Re: Adware, spyware, and trojans

["KoRe MeLtDoWn" <koremeltdown () hotmail com>]

Hi Courtney,
Some interesting questions - this is something that I don't think many 
within the community really know the answer to. Never the less, here's what 
I've come up with.

1/The distinction between spyware, adware, and trojans are that they all 
conduct slightly different behaviour and carry out differing tasks. For 
example a piece of spyware is often designed to gather data on a web surfers 
behaviour, a trojan is designed to allow remote access to a remote user who 
then can carry out commands he/she normally couldn't, and adware advertises 
a product/website somehow on an infected machine without the express 
permission of the owner, and continues to do so over a period of time - 
often attempts to remove adware manually prove to be unsuccessful.


Hamish Stanaway

-= KoRe WoRkS =- Internet Security
Owner/Operator
http://www.koreworks.com/

New Zealand

Is your box REALLY secure?





> From: "Carere, Courtney" <CCarere () rich com>
> To: "'security-basics () securityfocus com'" 
> <security-basics () securityfocus com>
> Subject: Adware, spyware, and trojans
> Date: Fri, 6 Dec 2002 11:48:57 -0500 MIME-Version: 1.0
> Received: from outgoing.securityfocus.com ([205.206.231.26]) by 
> mc4-f19.law16.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Fri, 6 Dec 
> 2002 09:54:12 -0800
> Received: from lists.securityfocus.com (lists.securityfocus.com 
> [205.206.231.19])by outgoing.securityfocus.com (Postfix) with QMQPid 
> 5E6B18F2E0; Fri,  6 Dec 2002 09:29:44 -0700 (MST)
> Received: (qmail 5276 invoked from network); 6 Dec 2002 16:22:59 -0000
> Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <security-basics.list-id.securityfocus.com>
> List-Post: <mailto:security-basics () securityfocus com>
> List-Help: <mailto:security-basics-help () securityfocus com>
> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
> Delivered-To: mailing list security-basics () securityfocus com
> Delivered-To: moderator for security-basics () securityfocus com
> Message-ID: 
> <A42197C9AAFCD511AF9D00034797A8E807D2A7E9 () rpc3-ex01nt rpc rich com>
> X-Mailer: Internet Mail Service (5.5.2653.19)
> Return-Path: 
> security-basics-return-16504-koremeltdown=hotmail.com () securityfocus com
> X-OriginalArrivalTime: 06 Dec 2002 17:54:17.0445 (UTC) 
> FILETIME=[7F0F5150:01C29D50]
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Upon reading "The Art of Deception" by Kevin Mitnick yesterday (an
> excellent book, by the way), he writes that most antivirus software
> does not detect spyware, which was a shock to me.  Spyware seems to
> be defined as software that logs keystrokes, screenshots, user
> actions, etc.  I have a couple of questions:
>
> 1.  What's the distinction between spyware, adware, and trojan
> software?  (My antivirus software says it protects against Trojans,
> and I've seen programs like SubSeven in its log files.)
>
> 2.  Is there any good software that detects and removes spyware,
> ideally controlled and updated continuously from a central server?
>
> Thanks!
>
> - - Courtney Carere
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.0.4
>
> iQA/AwUBPfDTHHcM/5zG0KHEEQIcrACg73VSeTkX/ecvtX+HOWnFNCVNsUUAoMqs
> n4t8pKXIbtMIQaMiwRhLW/gN
> =4uWy
> -----END PGP SIGNATURE-----


_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail