ICT 351 Lecture Notes - Lecture 6: Rootkit, Malware, Computer Program
Document Summary
An executable program that does something other than advertised. Contains hidden code that launches an attack. Virus: infects without the user"s knowledge or consent. Defend against trojan horses with the following products: Special software that alerts you of the existence of a trojan horse program. Anti-trojan horse software that disinfects a computer containing a trojan horse. Software tools used by an attacker to hide actions or presence of other types of malicious software. Hide or remove traces of log-in records and log entries. May alter or replace operating system files with modified versions: Rootkits can be detected: compare file contents with original files. Removal of a rootkit can be difficult. Original operating system files must be restored. Reformat hard drive and reinstall operating system. Computer program that lies dormant until triggered by a specific event. A certain date being reached on the system calendar. A person"s rank in an organization dropping below a specified level.