Entries from February 2010 ↓

Security+ Objective 1.1 – Differentiate among various systems security threats – Spyware

The word spyware is a combination of spy and software.  Typically it gets secretly installed on a victim’s computer and collects information.  Just like an international spy would be secretly deployed somewhere to collect information about a foreign government.  Spyware often likes to collect your web-browsing activity, credit card numbers and other personal information for advertising purposes.

Anti-spyware products have been known to be malicious spyware themselves, so please read some reviews before you install anything.

Spyware doesn’t spread itself like a virus or worm.  Most people get it by downloading some freeware or peer-to-peer files that secretly install the spyware when you run them. 

That’s all you’ve got to know for the exam!

Go back to the Exam Objectives list

Security+ Objective 1.1 – Differentiate among various systems security threats – Trojan

The term comes from the classic story, where Greece could not penetrate the defences of the Trojans.  So, they left a huge figure of a horse as a “gift” outside the city.  The Trojans brought the horse inside the walls.  That night the Greek troops that were hidden inside the horse opened the gates and the Troy was destroyed.

So, when a bad guy or a virus cannot penetrate your system’s defences, they may give you a “gift” that you invite into your computer.  Once inside, it delivers it’s damaging payload.  For example, “wouldn’t you like to play this really fun game that I sent you in an e-mail?”  “Yes, that sounds great. I’ll go ahead and click on the attachment…”  And your password gets sent to the bad guy and a backdoor into your system gets secretly installed.  The bad guy couldn’t hack into the password database or gain access to your system, so he tricked you into letting him in through this “gift”.

Trojans are often used to deliver rootkits.

NOTE: A trojan is NOT a virus.  It does not reproduce itself by infecting an executable.  It is NOT a worm.  It does not spread by itself through network vulnerabilities.

Go back to the Exam Objectives list