Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.5  Malicious Code

Previous Topic/Section
1.5.3  Logic Bombs
Previous Page
Pages in Current Topic/Section
1
Next Page
1.6  Social Engineering
Next Topic/Section

1.5.4  Worms

Worms are similar in nature to viruses. Both can consume resources and replicate themselves109. The Morris worm or the Internet worm is perhaps the most famous worm. The difference between a worm and a virus is that a worm can replicate itself across a network and consume resources, and it does not need to attach itself to other “host” programs110. Rather, it is capable of distributing and launching itself on its own, with no inadvertent “assistance” required from users whose computers are being infected.

Worm

A worm is a virus, usually containing malicious code, which can replicate itself and propagate across a network. Unlike a Trojan horse or many viruses, it does not have to attach itself to other “host” programs.


[spacer]Meet Mr. Morris

The most famous worm is the Morris Worm, which spread across the Internet by exploiting bugs in the send mail SMTP transport agent and an Internet service called “finger.” Consider that the Morris Worm exploited a buffer overflow issue in the finger service back in 1988, which programmers are still writing code vulnerable to this technique. Pessimists may proceed to predict the imminent death of the net now
111. J


As with viruses and Trojan horses, worms can be detected with anti-virus software. (If you’ve now gotten the hint that you should be running some sort of anti-virus software, no matter how inconvenient it is to isolated users, on your network, good!)


 __________________

109. http://www.itworld.com/nl/unix_sec/09132001/

110. http://www.esecurityplanet.com/trends/article/0,,10751_1464281,00.html

111. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci860185,00.html (Buffer overflows likely to be around for another decade.)

Previous Topic/Section
1.5.3  Logic Bombs
Previous Page
Pages in Current Topic/Section
1
Next Page
1.6  Social Engineering
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.