Worms and Viruses: What are they?
In computer security terminology, a virus is a piece of program code
that makes copies of itself and spreads by attaching itself to a host,
often damaging the host in the process. The host is another computer
program, often a computer operating system, which then infects the applications that are transferred to other computers.
As with all code, viruses use the host's resources: memory and hard disk
space, amongst others, and are sometimes deliberately destructive (erasing
files / formatting hard disks) or allow others to access the machine
without authorization across a network.
Internet worms are frequenty spread via email
A computer worm is a self-replicating computer program, similar to a
computer virus. A virus attaches itself to, and becomes part of, another
executable program; a worm is self-contained and does not need to be part
of another program to propagate itself. In addition to replication, a worm
may be designed to do any number of
things, such as delete files on a host system or send documents via
email. More recent worms may be multi-headed and carry other executables
as a payload. However, even in the absence of such a payload, a worm can
wreak havoc just with the network traffic generated by its
reproduction. Mydoom, for example, caused a noticeable worldwide Internet
slowdown at the peak of its spread.
Apart from worms and viruses, other related security violations
Phishing is the luring of sensitive information, such as passwords and
other personal information, from a victim by masquerading as someone
trustworthy with a real need for such information. It is a form of social
engineering attack. Typically the email will appear to come from a
trustworthy company and contain a subject and message intended to alarm
the recipient into taking action. A common approach is to tell the
recipient that their account has been de-activated due to a problem and
inform them that they must take action to re-activate their account. The
user is provided with a convenient link in the same email that takes the
email recipient to a fake webpage appearing to be that of a trustworthy
company. Once at that page, the user enters her personal information which
is then captured by the fraudster.
Internet Protocol Spoofing
Internet Protocol spoofing (IP spoofing) is
the creation of IP packets with a forged (spoofed) source IP address. The
header of every IP packet contains its source address. This should be
the address that the packet was sent from. By forging the header, so it
contains a different address, an attacker can make it appear that the
packet was sent by a different machine. This can be a method of attack
used by network intruders to defeat network security measures, such as
authentication based on IP addresses.
(definitions adapted from Wikipedia)