spyware, or exploiting one of the many vulnerabilities in Internet Explorer that enable Web sites to plant and execute arbitrary code.
Traditional malicious code terms going back 20+ years ago hold that a "trojan horse" program is one that performs a function other than or in addition to the function it is advertised to have. The reason for this is to trick a user into running it, under the assumption that it does something useful, or is at least harmless. This name comes from the "accepting the gift" aspect of Homer's story. Back then, the world was DOS, and there was no generally accepted connotation of installing a backdoor; systems were not widely networked. Current casual usage of "trojan" or "trojaned" is synonymous with a program that provides an unauthorized user continued access to a victim computer. The "trojan" portion of the term apparantly having morphed to mean that the program usually attempts to make itself appear to be a legitimate program, often by running as a process named the same as a real system process, etc... or general hiding. For this usage you could substitute the term "backdoor". But you guys are just arguing semantics, and the meaning(s) ought to be clear to all of you from the context. And now you've made me do it, too. BB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: Help put a stop to incompetent computer forensics, (continued)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Technica Forensis (Aug 10)
- Message not available
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- RE: Re: Help put a stop to incompetent computerforensics Chuck Fullerton (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics J.A. Terranson (Aug 12)
- Re: Re: Help put a stop to incompetent computer forensics Donald J. Ankney (Aug 10)
- RE: Re: Help put a stop to incompetent computerforensics hummer (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- RE: Re: Help put a stop to incompetent computerforensics Chuck Fullerton (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Nick FitzGerald (Aug 11)
- Re: Re: Help put a stop to incompetent computer forensics Blue Boar (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Technica Forensis (Aug 10)