A computer worm is a self-replicating computer program.

It uses a network to send copies of itself to other

A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is
also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that
do not have the reproductive ability. A true virus can only spread from one computer to another (in some form
of executable code) when its host is taken to the target computer; for instance because a user sent it over a
network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
Viruses can increase their chances of spreading to other computers by infecting files on a network file system
or a file system that is accessed by another computer.

A Trojan horse, or trojan for short, is a term used to describe malware that appears, to the user, to
perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system. The
term comes from the Trojan Horse story in Greek mythology. Trojan horses are not self-replicating which
distinguishes them from viruses and worms. Additionally, they require interaction with a hacker to fulfill their
purpose. The hacker need not be the individual responsible for distributing the Trojan horse. It is possible for
hackers to scan computers on a network using a port scanner in the hope of finding one with a Trojan horse
installed.

Spyware is a type of malware that is installed on computers and that collects information about users
without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is
secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are
installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other
users. While the term spyware suggests software that secretly monitors the user's computing, the functions
of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal
information, such as Internet surfing habits and sites that have been visited, but can also interfere with user
control of the computer in other ways, such as installing additional software and redirecting Web browser
activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home
pages, and/or loss of Internet or functionality of other programs. In an attempt to increase the understanding
of spyware, a more formal classification of its included software types is captured under the term privacy-
invasive software. In response to the emergence of spyware, a small industry has sprung up dealing inanti-
spyware software. Running anti-spyware software has become a widely recognized element of computer
security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have
passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's
computer. The US Federal Trade Commission has placed on the Internet a page of advice to consumers about
how to lower the risk of spyware infection, including a list of "do's" and "don'ts."

A rootkit is a software system that consists of one or more programs designed to obscure the fact that a
system has been compromised. Contrary to what its name may imply, a rootkit does not grant a user
administrator privileges, as it requires prior access to execute and tamper with system files and processes.
An attacker may use a rootkit to replace vital system executables, which may then be used to hide processes
and files the attacker has installed, along with the presence of the rootkit. Access to the hardware, e.g., the
reset switch, is rarely required, as a rootkit is intended to seize control of the operating system. Typically,
rootkits act to obscure their presence on the system through subversion or evasion of standard operating
system security scan and surveillance mechanisms such as anti-virus or anti-spyware scan. Often, they
areTrojans as well, thus fooling users into believing they are safe to run on their systems. Techniques used to
accomplish this can include concealing running processes from monitoring programs, or hiding files or system
data from the operating system. Rootkits may also install a "back door" in a system by replacing the login
mechanism (such as /bin/login) with an executable that accepts a secret login combination, which, in turn,
allows an attacker to access the system, regardless of the changes to the actual accounts on the system.

Rootkits may have originated as regular applications, intended to take control of a failing or unresponsive
system, but in recent years have been largely malware to help intruders gain access to systems while
avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Linux, Mac
OS, and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel
modules, depending on the internal details of an operating system's mechanisms.

Adware or advertising-supported software is any software package which automatically plays, displays, or
downloads advertisements to a computer after the software is installed on it or while the application is being
used. Some types of adware are also spyware and can be classified as privacy-invasive software.

Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run
automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally
repetitive, at a much higher rate than would be possible for a human alone. The largest use of bots is in web
spidering, in which an automated script fetches, analyses and files information from web servers at many
times the speed of a human. Each server can have a file called robots.txt, containing rules for the spidering of
that server that the bot is supposed to obey.

In addition to their uses outlined above, bots may also be implemented where a response speed faster than
that of humans is required (e.g., gaming bots and auction-site robots) or less commonly in situations where
the emulation of human activity is required, for example chat bots.

These chatterbots may allow people to ask in plain English and then formulate a proper response. These bots
can often handle many tasks, including reporting weather, zip-code information, sports scores, converting
currency or other units, etc. Others are used for entertainment, such as SmarterChild on AOL Instant
Messenger and MSN Messenger and Jabberwacky on Yahoo! Messenger.

An additional role of IRC bots may be to lurk in the background of a conversation channel, commenting on
certain phrases uttered by the participants (based on pattern matching). This is sometimes used as a help
service for new users, or for censorship of profanity.

AOL Instant Messenger has now introduced a feature that allows you to make a screen name into a bot. This
new feature removes the rate limit on the screen name, but it is now limited in the amount of instant
messages that can be sent and received.
Botnet is a jargon term for a collection of software robots, or bots, that run autonomously and
automatically. The term is often associated with malicious software but it can also refer to the network of
computers using distributed computing software. While botnets are often named after their malicious
software name, there are typically multiple botnets in operation using the same malicious software families,
but operated by different criminal entities.

While the term "botnet" can be used to refer to any group of bots, such as IRC bots, this word is generally
used to refer to a collection of compromised computers (called Zombie computers) running software, usually
installed via drive-by downloads exploiting Web browser vulnerabilities, worms, Trojan horses, or backdoors,
under a common command-and-control infrastructure.

A botnet's originator (aka "bot herder" or "bot master") can control the group remotely, usually through a
means such as IRC, and usually for nefarious purposes. Individual programs manifest as IRC "bots". Often
the command-and-control takes place via an IRC server or a specific channel on a public IRC network. This
server is known as the command-and-control server ("C&C"). Though rare, more experienced botnet operators
program their own commanding protocols from scratch. The constituents of these protocols include a server
program, client program for operation, and the program that embeds itself on the victim's machine (bot). All
three of these usually communicate with each other over a network using a unique encryption scheme for
stealth and protection against detection or intrusion into the botnet network.

A bot typically runs hidden and uses a covert channel (e.g. the RFC 1459 (IRC) standard, twitter or IM) to
communicate with its C&C server. Generally, the perpetrator of the botnet has compromised a series of
systems using various tools (exploits, buffer overflows, as well as others; see also RPC). Newer bots can
automatically scan their environment and propagate themselves using vulnerabilities and weak passwords.
Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a
botnet controller community. The process of stealing computing resources as a result of a system being
joined to a "botnet" is sometimes referred to as "scrumping."

Botnets have become a significant part of the Internet, albeit increasingly hidden. Due to most conventional
IRC networks taking measures and blocking access to previously-hosted botnets, controllers must now find
their own servers. Often, a botnet will include a variety of connections and network types. Sometimes a
controller will hide an IRC server installation on an educational or corporate site where high-speed
connections can support a large number of other bots. Exploitation of this method of using a bot to host other
bots has proliferated only recently as most script kiddies do not have the knowledge to take advantage of it.

Several botnets have been found and removed from the Internet. The Dutch police found a 1.4 million node
botnet and the Norwegian ISP Telenor disbanded a 10,000-node botnet. Large coordinated international
efforts to shut down botnets have also been initiated. It has been estimated that up to one quarter of all
personal computers connected to the internet may be part of a botnet.

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire
sensitive information such as usernames, passwords and credit card details by masquerading as a
trustworthy entity in an electronic communication. Communications purporting to be from popular social web
sites, auction sites, online payment processors or IT administrators are commonly used to lure the
unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users
to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when
using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an
example ofsocial engineering techniques used to fool users, and exploits the poor usability of current web
security technologies. Attempts to deal with the growing number of reported phishing incidents include
legislation, user training, public awareness, and technical security measures.

A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was
made in 1996. The term is a variant of fishing, probably influenced by phreaking or password harvesting
fishing, and alludes to baits used to "catch" financial information and passwords.