Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.5  Malicious Code

Previous Topic/Section
1.5.2  Trojan Horses
Previous Page
Pages in Current Topic/Section
1
Next Page
1.5.4  Worms
Next Topic/Section

1.5.3  Logic Bombs

A logic bomb is a virus of some ilk with a time delay fuse. The most famous virus with a fuse was Michelangelo in 1992. More practically speaking, a really upset employee is more of a danger107. They could install a program set to do something malicious at a later date, and then quit (or work their last day, if they were laid off), leaving the system to automatically fire off the malicious code days, weeks, or even months after they lost their access to the company’s computers. For that matter, this could also happen while they are still employed (but taking a vacation day, be in an all-day meeting, etc. – i.e., in a place in which they had an “alibi”), when the logic bomb “goes off”.

Logic Bomb

A logic bomb is a piece of malicious code that is designed to not “fire” the malicious functionality until a certain date. An example of a logic bomb in a virus would be the Michelangelo virus. More commonly, upset employees, triggering some malicious functionality at some date in the future, may insert logic bombs into in-house programs.


To guard against this occurring, it’s useful to have multiple programmers looking at the same set of code (either using multiple coders, a la “Extreme Programming”108, or a two step “code” and “code review” process), and for change control processes to be in effect, requiring that someone other than the program’s creator be assigned the responsibility (and the necessary system access permissions) to put any code into production. As we’ll see later in the cryptography section, a useful tactic in helping keep a system from being abused is to require that multiple people be involved in activities that lend themselves to abuse, such as installation of programs on in-house production (or client) systems.


 __________________

107. http://www.signonsandiego.com/news/state/20030221-0515-ca-computerhacker.html

108. http://www.xprogramming.com/xpmag/whatisxp.htm

Previous Topic/Section
1.5.2  Trojan Horses
Previous Page
Pages in Current Topic/Section
1
Next Page
1.5.4  Worms
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.