Page 1 of 3 123 LastLast
Results 1 to 10 of 29

Thread: catogery of virus

  1. #1
    Senior Member
    Join Date
    Dec 2002
    Posts
    144

    Talking catogery of virus

    Macro and Worm
    what is the difference and which is the most dangerous?
    BlAcKiE
    GearBlitz

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: catogery of virus

    Originally posted here by Penguin
    Macro and Worm
    what is the difference and which is the most dangerous?
    A macro is just a collection of commands to be executed in a certain order.

    A worm is a program that is able to copy itself to other computers.

    Macros are usually harmless but I'm guessing you mean macro virusses.

    A macrovirus is a virus written in some macro language (like the stuff build into Word).
    Virusses can spread to other programs or computers. A virus will also modify/delete other files. A worm will only spread itself around.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    Dec 2002
    Posts
    144
    but how does a worm copy itself if i am using web email.. instead of Outlook Express or Outlook.. is there a risk of both as well?
    BlAcKiE
    GearBlitz

  4. #4
    I'm not an expert but I believe some worms have a built in/their own SMTP engine/server, or they will eat(take) everybody in your address list and email them via your email engine so it appears to have come from you. Then when they get infected this repeats and eventually everything gets clogged with email and your bandwith becomes 0

    -It is I, me-

  5. #5
    Senior Member
    Join Date
    Dec 2002
    Posts
    144
    so what kind of programming language they using? and will this email infect my PC when i open a web email in my IE browser?
    BlAcKiE
    GearBlitz

  6. #6
    so what kind of programming language they using?
    ASM, C, C++ and there are rumors of malicious java code but I do not know anything about that.

    web email
    ? As in Hotmail, Lycos, Yahoo?

    Disable HTML so that when you open an email with HTML/Java code you see the actual code. Also, do not download stuff that you do not know who it is from. If you do know who it is from, scan it, because you're more likely to get a virus from someone you know than someone you do not (not that they purposly sent it to you).

    -JESUS IS COMING!! EVERYBODY LOOK BUSY!!!!-

  7. #7

    how worms work

    In general a worm is considered to be a piece of malicious code which spreads itself without end-user intervention . . . unlike a macro virus which requires you to open a document in its appropriate application (hence providing an environment in which the macro is a valid code snippet.)

    Worms, therefore, usually require a vulnerability in an already running application or service as a vector for infection. All things being the same, the best way to prevent the spread of a worm is to perform aggressive patching and updating of OS's and applications.

    Or unplug anything that requires electricity.

    There's a lot of fun stuff to explore here with how a worm is written so that it will execute, seek out a vector for replication, and then perform its nasty little task of replicating itself.

  8. #8
    There's a lot of fun stuff to explore here with how a worm is written so that it will execute, seek out a vector for replication, and then perform its nasty little task of replicating itself.
    It is really interesting. the part I am most interested in is replication and finding a vector. I do not want to know how to damage systems. Anyway, it is considered blackhat by a lot of people so I do not ask. I assume its using ASM to attach itself to append it self to the beggining and/or end of a file then when conditions are correct, executing replication/exploitation.

    -Sam-

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    As I understand things, a "worm" requires a medium through which to travel. This is typically the internet, or a local network. The true worm will spread of its own accord, recently if you left an unprotected computer connected to the net for 30 minutes or so, you would be almost certain of being infected.

    I use the strict definition that worms do not "infect", either the boot sector or files. Infection is what viruses do.

    The two terms relate ONLY to how the thing gets about NOT if it does any damage.

    A macro is a set of instructions to perform an automated function. The first ones I met were in basic, but since then they are in C, C++ and so on. A true "macro" is a small program used within another (larger) application. Typically you will find them in "office" packages like MS Office, Lotus Smartsuite, Corel and so on.

    The significance of this is that you must have the application that they were written for, installed on your machine. For, example, if I sent you a Microsoft Word macro virus, and you did not have word, all you would see would be my macro code in the text editor you used INSTEAD of Word. The actual instruction sequence would not be invoked.

    Worms that are network aware, will spread themselves without human intervention, they just look for mapped drives and sub-nets.

    More commonly, human intervention is required, as some bozo has to open the e-mail document that carries the worm, or virus. This is not just restricted to e-mail, P2P and messaging applications can also carry them, but mostly they still require a positive reaction from the recipient.

    Hope this helps

  10. #10
    Junior Member
    Join Date
    Oct 2002
    Posts
    20
    you said everything about the macro viruses. But is there any "micro" viruses. Please explain it to me. And yes I AM A NOOB.
    If you want to lead the people you must follow them.

    www.homomultimedia.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •