查看: 7871|回复: 9
收起左侧

[转帖] 病毒学知识 翻译自Avira官方的Virus Science 完成...

[复制链接]
周杰伦
发表于 2007-7-9 10:52:32 | 显示全部楼层 |阅读模式
转载绅博论坛donaldz
刚才看帖子有个会员问相关的问题,便想去翻译了一下。错误疏漏难免,有问题大家跟帖提出,谢谢大家了

Adware 广告程序
Adwareis software that presents banner ads or in pop-up windows through a barthat appears on a computer screen. Those advertising spots usuallycan't be removed and are consequently always visible. The connectiondata allow many conclusions on the usage behavior and are problematicin terms of data security.
广告程序是显示横幅广告或者从工具栏中弹出窗口的东西。那些广告通常不能被移走所以一直在那儿污染你的眼睛^^  这些包括很多用户使用行为结果的数据传输可能导致数据安全方面的风险。

Backdoors 后门
A backdoor can gain access to a computer by going around the computer access security mechanisms.
一个后门程序可以绕过电脑的安全机制进入电脑。
Aprogram that is being executed in the background generally enables theattacker almost unlimited rights. User's personal data can be spiedwith the backdoor's help, but are mainly used to install furthercomputer viruses or worms on the relevant system.
一个在后台执行的程序一般使攻击者拥有几乎无限的权限。在后门程序的帮助下,用户的个人信息可以被窃取,但后门程序主要被用来安装后续的病毒或者蠕虫在相关的系统上。

Boot viruses 引导区病毒
Theboot or master boot sector of hard drives is mainly infected by bootsector viruses. They overwrite important information necessary for thesystem execution. One of the awkward consequences: the computer systemcannot be loaded any more…
硬盘的引导区或主引导区是这类病毒主要感染的地方。他们覆盖系统启动所必需的重要信息。这其中一个麻烦的结果:电脑没办法启动了...

Bot-Net 僵尸网络 关于Bot的意思可以想想CS中的机器人...就那样...
ABot-Net is collection of softwarre bots, which run autonomously. ABot-Net can comprise a collection of cracked machines running programs(usually referred to as worms, Trojans) under a common command andcontrol infrastructure. Boot-Nets server various purposes, includingDenial-of-service attacks, etc., partly without the affected PC user'sknowledge. The main potential of Bot-Nets is that the networks canachieve dimensions on thousands of computers and its bandwidth sumbursts most conventional Internet accesses.
一个僵尸网络是自动隐蔽运行的软件机器人的集合。一个僵尸网络可以是在一个普通命令和控制结果下的包含一个运行着程序(通常是类似蠕虫,木马类的东西)被入侵的机器的集合。僵尸网络服务器有很多用途,包括拒绝服务攻击等,一部分还不让这台电脑的用户所知。主要的潜在的僵尸网络是那些大规模的有上千台电脑组成的,它的总带宽可以可以迅速耗尽传统的网络接入...(就是倒霉的目标服务器了...)

Exploit 漏洞
An exploit (security gap) isa computer program or script that takes advantage of a bug, glitch orvulnerability leading to privilege escalation or denial of service on acomputer system. A form of an exploit for example are attacks from theInternet with the help of manipulated data packages. Programs can beinfiltrated in order to obtain higher access.
一个漏洞(安全缺口)是一个电脑程序或者脚本利用Bug,缺陷,或者易损性导致一台电脑上权限的扩大或是拒绝服务。举个例子来说一个漏洞的形式是在互联网上利用伪造的数据包进行的攻击。程序可以被侵入并导致获得更高的权限。

Hoaxes 恶作剧程序
Theusers have obtained virus alerts from the Internet for a few years andalerts against viruses in other networks that are supposed to spreadvia email. These alerts are spread per email with the request that theyshould be sent to the highest possible number of colleagues and toother users, in order to warn everyone against the "danger".
用户从互联网上收到病毒警报,然后在其他网络上经由Email传播到其它网络中。这些警报随着发送到同事和其他用户中而扩散,来警告每个人来应对可能并不存在的“危险”。

Honeypot 蜜罐
A honeypot is a service (program or server), which is installed in a network.
蜜罐是安装在网络中的一个服务(程序或者服务器)。
Ithas the function to monitor a network and to protocol attacks. Thisservice is unknown to the legitime user - because of this reason he isnever addressed. If an attacker examines a network for the weak pointsand uses the services which are offered by a Honeypot, it isprotocolled and an alert sets off.
它的主要功能是监控网络并转向攻击。这个服务对合法的用户来说是不可见的-由于这个原因他从来没有被记录。 如果一个攻击者搜索一个网络中的薄弱幻剑并使用了这些由一个蜜罐提供的服务,蜜罐就会将其转向并发出警报。

Macro viruses 宏病毒
Macroviruses are small programs that are written in the macro language of anapplication (e.g. WordBasic under WinWord 6.0) and that can normallyonly spread within documents of this application. Because of this, theyare also called document viruses. In order to be active, they need thatthe corresponding applications are activated and that one of theinfected macros has been executed. Unlike "normal" viruses, macroviruses do consequently not attack executable files but they do attackthe documents of the corresponding host-application.
宏病毒是一些用一个程序(比如WinWord6.0中的WordBasic)的宏语言写成的小程序,一般情况下只会随着这个程序的文档扩散。正因如此,他们也被称作文档病毒。为了被激活,它们需要相应的应用程序被激活和其中一个被感染的宏已经执行。不想通常意义上的病毒,宏病毒并不攻击可执行危险但是会攻击相应程序的文档。

Polymorph viruses 多态病毒(变形病毒)
Polymorphviruses are the real masters of disguise. They change their ownprogramming codes - and are therefore very hard to detect.
多态病毒是真正的隐藏高手。他们可以改变他们自己的编程代码-因此也非常难以被发现。

Program viruses 程序病毒
Acomputer virus is a program that is capable to attach itself to otherprograms after being executed and cause an infection. Viruses multiplythemselves unlike logic bombs and Trojans. In contrast to a worm, avirus always requires a program as host, where the virus deposits hisvirulent code. The program execution of the host itself is not changedas a rule.
一个电脑病毒就是一个在被运行后具有将其自身附加到其他程序上和引起传染的程序。病毒不像逻辑炸弹和木马,他们还复制(繁殖)自身。和蠕虫相比,病毒永远需要一个程序作为宿主,将其作为寄存危险代码的地方。一般来说宿主自身的运行是不会改变的。

Script viruses and worms 脚本病毒和蠕虫
Suchviruses are extremely easy to program and they can spread - if therequired technology is on hand - within a few hours via email round theglobe.
这类病毒非常容易编制和扩散-如果手边有合适的技术的话,几小时之内通过Email就会扩散到全世界。
Scriptviruses and worms use a script language such as Javascript, VBScriptetc. to infiltrate in other new scripts or to spread by activation ofoperating system functions. This frequently happens via email orthrough the exchange of files (documents).
脚本病毒和蠕虫使用javascript,VBScript之类的脚本语言编制,使之嵌入其他新的脚本中或者利用操作系统中的某些功能激活来传播。它们经常经由Email和文件(文档)交换传播。
Aworm is a program that multiplies itself but that does not infect thehost. Worms can consequently not form part of other program sequences.Worms are often the only possibility to infiltrate any kind of damagingprograms on systems with restrictive security measures.
一个蠕虫是一个复制自身但并不感染宿主的程序。蠕虫因此并不和其他程序在同一个序列。蠕虫通常是唯一有可能嵌入在安全方面有问题的系统中的任何破坏性程序的东西。
   
Spyware 间谍软件
Spywareare so called spy programs that intercept or take partial control of acomputer's operation without the user's informed consent. Spyware isdesigned to expolit infected computers for commerical gain. Typicaltactics furthering this goal include delivery of unsolicited pop-upadvertisements. AntiVir is able to detect this kind of software withthe category "ADSPY" or "adware-spyware".
间谍软件之所以称为间谍是因为它在用户不知情的情况下拦截或者部分控制一台电脑的操作。间谍软件被设计用来为商业用途感染电脑。典型的为了达到这个目的的手段包括弹出未请自来的弹出窗口广告。AntiVir将这类软件检测为ADSPY或者adware-spyware.
   
Trojan horses (short Trojans)特洛伊木马(简称特洛伊,咱还是说木马吧...)
Trojansare pretty common nowadays. We are talking about programs that pretendto have a particular function, but that show their real image afterexecution and carry out a different function that, in most cases, isdestructive. Trojan horses cannot multiply themselves, whichdifferenciates them from viruses and worms. Most of them have aninteresting name (SEX.EXE or STARTME.EXE) with the intention to inducethe user to start the Trojan. Immediately after execution they becomeactive and can, for example, format the hard drive. A dropper is aspecial form of Trojan that 'drops' viruses, i.e. embeds viruses on thecomputer system.
木马在现在非常常见了。我们谈论的程序是那些假装有特定功能,但是在运行后却显示出它们的另一面,在大多数情况下,是破坏性的。特洛伊木马和蠕虫和病毒不同的是,它们不能够复制自身。大多数木马都有个有趣的名字(性.EXE或者点我.EXE)并引诱用户运行木马。在执行木马后它们就会激活然后就能够...举个例子,格式化硬盘。一个Dropper是一个特殊的木马形式,它向电脑系统投放病毒。
  
Zombie 僵尸
A Zombie-PC is a computer that is infected withmalware programs and that enables hackers to abuse computers via remotecontrol for criminal purposes. The affected PC, for example, can startDenial-of-Service- (DoS) attacks at command or send spam and phishingemails.
一台僵尸电脑是一个被恶意程序感染的并且能够让黑客通过远程控制为犯罪目的而滥用的电脑。例如一个被影响的电脑可以自由进行拒绝服务(Dos)攻击或者发送垃圾和钓鱼邮件。

[ 本帖最后由 yimike 于 2008-4-21 10:43 编辑 ]
周杰伦
 楼主| 发表于 2007-7-9 10:55:55 | 显示全部楼层
有个会员问相关的问题,所以转载这篇帖子,让大家学习了
gatpone
发表于 2007-7-9 12:19:15 | 显示全部楼层
居然没有解释Rootkit
344640219
发表于 2007-7-9 17:45:12 | 显示全部楼层
看看啊```感觉太多很杂啊````学习学习```
binkko
发表于 2007-7-9 18:05:16 | 显示全部楼层

补充点就更全了

HEUR Crypted
虽然不是病毒名,但需要结合看的

[ 本帖最后由 binkko 于 2007-7-9 18:06 编辑 ]
starfish
发表于 2007-7-9 18:46:25 | 显示全部楼层
嗯,不错,复习一下
jimmyleo
发表于 2007-7-9 19:12:11 | 显示全部楼层
这个貌似我翻过……~
287669789
发表于 2007-7-9 19:28:16 | 显示全部楼层
大部分都认识
运指如飞
发表于 2007-7-9 22:21:45 | 显示全部楼层
传说中的那个会员就是我

感谢周董
arashi0827
发表于 2007-7-25 12:11:55 | 显示全部楼层
原帖由 binkko 于 2007-7-9 18:05 发表
HEUR Crypted
虽然不是病毒名,但需要结合看的


HEUR Crypted是甚么啊?老是看到啊..
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-25 21:00 , Processed in 0.117097 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表