Network Security Glossary

 

A - C

Access Control - Techniques for controlling access to sensitive files.

ActiveX - Technology developed by Microsoft that integrates local desktop programs with documents on the World Wide Web. For example, ActiveX technology allows a person to see a Word or Excel document from within the Web browser.

Anonymous Remailer - A program that removes header information from an e-mail message, making it impossible to tell where it actually came from. See SPAM.

ARP - Address Resolution Protocol.

Authenticity - Proof that the information came from the person or location that reportedly sent it. One example of authenticating software is through digital signatures.

Back Door - A deliberately planned security breach in a program. Back doors allow special access to a computer or program. Sometimes back doors can be exploited and allow a cracker unauthorized access to data.

Biometrics - Authentication techniques that utilize the analysis of a person's physical characteristics, such as fingerprints, speech, and retina scans.

BIOS - Basic Input Output System. The lowest level of the Central Processing Unit's operating system. The BIOS contains information that allows the CPU to communicate with with the computer's hardware.

Brute Force Hacking - A technique used to find passwords or encryption keys. Brute Force Hacking involves trying every possible combination of letters, numbers, etc. until the code is broken.

Bulletin Board System - A computer with bulletin board software that is dedicated to communicating with other computers. Bulletin board systems are similar to small intranets, and often have file libraries, message areas, databases, and other electronic activities.

Camping Out - Staying in a "safe" place once a hacker has broken into a system. The term can be used with a physical location, electronic reference, or an entry point for future attacks.

Cipher Text - Text that has been scrambled or encrypted so that it cannot be read without deciphering it. See Encryption

Cookie - A string of characters saved by a web browser on the user's hard disk. Many web pages send cookies to track specific user information. Cookies can be used to retain information as the user browses a web site. For example, cookies are used to 'remember' the items a shopper may have in a shopping cart.
 

Countermeasures - Techniques, programs, or other tools that can protect your computer against threats.

Covering Tracks - Removing evidence of one's passage.  Hackers 'cover their tracks' to prevent others from finding out how they entered a system, or to keep others form knowing that they had access to a system.

Cracker - Someone who breaks into computers. Crackers should not be confused with Hackers. The term Cracker is usually connected to computer criminals. Some of their crimes include vandalism, theft, and snooping in unauthorized areas.

Cracker Tools - Programs used to break into computers. Cracker tools are widely distributed on the Internet. They include password crackers, trojans, viruses, war-dialers, and worms.

Cracking - The act of breaking into computers. Cracking is a popular, growing subject on the Internet. Many sites are devoted to supplying crackers with programs that allow them to crack computers. Some of these programs contain dictionaries for guessing passwords. Others are used to break into phone lines (called phreaking). These sites usually display warnings like "These files are illegal, we are not responsible for what you do with them."

Cryptoanalysis - The act of analyzing (or breaking into) secure documents or systems that are protected with encryption.

 

 

Back To Top

 

D - G

Database - A system of storing information in an organized manner.

Decryption - The act of restoring an encrypted file to its original state.

Denial of Service - Act of preventing customers, users, clients or other machines from accessing data on a computer. This is usually accomplished by interrupting or overwhelming the computer with bad or excessive information requests.

DES - Data Encryption Standard. An encryption algorythm developed by the US government.  It allows the use of variable length keys.

Digital Signature - Digital code that authenticates whomever signed the document or software. Software, messages, Email, and other electronic documents can be signed electronically so that they cannot be altered by anyone else. If someone alters a signed document, the signature is no longer valid. Digital signatures are created when someone generates a hash from a message, then encrypts and sends both the hash and the message to the intended recipient. The recipient decrypts the hash and original message, makes a new hash on the message itself, and compares the new hash with the old one. If the hashes are the same, the recipient knows that the message has not been changed..Also see software.

Encryption - The act of substituting numbers and characters in a file so that the file is unreadable until it is decrypted. Encryption is usually done using a mathematical formula which determines how the file is decrypted.

Ethernet - A common LAN (Local Area Network) communication protocol that is capable of 10MB/s data transfer rates. A newer version of Ethernet, called Fast Ethernet, is capable of 100MB/s transfer rates. The latest version, Gigabit Ethernet, supports data rates as fast as 1,000MB/s.

File Type - A group of files with the same extension (a period and three characters at the end of a filename).

Firewall - A logical "wall" around a LAN or WAN that restricts access into and out of the network.  See Gateway

Frame Relay - A communications protocol for WANs that supports fast connection speeds.

Freeware - Software available without charge. Also see Shareware.

FTP - File Transfer Protocol.

Gateway - A way to control access to networks through a firewall. Gateways also allow different types of systems to communicate with each other.
 

 

Back To Top

 

H - O

Hacker - Person with a strong interest in computers who enjoys learning and experimenting with them. Hackers are usually very talented, smart people who understand computers better than others. The term is often confused with cracker which defines someone who breaks into computers.

Hash - A special number generated from a string of text.  Hashes are commonly used in large databases, where searching the database for a number would be faster than searching for a longer string of text.  Hashes are also used to create digital signatures.

Header - A small part of a file or message that defines certain properties. File headers include the file size, date last modified, date created, etc.  Message headers contain information on who sent it, when and from where they sent it, the name and address of the recipient, attachment information, etc.

HTML - HyperText Markup Language. This is the language of the World Wide Web. It contains hidden tags that tell the Web browser what to do. These hidden tags create all the formatting on a Web page, and they contain the information needed to jump to another place when the user clicks a link. The World Wide Web Consortium develops and maintains the HTML standards that most browsers use today.

HTTP - HyperText Transfer Protocol.

ICMP - Internet Control Message Protocol.

IDEA - International Data Encryption Algorythm. An encryption algorythm that uses a 128-bit key.

Integrity - Proof that the data is the same as originally intended. Unauthorized software or people have not altered the original information.

Internet Worm - See Worm.

Intruder - Person or software interested in breaking computer security to access, modify, or damage data. Also see Cracker, and Elite.

IP - Internet Protocol.

IP Address - An address number that is allocated to a specific computer on a network. IP Addresses consist of a series of 4 numbers between 1 and 255 and seperated by periods (.). For example, a valid IP Address could look like this: 11.35.230.42 .

ISDN - Integrated Services Digital Network. ISDN is a communications standard for sending data over digital phone lines.  Residential ISDN lines do not require modes for transferring data.When setting up ISDN, phone companies typically offer 2 lines, both capable of 64 Kbps transfer rates. These lines can be used as voice or data lines, allowing the user to talk on the phone while on the Internet, or even acquire download speeds of 128 Kbps.   Today's fastest modems are capable of only 56 Kbps transfer rates.

ISO - International Standards Orgainzation.  Organization established for defining internet protocol standards.

ISP - Internet Service Provider. This is the individual or company that provides access to the Internet for others. ISPs usually maintain a large network of modems, servers and routers. Their network is generally connected to the Internet with a high-speed connection. Clients can dial into the ISP's server through a modem or other connection to access the Internet without having to maintain a large network themselves.

Java - Programming language developed by Sunsoft Systems. This language received a lot of attention on the Internet because of its ability to run the same program on mutiple computer platforms (PC, Macintosh, UNIX, etc.).

Joyriding - Hacking into an ISP or phone service in order to get useage from that service without paying for it.

Key Pair - See Public-Key Encryption

LANs - Local Area Network. Two or more computers connected to each other.  LANs allow communication between local computers and printers. They can be linked to WANs, MANs, and the Internet.

Linux - A version of the UNIX operating system designed to run on IBM Compatible computers.

Logic Bomb - A virus that only activates itself when certain conditions are met. Logic bombs usually damage files or cause other serious problems when they are activated.

MAN - Municipal Area Network. These networks are a cross between a WAN and a LAN. They typically provide Internet access to designated communities, but are also used for local businesses that communicate across town.

Name Resolution - The allocation of an IP address to a host name. See DNS

NetBIOS - Network Basic Input / Output System. NetBIOS is an extension of the DOS BIOS that enables a PC to connect to and communicate with a LAN.

NAT - Network Address Translation. An Internet standard that enables LAN, WAN, and MAN networks to use extended IP addresses for internal use by adding an extra number to the IP address. This standard translates internal IP addresses into external IP addresses and vice versa. In doing so, it generates a type of firewall by hiding internal IP addresses.

NFS - Network File System. This operating system allows file sharing between networked computers.

NNTP
- Network News Transfer Protocol. A protocol for distributing news messages over the Internet. This protocol is similar to the HTTP (Hyper Text Transfer Protocol) system.
  

 

Back To Top

 

P - R

Packet - A block of information that is sent from one computer to another, usually over a modem, network, or the Internet.

Packet Filter - A filter used in firewalls that scans packets and decides whether to let them through.

Password Cracker - A program that uses a dictionary of words, phrases, names, etc. to guess a password.

Password Encryption - A system of encrypting electronic files using a single key or password. Anyone who knows the password can decrypt the file.

Password Shadowing - The storage of a user's username and password in a network administrator database.

Penetration - Gaining access to computers or networks by bypassing security programs and passwords.

Phreaking - Breaking into phone or other communication systems. Phreaking sites on the Internet are popular among crackers and other criminals.

Ping Attack - An attack that slows down the network until it is unuseable. The attacker sends a "ping" command to the network repeatedly to slow it down. See also Denial of Service.

Pirate - Someone who steals or distributes software without paying the legitimate owner for it. This category of computer criminal includes several different types of illegal activities; making copies of software for others to use, distributing pirated software over the Internet or a Bulletin Board System, receiving or downloading illegal copies of software in any form.

Pirated Software
- Software that has been illegally copied, or that is being used in violation of the software's licensing agreement. Pirated software is often distributed through pirate bulletin boards or on the Internet. In the internet underground it is known as Warez.

Plain Text - The opposite of Cipher Text, Plain Text is readable by anyone.

POP - Post Office Protocol.  This is a common protocol used for sending, receiving, and delivering mail messages.

Port - An interface on a computer for connecting peripherals or devices to the computer. A printer port, for example, is an interface that is designed to have a printer connected to it. Ports can be defined by specific hardware (such as a keyboard port) or through software. Logical ports can be set up on networks for specific purposes like handling E-mail or HTTP data.

Protocol - A set of standards or rules used to define, format, and use packets of data.

Proxy Server - A server that exists between a client application, such as a web browser, and a real server. Proxy servers contain frequently accessed information. They reduce the number of requests made to a real server, and tend to be much faster than real servers. Proxy servers generally improve overall connection performance.

Public Key Encryption
- System of encrypting electronic files using a key pair. The key pair contains a public key used during encryption, and a corresponding private key used during decryption.

Reconnaissance
- The finding and observation of potential targets for a cracker to attack.

Router - A device that connects two networks together. They monitor, direct, and filter information that passes between these networks. Because of their location, routers are a good place to install traffic or mail filters.
 

 

Back To Top

 

S - T

SATAN - A UNIX program that gathers information on networks and stores it in databases. It is helpful in finding security flaws such as incorrect settings, software bugs and poor policy decisions. It shows network services that are running, the different types of hardware and software on the network, and other information. It was written to help users find security flaws in their network systems.

Shareware - Software that is initially distributed without charge. If users like the software, they are encouraged to pay for it, and usually receive documentation, upgrades, support and registration. Shareware may have limited features, or may work for a specific amount of time until the user pays for it. Also see freeware.

Shoulder Surfing
- Looking over someone's shoulder to see the numbers they dial on a phone, or the information they enter into a computer.

SMTP - Simple Mail Transfer Protocol.

Sniffer - A networking tool that can capture data as it goes through a network. Sniffers are often programmed to search for and decode specific types of information.

Snooping - Passively watching a network for information that could be used to a hacker's advantage, such as passwords.   Usually done while Camping Out.

Social Engineering
- Telling a lie, or using deceptive tactics to gain access to private information.

SOCKS - A protocol that handles TCP traffic through proxy servers. SOCKS acts like a simple firewall because it checks incoming and outgoing packets and hides the IP addresses of client applications.

Software Pirate - see Pirate.

SPAM - Unwanted e-mail, usually in the form of advertisements.

Spoofing - Penetrating a computer by posing as an authorized user.

Squatting
- See Camping Out

SSL (Secured Socket Layer)
- Technology that allows you to send information that only the server can read. SSL allows servers and browsers to encrypt data as they communicate with each other. This makes it very difficult for third parties to understand the communications.

Subnet - A region or section of a network that shares a common IP Address prefix. For example, all of the computers on a network that share the  IP Address 210.30.15.??? would be part of a subnet.

TCP - Transmission Control Protocol.

Telnet - A program that connects a computer to a server on a network.  It allows a user to control some server functions and to communicate with other servers on the network. Telnet sessions generally require a valid username and password.  Hackers commonly use Telnet to hack into corporate network systems.

Tempest - Illegal interception of data from computers and video signals.

Threat - Possible danger to a computer system.

Trojan or Trojan Horse - A program that is disguised to make a user want to run it. Trojans may display features of the expected program; they may show a game, or a network login. However, trojans can cause many problems. They can steal passwords, delete data, format hard drives, or cause other problems.

Tunneling - Also called encapsulation, tunneling enables a network to send or recieve data through another network's connections.   It does this by layering a special protocol on top of an existing one (usually done at the packet level).
 

 

Back To Top

 

U - Z

UNIX - A widely used operating system in large networks.

URL - Uniform (or Universal) Resource Locator. This is the address you can enter into the browser to find a specific location on the Internet. URLs start with a protocol (eg. http:// or ftp://) and contain the name of a domain or computer server (Symantec.com). More specific URLs also contain directory information that download the proper file on the server.

Virus - Computer code that attaches itself to other files on a computer system. Viruses spread through programs that are shared with other computers over the Internet. Some viruses are malicious and damage files and programs. Viruses spread without the user's knowledge, and should be scanned for by an AntiVirus program on a regular basis.

VLAN - Virtual LAN.  This acts like a physical LAN, but is software based.  This allows a great deal of flexibility, such as easy expansion and contraction of the LAN without having to fuss with the hardware.

VMS - Virtual Memory System, actually an operating system that runs on VAX minicomputers and workstations.

VPN - Virtual Private Network.   These networks use public connections (such as the Internet) to transfer information. That information is usually encrypted for security purposes.

VRML - Virtual Reality Modeling Language. This language specifies the structure for creating three-dimensional environments on the computer. VRML allows the viewer to interact with other objects in the environment.

Vulnerability - Point where a system can be attacked.

WANs - Wide Area Networks. These networks use telephone lines to communicate over large areas. They make up a large part of the Internet. They can connect to LANs and MANs.

War Dialer - A program that automatically dials phone numbers looking for computers on the other end. They catalog numbers so that hackers can call back and try to break in.

Warez - A term that describes Pirated Software on the Internet. Warez include cracked games or other programs that software pirates distribute on the Internet.

Windows DNA - Windows Distributed interNet Applications Architecture. A set of technologies such as ActiveX and Dynamic HTML developed by Microsoft to help Windows and the Internet work together.

Worm - A program that seeks access into other computers. Once a worm penetrates another computer it continues seeking access to other areas. Worms are often equipped with dictionary-based password crackers and other cracker tools which enable them to penetrate more systems. Worms often steal or vandalize computer data.

WWW
- World Wide Web. The WWW uses the http protocol to send and receive multi-media over the Internet. This term is commonly confused with the Internet itself.

Xenix - A version of UNIX that runs on PCs.
 

 

Back To Top