This vs That

itrorevitrorev Member Posts: 9 ■□□□□□□□□□
Hey guys,

I'm new to the forum, so I'll start off with two questions:


Trojan Horse vs Companion Virus

They both try to hide within another file, correct? I'm having trouble understanding the difference between the two.


Vulnerability vs Exploit

Not even sure if exploits are on the Security+, but a friend of mine asked me the difference, and its been buggin me all day.

Comments

  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Welcome to the forum!

    A trojan is a program that does something malicious in addition to performing some expected function. For example, if you put a key-logger in a calculator utility, the user will still be able to use the calculator and would be unaware that you were also logging keystrokes.

    A companion virus is a program that has a similar or identical name to a real program, and is executed by tricking the OS or user into running it.

    I would describe a vulnerability as an area of weakness that can be exploited while an exploit is the act (or tool/method) of taking advantage of that vulnerability.
  • itrorevitrorev Member Posts: 9 ■□□□□□□□□□
    Thanks, that clears things up!
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    A companion virus can also be considered a subset of a trojan horse:

    http://www.techexams.net/technotes/securityplus/malicious_code.shtml
    TechNotes wrote:
    Trojan Horses
    Trojan Horses and Back Doors are essential tools for the serious attacker. They are often used in conjunction to allow the attacker to gain remote control of the target system and/or steal information. A Trojan Horse is a seemingly harmless piece of software that contains malicious code in addition to its own. The malicious code is typically a back door, also known as an illicit server, but it can be a virus, worm or any other kind of code that allows the attacker to do damage. The software is wrapped together with the malicious code into a single file or program.

    The most common Trojan Horse usually involves a "back door" or "illicit server", but can also be a virus rather than a back door. The actual definition can vary depending on the context and the AV vendor or security expert too.
    All things are possible, only believe.
Sign In or Register to comment.