| Macro Virus | A macro virus is similar to a standard virus in all but its delivery. Rather than being code written in a programming language and attached to an executable, it is code written in a macro language and attached to a document.
A macro virus can thus be associated with any application that has its own macro language. Needless to say, the more powerful the macro language, the greater the potential for dangerous macro viruses.
The majority of macro viruses are MS Word viruses. This is because
* Word's macro language is very powerful, versatile and easy to use
* Word is multi-platform and extensively used
This creates a large and easily exploited 'target' for the virus writers. One of the problems is that the majority of Internet users are either too trusting or too lazy to take some very simple precautions.
There are two things you should remember about Word viruses:
* the virus is located in the template attached to the document, not the document itself.
* receiving an e-mail with an infected document attached does not in itself infect you. You can only do this if you open the document in Word itself.
This gives you several defensive options. Firstly, you could adopt a security policy of not accepting any e-mail attachments. If you receive one, you simply delete the document without opening it.
A second option would be to open attached documents only with Microsoft's free Word viewer. This allows you to look at the contents of a Word document without activating any associated macros. In this way you can read the contents safely while deciding what to do with the document itself.
However, whatever else you do, it is important to re-inforce your security policy with the use of a mainstream anti-virus product. |
| Mail Bomb | Mail bomb' is generally used as a verb rather than a noun. It is the act of, or even incitement to, send massive amounts of probably meaningless text to a particular e-mail address. The purpose is to annoy the recipient, or even crash his/her system - and it is usually done in retaliation for some real or perceived offense.
Mail bombing is not considered to be a reasonable action since it is impossible to guarantee that any inconvenience is limited solely to the target. |
| Mailing List | A mailing list is an automated e-mail distribution mechanism for a defined subject (the list topic) to a registered readership (a list of e-mail addresses). Often just called 'lists', there are innumerable mailing lists on the Internet catering for every subject under the sun.
Lists are controlled by the list 'owner' - usually the person or organisation that set it up, and probably the owner of the server on which it is run. People registered on the list are known as list 'members'.
Basically, if a list member has something interesting to say or ask, he or she sends an e-mail message to the list. The message is then copied to every other member of the list - each of whom may respond or not in the same way. Mailing lists thus become important methods of circulating information across a geographically dispersed but topically constrained readership.
There are several 'Lists' that all security professionals should join. Rather than specify them here, we strongly recommend everyone to search the Internet looking for 'security mail list', and to join the more pertinent lists.
Lists may be moderated (that is, the list owner will specifically allow or disallow each message), or unmoderated (that is, no censorship is used, and all messages are allowed automatically). A list member who never posts messages to the list but just 'listens in' to learn about the subject matter is called a 'lurker' (which is not generally considered to be a disparaging term). |
| Malware | Malware is the generic term for software that is designed to do harm - a contraction of 'malicious software'. It is not yet in universal usage, but its popularity as a general term for viruses, Trojan Horses, worms, and malicious mobile code is growing. |
| MD4 | Designed by Ronald Rivest and released in 1990, MD4 is a cryptographic hash algorithm that calculates a 128-bit number.
Weaknesses have been discovered in MD4, and it should no longer be used. |
| MD5 | MD5 is a cryptographic hash algorithm released by Ronald Rivest in 1992, and designed to be an improvement on MD4. Like MD4, it produces a 128-bit output number.
Research has indicated that MD5 cannot guarantee to generate collision free outputs. Furthermore, current thinking suggests that a hash function should be at least 160-bits in order to provide resistance to a birthday attack.
MD5 is no longer recommended. |
| Metamorphic virus | Virus that changes its own code but keeps the same functionality from one infection to another. |
Powered by