Malicious software can be classified into three groups: viruses, trojans, and worms.
These divisions reflect how the software infects its target and might replicate after infection.
How a virus or worm affects a computer depends on the payload it carries.
The payload is the portion of the virus that can spell the difference between a minor irritation
and complete disaster for computer users and administrators. But even a virus with a benign
or no payload may do harm by using up computer resources such as network capacity.
—S.A.C.
Viruses
A virus hides and replicates itself in a computer's file system. To trigger an infection,
the virus must be in a piece of software that is executed by the system. Many viruses
soon copy themselves into essential system files, making them hard to remove.
Typically, viruses spread from system to system as software is exchanged between users,
but the use of Trojans and worms to deliver viruses is also common. Once executed,
most viruses take up residence in the computer's memory and try to infect other programs.
Trojans
Like the wooden horse of legend, Trojans work by pretending to be something they are not,
in order to bypass defenses. Masquerading as a useful or amusing piece of software, they
can carry a dangerous payload that executes on the target computer with all
the privileges of the user that ran the Trojan program.
Writing a Trojan requires no more effort than writing any normal piece of software.
It does not reproduce itself and so cannot spread throughout a file system or
across a network. It relies upon somehow convincing individual users to run
it as a trusted piece of software, a tactic that normally precludes epidemics.
This limitation is not always a drawback to someone trying tobreak into a computer system;
a Trojan program that is apparently well behaved and that draws little attention to itself
can be used by a would-be intruder to monitor a network or provide a backdoor
into a computer system at a later date.
Worms
A worm is a piece of software
that propagates itself across computer networks. Unlike Trojans and viruses,
it can get itself executed on a target system without human intervention. It
gets into a system by exploiting bugs or overlooked features in commonly used
network software already running on the target. A worm can exist purely in memory,
never existing in a file, making it invisible to file-scanning antivirus software.
![Home [Alt + 1]](/images/images/common/nav_home.gif){kind=small}
![Magazine [Alt + 2]](/images/images/common/nav_magazine.gif){kind=small}
![Bioengineering [Alt + 3]](/images/images/common/nav_bioengineering.gif){kind=small}
![Computing [Alt + 4]](/images/images/common/nav_computing.gif){kind=small}
![Consumer [Alt + 5]](/images/images/common/nav_consumer.gif){kind=small}
![Power/Energy [Alt + 6]](/images/images/common/nav_powerenergy.gif){kind=small}
![Semiconductors [Alt + 7]](/images/images/common/nav_semiconductors.gif){kind=small}
![Communications [Alt + 8]](/images/images/common/nav_communications.gif){kind=small}
![Transportation [Alt + 9]](/images/images/common/nav_transportation.gif){kind=small}
