A computer virus is a computer program that can replicate itself and spread from one computer to another. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by other computers. (Wikipedia)

 For Internet users, this threat can come from downloading files through FTP (file transfer protocol), or referencing email attachments.

When a virus is introduced to a computer system, it can attach itself to, or sometimes even replace, an existing program. Thus, when the user runs the program in question, the virus is also executed. This usually happens without the user being aware of it.

A virus program contains instructions to initiate some sort of "event" that affects the infected computer. Each virus has an unique event associated with it. These events and their effects can range from harmless to devastating. For examples:

• An annoying message appearing on the computer screen.
• Reduced memory or disk space.
• Modification of data.
• Files overwritten or damaged.
• Hard drive erased.

http://www.ust.hk/itsc/antivirus/general/whatis.html

A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes (usually without any user intervention). This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. ( Wikipedia)

A Trojan horse, or Trojan, is a standalone malicious program that does not attempt to infect files unlike a computer virus nor replicate itself with the intent of infecting other computers unlike a computer worm. Trojan horses can make copies of themselves, steal information, or harm their host computer systems. The term is derived from the Trojan Horse story in Greek mythology because the first and many current Trojan horses attempt to appear as helpful programs.

Trojan horses are often destructive programs that masquerade as benign applications. Unlike viruses and worms, Trojan horses do not replicate themselves, but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to get rid of viruses but instead introduces viruses onto the computer. (Wikipedia)

Payloads in computing (sometimes referred to as the actual or body data) are the cargo of a data transmission. It is the part of the transmitted data which is the fundamental purpose of the transmission, to the exclusion of information sent with it (such as headers or metadata, sometimes referred to as overhead data) solely to facilitate delivery.

In the analysis of malicious software such as worms, viruses and Trojans, it refers to the software's harmful results. Examples of payloads include data destruction, messages with insulting text or spurious e-mail messages sent to a large number of people.

In iOS jailbreaking the payload is used after arbitary code being gained, to modify fstab, USB access to the device and other modifications, including the installation of Cydia.In computer security, payload refers to the part of a computer virus which performs a malicious action. (Wikipedia)

Honeypots is a vulnerable computer that is set up to entice an intruder to break into it. It allows the company or organization to learn how intruders are exploiting their network and also attempt to catch perpetrators who have been doing damage elsewhere in their network. (Computer Security, Ethics and Privacy)

In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.(Wiki)

A botnet is a collection of compromised computers connected to the Internet (each compromised computer is known as a 'bot'). When a computer is compromised by an attacker, there is often code within the malware that commands it to become part of a botnet. The "botmaster" or "bot herder" controls these compromised computers via standards based network protocols such as IRC and http. (Wikipedia)

Attackers created better ways to control bots.  Moved from proprietary command and control mechanisms (C&C) to more publicly available ones (HTTP, IRC, P2P)

Bots started to become payloads for worms. 10,000 bots in a single botnet is not uncommon. Today, botnets are big business!

Spoofing is a technique intruders use to make their network or internet transmission appear legitimate to a victim computer or network. Computer intruders fools a network into believing its IP address is associated with a trusted source. (Computer Security, Ethics and Privacy)

Examples of spoofing:

·         man-in-the-middle

packet sniffs on link between the two end points, and can therefore pretend to be one end of the connection

·         routing redirect

redirects routing information from the original host to the hacker's host (this is another form of man-in-the-middle attack).

·         source routing

redirects indvidual packets by hackers host

·         blind spoofing

predicts responses from a host, allowing commands to be sent, but can't get immediate feedback.

·         flooding

SYN flood fills up receive queue from random source addresses; smurf/fraggle spoofs victims address, causing everyong respond to the victim.

(http://www.iss.net/security_center/advice/Underground/Hacking/Methods/Technical/Spoofing/default.htm )

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person, or multiple people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used relating to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management. (Wikipedia)

A backdoor is a program or set of instructions in a program that allows users to bypass security controls when accessing a program, computer or network. Programmer often builds back doors into programs during system development. These back doors save development time because the programmer can bypass security controls while writing and testing programs. If the programmer fails to remove the back door a perpetrator could use the back door to gain entry to a computer or network. (Computer Security, Ethics and Privacy)

A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. (Wikipedia)

It protects a network’s resources from intrusion by users or another network. (Computer Security, Ethics and Privacy)