| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Aug 11 00:03:00 2005 From: jasonc at science.org (Jason Coombs) Subject: Re: Help put a stop to incompetent computer forensics Erik Kamerling wrote: > Trojan Horse > A computer program that appears to have a useful function, but also has a > hidden and potentially malicious function that evades security mechanisms, > sometimes by exploiting legitimate authorizations of a system entity that > invokes the program. > > Copied from the SANS Glossary of Terms Used in Security and Intrusion > Detection. > > http://www.sans.org/resources/glossary.php Common usage in practice today matters as much as if not more than the original use of the term in computing. The term Trojan is synonymous with malware that adds a backdoor, even if a bunch of old people think it's still okay to call other malicious code by this name. From: http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29 In practice, Trojan Horses in the wild do contain spying functions (such as a Packet sniffer) or backdoor functions that allow a computer, unbeknownst to the owner, to be remotely controlled remotely from the network, creating a "zombie_computer". Because Trojan horses often have these harmful functions, there often arises the misunderstanding that such functions define a Trojan Horse.
Powered by blists - more mailing lists