|
Home
Store
How to Protect Yourself
from Hackers
Firewall
Reviews
Firewall
FAQs
Firewall Checklist
Firewall
Top 10 Tips
Firewall Tutorial
Firewall
Debate: Hardware vs. Software
Firewall
Basics
Security
Concerns for Broadband Users
Creating
Hacker-Proof Passwords
Internet
Security News
Internet
Security Glossary
|
Internet
Security Glossary
Technical
terminology used in Internet/computer security can be
confusing. Use this glossary whenever you come across a
term you don't understand.
A | B | C
| D | E | F
| G | H | I
| J | K | L
| M | N | O
| P | Q | R
| S | T |
U | V | W
| X | Y | Z
|
| ARPAnet |
The
precursor to the Internet, ARPAnet was a
large wide-area
network created by the United States Defense Advanced
Research Project Agency (ARPA). Established in 1969, ARPAnet
served as a testbed for new networking
technologies, linking many universities and research centers.
The first two nodes that formed the ARPAnet were UCLA and the
Stanford Research Institute, followed shortly thereafter by the
University of Utah. |
| attack |
An
action conducted by an adversary, the attacker, on a potential
victim. (From the glossary of State
of the Practice of Intrusion Detection Technologies.) |
| backdoor |
Also
called a trapdoor. An undocumented way of gaining access
to a program, online service or an entire computer system. The
backdoor is written by the programmer who creates the code for
the program. It is often only known by the programmer. A
backdoor is a potential security risk. |
| backup |
Copy
of files and programs made to facilitate recovery, if necessary.
(From the National
Information Systems Security (INFOSEC) Glossary.) |
| brute
force |
Refers
to a programming
style that does not include any shortcuts to improve
performance, but instead relies on sheer computing power to try
all possibilities until the solution to a problem is found. A
classic example is the traveling salesman problem (TSP).
Suppose a salesman needs to visit 10 cities across the country.
How does one determine the order in which cities should be
visited such that the total distance traveled is minimized? The
brute force solution is simply to calculate the total distance
for every possible route and then select the shortest one. This
is not particularly efficient because it is possible to
eliminate many possible routes through clever algorithms.
Although brute force programming is not particularly elegant,
it does have a legitimate place in software engineering. Since
brute force methods always return the correct result -- albeit
slowly -- they are useful for testing the accuracy of faster
algorithms. In addition, sometimes a particular problem can be
|
| bug |
An
error or defect in software
or hardware
that causes a program to malfunction.
According to folklore, the first computer bug was an actual bug.
Discovered in 1945 at Harvard, a moth trapped between two
electrical relays of the Mark II Aiken Relay Calculator caused
the whole machine to shut down. |
| cable
modem |
A
modem
designed to operate over cable TV lines. Because the coaxial
cable used by cable TV provides much greater bandwidth
than telephone lines, a cable modem can be used to achieve
extremely fast access to the World
Wide Web. This, combined with the fact that millions of
homes are already wired for cable TV, has made the cable modem
something of a holy grail for Internet
and cable TV companies.
There are a number of technical difficulties, however. One is
that the cable TV infrastructure is designed to broadcast TV
signals in just one direction - from the cable TV company to
people's homes. The Internet, however, is a two-way system where
data also needs to flow from the client
to the server.
In addition, it is still unknown whether the cable TV networks
can handle the traffic
that would ensue if millions of users began using the system for
Internet access.
Despite these problems, cable modems that offer speeds up to
2 Mbps
are already available in many areas.
|
| DoS |
Short for denial-of-service
attack, a type of attack on a network that is designed to
bring the network to its knees by flooding it with useless
traffic. Many DoS attacks, such as the Ping of Death and Teardrop
attacks, exploit limitations in the TCP/IP
protocols. For all known DoS attacks, there are software fixes
that system administrators can install to limit the damage
caused by the attacks. But, like viruses, new DoS attacks are
constantly being dreamed up by hackers.
|
| download |
To
copy data
(usually an entire file)
from a main source
to a peripheral
device. The term is often used to describe the process of
copying a file from an online
service or bulletin
board service (BBS) to one's own computer.
Downloading can also refer to copying a file from a network file
server to a computer on the network.
In addition, the term is used to describe the process of
loading a font
into a laser
printer. The font is first copied from a disk
to the printer's local memory.
A font that has been downloaded
like this is called a soft
font to distinguish it from the hard
fonts that are permanently in the printer's memory.
The opposite of download is
upload,
which means to copy a file from your own computer to another
computer.
|
| dsl
modem |
Refers
collectively to all types of digital subscriber
lines, the two main categories being ADSL
and SDSL.
Two other types of xDSL technologies are High-data-rate DSL (HDSL)
and Very high DSL (VDSL).
DSL technologies use sophisticated modulation schemes to pack
data onto copper wires. They are sometimes referred to as
last-mile technologies because they are used only for
connections from a telephone switching station to a home or
office, not between switching stations.
xDSL is similar to
ISDN
inasmuch as both operate over existing copper telephone lines (POTS)
and both require the short runs to a central telephone office
(usually less than 20,000 feet). However, xDSL offers much
higher speeds - up to 32 Mbps
for downstream traffic, and from 32 Kbps
to over 1 Mbps for upstream traffic.
|
| e-commerce |
Conducting
business on-line.
This includes, for example, buying and selling products with digital
cash and via Electronic
Data Interchange (EDI). |
| e-mail |
Short
for electronic mail, the transmission of
messages over communications networks.
The messages can be notes entered from the keyboard
or electronic files stored
on disk.
Most mainframes, minicomputers,
and computer
networks have an e-mail system.
Some electronic-mail systems are confined to a single computer
system or network, but others have gateways
to other computer systems, enabling users
to send electronic mail anywhere in the world. Companies that
are fully computerized make extensive use of e-mail because it
is fast, flexible, and reliable.
Most e-mail systems include a rudimentary
text
editor for composing messages, but many allow you to edit
your messages using any editor you want. You then send the
message to the recipient by specifying the recipient's address.
You can also send the same message to several users at once.
This is called broadcasting.
Sent messages are stored in electronic
mailboxes
until the recipient fetches them. To see if you have any mail,
you may have to check your electronic mailbox periodically,
although many systems alert you when mail is received. After
reading your mail, you can store it in a text
file, forward it to other users, or delete
it. Copies of memos can be printed out on a printer
if you want a paper copy.
All online
services and Internet
Service Providers (ISPs) offer e-mail, and most also support
gateways so that you can exchange mail with users of other
systems.
Usually, it takes only a few seconds or minutes for mail to
arrive at its destination. This is a particularly effective way
to communicate with a group because you can broadcast a message
or document
to everyone in the group at once.
Although different e-mail systems use different
formats,
there are some emerging standards
that are making it possible for users on all systems to exchange
messages. In the PC
world, an important e-mail standard is MAPI.
The CCITT
standards organization has developed the X.400 standard, which
attempts to provide a universal way of addressing messages. To
date, though, the de facto addressing standard is the one used
by the Internet
system because almost all e-mail systems have an Internet
gateway.
Another common spelling for e-mail is email.
|
| encryption |
The
translation of data into a secret code. Encryption is the most effective way to
achieve data security.
To read
an encrypted file, you must have access to
a secret key
or password that enables you to decrypt
it. Unencrypted data is called plain
text; encrypted data is referred to as cipher
text.
There are two main types of encryption: asymmetric encryption
(also called public-key
encryption) and symmetric
encryption.
|
| firewall |
A
system designed to prevent unauthorized access to or from a private
network.
Firewalls can be implemented in both hardware and software,
or a combination of both. Firewalls are frequently used to
prevent unauthorized Internet
users from accessing private networks connected to the Internet,
especially intranets.
All messages entering or leaving the intranet pass through the
firewall, which examines each message and blocks those that do
not meet the specified security criteria.
There are several types of firewall techniques:
- Packet filter: Looks at each
packet
entering or leaving the network and accepts or rejects it
based on user-defined rules. Packet filtering is fairly
effective and transparent to users, but it is difficult to
configure. In addition, it is susceptible to IP
spoofing.
- Application gateway: Applies security mechanisms to
specific applications, such as FTP
and Telnet
servers. This is very effective, but can impose a
performance degradation.
- Circuit-level gateway: Applies security mechanisms
when a TCP
or UDP
connection is established. Once the connection has been
made, packets can flow between the hosts without further
checking.
- Proxy server: Intercepts all messages entering and
leaving the network. The proxy
server effectively hides the true network addresses.
In practice, many firewalls use two or more of these
techniques in concert.
A firewall is considered a first line of defense in
protecting private information. For greater security, data can be
encrypted.
|
| heuristics |
Of
or relating to exploratory problem-solving techniques that
utilize self-educating techniques (as the evaluation of
feedback) to improve performance. (From Merriam-Webster
Online.) |
| Internet |
A
global network
connecting millions of computers.
More than 100 countries are linked into exchanges of data, news and opinions.
Unlike
online services, which are centrally controlled, the Internet is
decentralized by design. Each Internet computer, called a host,
is independent. Its operators can choose which Internet services
to use and which local
services to make available to the global Internet community.
Remarkably, this anarchy by design works exceedingly well.
There are a variety of ways to
access the Internet. Most online services, such as American
Online, offer access to some Internet services. It is also
possible to gain access through a commercial Internet
Service Provider (ISP).
The Internet is not synonymous with
World Wide Web.
|
| instant
messaging |
A
type of communications service that enables you to create a
private chat
room with another individual. Typically, the instant
messaging system alerts you whenever somebody on your private
list is online. You can then initiate a chat session with that
particular individual.
There are several competing instant messaging systems.
Unfortunately, there's no standard, so anyone you want to send
instant messages to must use the same instant messaging system
that you use.
|
| intruder |
An
adversary who is conducting or has conducted an intrusion or
attack against a victim host, site, network or organization.
Since the label of intruder is assigned by the victim of the
intrusion and is therefore contingent on the victim’s
definition of encroachment, there can be no ubiquitous
categorization of actions as being intrusive or not. From the
victim’s viewpoint, an intruder is usually an entity (person
or organization) that has successfully attacked the victim. It
is unclear whether one who conducts an unsuccessful attack is an
intruder. If an intrusion is required to be an intruder, then it
seems that all intruders are attackers, but all attackers are
not necessarily intruders. (From the glossary of State
of the Practice of Intrusion Detection Technologies.) |
| media |
Objects
on which data can be stored.
These include hard disks, floppy disks, CD-ROMs and tapes. |
| operating
system |
The
most important program that runs on a computer.
Every general-purpose computer must have an operating system to
run other programs. Operating systems perform basic tasks, such
as recognizing input from the keyboard,
sending output to the display screen, keeping track of files and
directories on the disk,
and controlling peripheral
devices such as disk drives and printers.
For large systems, the operating system has even greater
responsibilities and powers. It is like a traffic cop -- it
makes sure that different programs and users running at the same time do not interfere with each other. The
operating system is also responsible for security, ensuring that unauthorized users do not
access the system.
Operating systems can be classified as follows:
- multi-user: Allows two or more users to run programs at the same time.
Some operating systems permit hundreds or even thousands of
concurrent users.
- multiprocessing:
Supports running a program on more than one CPU.
- multitasking: Allows more than one program to run concurrently.
- multithreading: Allows different parts of a single program to run
concurrently.
- real
time: Responds to input instantly. General-purpose
operating systems, such as DOS
and UNIX,
are not real-time.
Operating systems provide a
software platform on top of which other programs, called
application programs, can run. The application programs must be written
to run on top of a particular operating system. Your choice of
operating system, therefore, determines to a great extent the
applications you can run. For PCs,
the most popular operating systems are DOS, OS/2,
and Windows,
but others are available, such as Linux.
As a user, you normally interact with the operating system
through a set of commands. For example, the DOS operating system contains commands such as
COPY and RENAME for copying files and changing the names of files, respectively. The commands are accepted and
executed by a part of the operating system called the command
processor or command line interpreter. Graphical
user interfaces allow you to enter commands by pointing and
clicking at objects that appear on the screen.
|
| packet |
A
piece of a message transmitted over a packet-switching network.
See under packet
switching. One of the key features of a packet is that
it contains the destination address in addition to the data. In IP
networks, packets are often called datagrams. |
| password |
A
secret series of characters
that enables a user
to access
a file, computer,
or program. On multi-user
systems,
each user must enter his or her password before the computer
will respond to commands.
The password helps ensure that unauthorized users do not access
the computer. In addition, data
files and programs may require a password.
Ideally, the password should be something that nobody could
guess. In practice, most people choose a password that is easy
to remember, such as their name or their initials. This is one
reason it is relatively easy to break into most computer
systems.
|
| patch |
A
temporary fix to a program bug.
A patch is an actual piece of object
code that is inserted into (patched into) an
executable program. |
| port |
In
TCP/IP
and UDP
networks, an endpoint to a logical
connection. The port number identifies what type of port it is.
For example, port 80 is used for HTTP
traffic. Also see Well-Known
TCP Port Numbers. |
| smtp |
Short for Simple
Mail Transfer Protocol, a protocol for
sending e-mail messages between servers. Most e-mail systems
that send mail over the Internet use SMTP to send messages from
one server to another; the messages can then be retrieved with
an e-mail client.
|
| sniffing |
A
program and/or device that monitors data traveling over a network.
Sniffers can be used both for legitimate network
management functions and for stealing information off a
network. Unauthorized sniffers can be extremely dangerous to a
network's security because they are virtually impossible to
detect and can be inserted almost anywhere. This makes them a
favorite weapon in the hacker's
arsenal.
On TCP/IP networks, where they sniff
packets,
they're often called packet sniffers.
|
| social
engineering |
Social
engineering is the art and science of getting people to comply
to your wishes. It is not a way of mind control, it will not
allow you to get people to perform tasks wildly outside of their
normal behavior and it is far from foolproof. (From http://packetstormsecurity.nl/docs/social-engineering/aaatalk.html
) |
| spoofing |
Unauthorized
use of legitimate Identification and Authentication data,
however, it was obtained, to mimic a subject different from the
attacker. Impersonating, masquerading, piggybacking, and
mimicking are forms of spoofing. (From the National
Information Systems Security (INFOSEC) Glossary.) |
| stateful
inspection |
Also
referred to as dynamic packet filtering. Stateful
inspection is a firewall architecture that works at the network
layer. Unlike static packet
filtering, which examines a packet
based on the information in its header, stateful inspection
tracks each connection traversing all interfaces of the firewall
and makes sure they are valid. An example of a stateful firewall
may examine not just the header information but also the
contents of the packet up through the application layer in order
to determine more about the packet than just information about
its source and destination. A stateful inspection firewall also
monitors the state of the connection and compiles the
information in a state table. Because of this, filtering
decisions are based not only on administrator-defined rules (as
in static packet filtering) but also on context that has been
established by prior packets that have passed through the
firewall.
As an added security measure
against port
scanning, stateful inspection firewalls close off ports
until connection to the specific port is requested.
Check Point Software is
credited with coining the term stateful inspection in the
use of its FireWall-1 in 1993. |
| vulnerability |
A
feature or combination of features of a system that allows an
adversary – the intruder – to place the system
– your home computer – in a state that is both
contrary to the desires of the people responsible for the system
– you! – and increases the risk (probability or
consequence) of undesirable behavior in or of the system. A
feature of combination of features of a system that prevents the
successful implementation of a particular security policy for
that system. A program with a buffer that can be overflowed with
data supplied by the invoker will usually be considered a
vulnerability. A telephone procedure that provides private
information about the caller without prior authentication will
usually be considered to have a vulnerability. |
| worm |
A
program or algorithm
that replicates itself over a computer network and usually
performs malicious actions, such as using up the computer's
resources and possibly shutting the system down. Also see virus. |
|
|
