Internet Security Glossary

ARPAnet The precursor to the Internet, ARPAnet was a large wide-area network created by the United States Defense Advanced Research Project Agency (ARPA). Established in 1969, ARPAnet served as a testbed for new networking technologies, linking many universities and research centers. The first two nodes that formed the ARPAnet were UCLA and the Stanford Research Institute, followed shortly thereafter by the University of Utah.attack An action conducted by an adversary, the attacker, on a potential victim. (From the glossary of State of the Practice of Intrusion Detection Technologies.)backdoor Also called a trapdoor. An undocumented way of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who creates the code for the program. It is often only known by the programmer. A backdoor is a potential security risk.backup Copy of files and programs made to facilitate recovery, if necessary. (From the National Information Systems Security (INFOSEC) Glossary.)brute force Refers to a programming style that does not include any shortcuts to improve performance, but instead relies on sheer computing power to try all possibilities until the solution to a problem is found. A classic example is the traveling salesman problem (TSP). Suppose a salesman needs to visit 10 cities across the country. How does one determine the order in which cities should be visited such that the total distance traveled is minimized? The brute force solution is simply to calculate the total distance for every possible route and then select the shortest one. This is not particularly efficient because it is possible to eliminate many possible routes through clever algorithms.
Although brute force programming is not particularly elegant, it does have a legitimate place in software engineering. Since brute force methods always return the correct result -- albeit slowly -- they are useful for testing the accuracy of faster algorithms. In addition, sometimes a particular problem can bebug An error or defect in software or hardware that causes a program to malfunction. According to folklore, the first computer bug was an actual bug. Discovered in 1945 at Harvard, a moth trapped between two electrical relays of the Mark II Aiken Relay Calculator caused the whole machine to shut down.cable modem A modem designed to operate over cable TV lines. Because the coaxial cable used by cable TV provides much greater bandwidth than telephone lines, a cable modem can be used to achieve extremely fast access to the World Wide Web. This, combined with the fact that millions of homes are already wired for cable TV, has made the cable modem something of a holy grail for Internet and cable TV companies.
There are a number of technical difficulties, however. One is that the cable TV infrastructure is designed to broadcast TV signals in just one direction - from the cable TV company to people's homes. The Internet, however, is a two-way system where data also needs to flow from the client to the server. In addition, it is still unknown whether the cable TV networks can handle the traffic that would ensue if millions of users began using the system for Internet access.
Despite these problems, cable modems that offer speeds up to 2 Mbps are already available in many areas.DoS Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers. download To copy data (usually an entire file) from a main source to a peripheral device. The term is often used to describe the process of copying a file from an online service or bulletin board service (BBS) to one's own computer. Downloading can also refer to copying a file from a network file server to a computer on the network.
In addition, the term is used to describe the process of loading a font into a laser printer. The font is first copied from a disk to the printer's local memory. A font that has been downloaded like this is called a soft font to distinguish it from the hard fonts that are permanently in the printer's memory.
The opposite of download is upload, which means to copy a file from your own computer to another computer.dsl modem Refers collectively to all types of digital subscriber lines, the two main categories being ADSL and SDSL. Two other types of xDSL technologies are High-data-rate DSL (HDSL) and Very high DSL (VDSL).
DSL technologies use sophisticated modulation schemes to pack data onto copper wires. They are sometimes referred to as last-mile technologies because they are used only for connections from a telephone switching station to a home or office, not between switching stations.
xDSL is similar to ISDN inasmuch as both operate over existing copper telephone lines (POTS) and both require the short runs to a central telephone office (usually less than 20,000 feet). However, xDSL offers much higher speeds - up to 32 Mbps for downstream traffic, and from 32 Kbps to over 1 Mbps for upstream traffic.e-commerce Conducting business on-line. This includes, for example, buying and selling products with digital cash and via Electronic Data Interchange (EDI).e-mail Short for electronic mail, the transmission of messages over communications networks. The messages can be notes entered from the keyboard or electronic files stored on disk. Most mainframes, minicomputers, and computer networks have an e-mail system. Some electronic-mail systems are confined to a single computer system or network, but others have gateways to other computer systems, enabling users to send electronic mail anywhere in the world. Companies that are fully computerized make extensive use of e-mail because it is fast, flexible, and reliable.
Most e-mail systems include a rudimentary text editor for composing messages, but many allow you to edit your messages using any editor you want. You then send the message to the recipient by specifying the recipient's address. You can also send the same message to several users at once. This is called broadcasting.
Sent messages are stored in electronic mailboxes until the recipient fetches them. To see if you have any mail, you may have to check your electronic mailbox periodically, although many systems alert you when mail is received. After reading your mail, you can store it in a text file, forward it to other users, or delete it. Copies of memos can be printed out on a printer if you want a paper copy.
All online services and Internet Service Providers (ISPs) offer e-mail, and most also support gateways so that you can exchange mail with users of other systems.
Usually, it takes only a few seconds or minutes for mail to arrive at its destination. This is a particularly effective way to communicate with a group because you can broadcast a message or document to everyone in the group at once.
Although different e-mail systems use different formats, there are some emerging standards that are making it possible for users on all systems to exchange messages. In the PC world, an important e-mail standard is MAPI. The CCITT standards organization has developed the X.400 standard, which attempts to provide a universal way of addressing messages. To date, though, the de facto addressing standard is the one used by the Internet system because almost all e-mail systems have an Internet gateway.
Another common spelling for e-mail is email.encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text.
There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.firewall A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
In practice, many firewalls use two or more of these techniques in concert.
A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.heuristics Of or relating to exploratory problem-solving techniques that utilize self-educating techniques (as the evaluation of feedback) to improve performance. (From Merriam-Webster Online.)Internet A global network connecting millions of computers. More than 100 countries are linked into exchanges of data, news and opinions.
Unlike online services, which are centrally controlled, the Internet is decentralized by design. Each Internet computer, called a host, is independent. Its operators can choose which Internet services to use and which local services to make available to the global Internet community. Remarkably, this anarchy by design works exceedingly well.
There are a variety of ways to access the Internet. Most online services, such as American Online, offer access to some Internet services. It is also possible to gain access through a commercial Internet Service Provider (ISP).
The Internet is not synonymous with World Wide Web.instant messaging A type of communications service that enables you to create a private chat room with another individual. Typically, the instant messaging system alerts you whenever somebody on your private list is online. You can then initiate a chat session with that particular individual.
There are several competing instant messaging systems. Unfortunately, there's no standard, so anyone you want to send instant messages to must use the same instant messaging system that you use.intruder An adversary who is conducting or has conducted an intrusion or attack against a victim host, site, network or organization. Since the label of intruder is assigned by the victim of the intrusion and is therefore contingent on the victim’s definition of encroachment, there can be no ubiquitous categorization of actions as being intrusive or not. From the victim’s viewpoint, an intruder is usually an entity (person or organization) that has successfully attacked the victim. It is unclear whether one who conducts an unsuccessful attack is an intruder. If an intrusion is required to be an intruder, then it seems that all intruders are attackers, but all attackers are not necessarily intruders. (From the glossary of State of the Practice of Intrusion Detection Technologies.)media Objects on which data can be stored. These include hard disks, floppy disks, CD-ROMs and tapes.operating system The most important program that runs on a computer. Every general-purpose computer must have an operating system to run other programs. Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers.
For large systems, the operating system has even greater responsibilities and powers. It is like a traffic cop -- it makes sure that different programs and users running at the same time do not interfere with each other. The operating system is also responsible for security, ensuring that unauthorized users do not access the system.
Operating systems can be classified as follows:
multi-user: Allows two or more users to run programs at the same time. Some operating systems permit hundreds or even thousands of concurrent users.
multiprocessing: Supports running a program on more than one CPU.
multitasking: Allows more than one program to run concurrently.
multithreading: Allows different parts of a single program to run concurrently.
real time: Responds to input instantly. General-purpose operating systems, such as DOS and UNIX, are not real-time.
Operating systems provide a software platform on top of which other programs, called application programs, can run. The application programs must be written to run on top of a particular operating system. Your choice of operating system, therefore, determines to a great extent the applications you can run. For PCs, the most popular operating systems are DOS, OS/2, and Windows, but others are available, such as Linux.
As a user, you normally interact with the operating system through a set of commands. For example, the DOS operating system contains commands such as COPY and RENAME for copying files and changing the names of files, respectively. The commands are accepted and executed by a part of the operating system called the command processor or command line interpreter. Graphical user interfaces allow you to enter commands by pointing and clicking at objects that appear on the screen.packet A piece of a message transmitted over a packet-switching network. See under packet switching. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.password A secret series of characters that enables a user to access a file, computer, or program. On multi-user systems, each user must enter his or her password before the computer will respond to commands. The password helps ensure that unauthorized users do not access the computer. In addition, data files and programs may require a password.
Ideally, the password should be something that nobody could guess. In practice, most people choose a password that is easy to remember, such as their name or their initials. This is one reason it is relatively easy to break into most computer systems.patch A temporary fix to a program bug. A patch is an actual piece of object code that is inserted into (patched into) an executable program.port In TCP/IP and UDP networks, an endpoint to a logical connection. The port number identifies what type of port it is. For example, port 80 is used for HTTP traffic. Also see Well-Known TCP Port Numbers.smtp Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client. sniffing A program and/or device that monitors data traveling over a network. Sniffers can be used both for legitimate network management functions and for stealing information off a network. Unauthorized sniffers can be extremely dangerous to a network's security because they are virtually impossible to detect and can be inserted almost anywhere. This makes them a favorite weapon in the hacker's arsenal.
On TCP/IP networks, where they sniff packets, they're often called packet sniffers.social engineering Social engineering is the art and science of getting people to comply to your wishes. It is not a way of mind control, it will not allow you to get people to perform tasks wildly outside of their normal behavior and it is far from foolproof. (From http://packetstormsecurity.nl/docs/social-engineering/aaatalk.html )spoofing Unauthorized use of legitimate Identification and Authentication data, however, it was obtained, to mimic a subject different from the attacker. Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing. (From the National Information Systems Security (INFOSEC) Glossary.)stateful inspection Also referred to as dynamic packet filtering. Stateful inspection is a firewall architecture that works at the network layer. Unlike static packet filtering, which examines a packet based on the information in its header, stateful inspection tracks each connection traversing all interfaces of the firewall and makes sure they are valid. An example of a stateful firewall may examine not just the header information but also the contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination. A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table. Because of this, filtering decisions are based not only on administrator-defined rules (as in static packet filtering) but also on context that has been established by prior packets that have passed through the firewall.
As an added security measure against port scanning, stateful inspection firewalls close off ports until connection to the specific port is requested.
Check Point Software is credited with coining the term stateful inspection in the use of its FireWall-1 in 1993.vulnerability A feature or combination of features of a system that allows an adversary – the intruder – to place the system – your home computer – in a state that is both contrary to the desires of the people responsible for the system – you! – and increases the risk (probability or consequence) of undesirable behavior in or of the system. A feature of combination of features of a system that prevents the successful implementation of a particular security policy for that system. A program with a buffer that can be overflowed with data supplied by the invoker will usually be considered a vulnerability. A telephone procedure that provides private information about the caller without prior authentication will usually be considered to have a vulnerability.worm A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down. Also see virus.
©2000-2004 by SurferBeware.com™. All rights reserved.