Active Attack
An attack which results in an unauthorized state change, such as the manipulation of files, or the adding of unauthorized files.

Ad Blocker or Ad Killer
A program that helps to prevent unsolicited windows from appearing on your screen; these windows usually contain advertisements.

Adware
While not necessarily malware, adware is considered to go beyond the reasonable advertising that one might expect from freeware or shareware. Typically a separate program that is installed at the same time as a shareware or similar program, adware will usually continue to generate advertising even when the user is not running the originally desired program. See also cookies, spyware, and web bugs

Anti-Spam
A software or service to help prevent unsolicited mail and to complicate a Spammer's method of collecting email addresses.

Attack
An attempt to bypass security controls on a computer. The attack may alter, release, or deny data. Whether an attack will succeed depends on the vulnerability of the computer system and the effectiveness of existing countermeasures.

Authenticate
To establish the validity of a claimed user or object.

Authentication
To positively verify the identity of a user, device, or other entity in a computer system, often as a prerequisite to allowing access to resources in a system.

B       Top of Page

Back Door
A hole in the security of a computer system deliberately left in place by designers or maintainers. Synonymous with trap door; a hidden software or hardware mechanism used to circumvent security controls.

Breach
The successful defeat of security controls which could result in a penetration of the system. A violation of controls of a particular information system such that information assets or system components are unduly exposed.

Browser
A program that allows users to view web pages. Netscape^® Navigator and Microsoft^® Internet Explorer are examples of popular browsers.

Bug
An unwanted and unintended property of a program or piece of hardware, especially one that causes it to malfunction.

C      Top of Page

CGI Scripts
Common Gateway Interface or CGI script allows for the creation of dynamic and interactive web pages. They also tend to be the most vulnerable part of a web server (besides the underlying host security).

Cache
An area on the hard disc of a computer where web pages and page elements (graphics etc) are stored when a page is downloaded from the Internet.

CGI stands for Common Gateway Interface and is a standard way for data to be passed between web applications e.g. passing data from an online HTML form to a script on the server.

Chatroom An interactive forum where you can talk in real-time. The chatroom is the place or location online where the chat is taking place. Many chatrooms are established so that people can discuss a common interest like music or movies. For example Webster likes to go to the "Browser Ball" chatroom so that he can talk about his favorite game.

Client
A term used to refer to any application that communicates with other applications and requests and receives data - for example a web browser. Most applications on the Internet are in a client-server relationship.

Compromise
An intrusion into a computer system where unauthorized disclosure, modification or destruction of sensitive information may have occurred.

Computer Abuse
The willful or negligent unauthorized activity that affects the availability, confidentiality, or integrity of computer resources. Computer abuse includes fraud, embezzlement, theft, malicious damage, unauthorized use, denial of service, and misappropriation.

Computer Fraud
Computer-related crimes involving deliberate misrepresentation or alteration of data in order to obtain something of value.

Computer Network Attack
Operations to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.

Computer Security Intrusion
Any event of unauthorized access or penetration to a network or computer

Confidentiality
Assuring information will be kept secret, with access limited to appropriate persons.

Cookies
Small files that can be created and written to by a programming/scripting language. The most common are JavaScript cookies that are read/written to a user's hard drive by a JavaScript program that runs in the web browser when a user visits a web site. These are an example of client-side cookies but server-side cookies may be created by languages such as PHP. Many people consider cookies an invasion of privacy since they can be used to collect information about a user - however they can only collect information that the user is willing to submit via an online form.

Countermeasures
Action, device, procedure, technique, or other measure that reduces the vulnerability of an automated information system. Countermeasures that are aimed at specific threats and vulnerabilities involve more sophisticated techniques as well as activities traditionally perceived as security.

Crack
A popular hacking tool used to decode encrypted passwords.

Cracker
One who breaks security on a network or computer.

Cracking
The act of breaking into a computer system.

Crash
A sudden, usually drastic failure of a computer system.

D       Top of Page

Denial of Service or DOS Attack
Action(s) which prevent any part of an AIS from functioning in accordance with its intended purpose.

DNS Spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

Directory or Folder
A file that contains an index of files or other directories (i.e. sub directories). Usually called a folder in Windows.

E        Top of Page

Email Worm or Computer Worm
A self-reproducing program which is distinguished from a virus by copying itself without being attached to a program file, or which spreads over computer networks, particularly via email.

Email Alias
Email alias is not a real email account. It's an address that forwards all email it receives to another email account that is designated.

F          Top of Page

Firewall
A type of server usually placed between the users of a LAN and the Internet. The firewall can be set to screen for incoming viruses and only allow access to certain resources on the Internet as a security measure.

FTP (File Transfer Protocol)
The protocol used to transmit files over the Internet.

FTP Client
Is a client application used to upload and download files from a remote server using FTP.

H     Top of Page

Hacker
A person who enjoys exploring the details of computers and how to stretch their capabilities. A malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their capabilities, as opposed to most users who prefer to learn on the minimum necessary.

Hacking
Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.

Host
A single computer or workstation; it can be connected to a network.

HTML (Hypertext Markup Language)
The basic language used to write web pages.

HTTP (Hypertext Transfer Protocol)
The protocol used to transmit web pages over the Internet.

HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL)
A Web protocol developed by Netscape and built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server.

Hyperlinks
Text (normally a different color to the surrounding text and underlined) or images which when you click on them load in a different part of the web page you're on or load in a new web page.

I     Top of Page

Intrusion
Any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource.

Intrusion Detection
Pertaining to techniques which attempt to detect intrusion into a computer or network by observation of actions, security logs, or audit data. Detection of break-ins or attempts either manually or via software expert systems that operate on logs or other information available on the network.

IP Spoofing
An attack whereby a system attempts to illicitly impersonate another system by using IP network address.

ISP (Internet Service Provider)
A company that provides internet service to residential and business customers.

L     Top of Page

LAN (Local Area Network)
A collection of computers linked together by an network.

Letterbomb
A piece of email containing live data intended to do malicious things to the recipient's machine or terminal. Under UNIX, a letterbomb can also try to get part of its contents interpreted as a shell command to the mailer. The results of this could range from silly to denial of service.

M      Top of Page

Mailbomb
The mail sent to urge others to send massive amounts of email to a single system or person, with the intent to crash the recipient's system. Mailbombing is widely regarded as a serious offense.

Malicious Code
Hardware, software, of firmware that is intentionally included in a system for an unauthorized purpose; e.g. a Trojan horse.

Malware
A generic term increasingly being used to describe any form of malicious software; eg, viruses, trojan horses, malicious active content, etc...

N      Top of Page

News Groups
Electronic bulletin boards where messages can be posted (similar to an email) and then read and replied to by anyone who subscribes to the News Group (subscription costs nothing). There are thousands covering all sorts of interests, many eccentric.

Net Send Spam
Windows messenger vulnerability also known as net send spam, messenger spam or winpopup. These types of ads usually take the form of a gray pop up box bearing spam (unsolicited advertisements) with an "OK" button.

Network
Two or more machines interconnected for communications.

Network Security
Protection of networks and their services from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects. Network security includes providing for data integrity.

P      Top of Page

Packet
A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and message.

Packet Filter
Inspects each packet for user defined content, such as an IP address but does not track the state of sessions. This is one of the least secure types of firewall.

Packet Sniffer
A device or program that monitors the data traveling between computers on a network.

Penetration
The successful unauthorized access to an automated system.

Penetration Testing
The portion of security testing in which the evaluators attempt to circumvent the security features of a system. The evaluators may be assumed to use all system design and implementation documentation, that may include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints applied to ordinary users

Perpetrator
The entity from the external environment that is taken to be the cause of a risk. An entity in the external environment that performs an attack, i.e. hacker.

Ping of Death
The use of Ping with a packet size higher than 65,507. This will cause a denial of service or DOS attack.

POP, or POP3
Stands for Post Office Protocol and is the standard protocol used to send and receive email.

Popup
A new browser window that appears un-requested (by you) on your screen. A gratuitous, easily-programmed visual effect exploited by many web sites often to the consternation of the hapless user. Commonly used for advertisements. Particularly annoying are those termed exit popups: browser windows that spring to life when you leave a site or when you close a browser window. (Scripting languages call these "onUnload" and "onClose" events.) We have never encountered one of these that was useful.

Popup blocker or Popup stopper
A program that helps to prevent unsolicited windows from appearing on your screen; these windows usually contain advertisements.

Port Scan
A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed for weakness.

Probe
Any effort to gather information about a machine or its users for the apparent purpose of gaining unauthorized access to the system at a later date.

Protocol
An agreed way for two computers to communicate.

Proxy
A firewall mechanism that replaces the IP address of a host on the internal (protected) network with its own IP address for all traffic passing through it. A software agent that acts on behalf of a user, typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.

R     Top of Page

Realtime Blackhole List (RBL)
A means by which an Internet site may publish a list of IP addresses, in a format which can be easily queried by computer programs on the Internet. As the name suggests, the technology is built on top of the Internet DNS or Domain Name System. DNSBLs are chiefly used to publish lists of addresses linked to spamming. Most mail transport agent (mail server) software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.

Replicator or Replication software
Any program that acts to produce copies of itself examples include; a program, a worm, a fork bomb or virus. It is even claimed by some that UNIX and C are the symbiotic halves of an extremely successful replicator.

Retro-Virus
A retro-virus is a virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.

Reverse DNS (PTR)
A  process to determine the hostname associated with a given IP address.

Router
An interconnection device that is similar to a bridge but serves packets or frames containing certain protocols. Routers link LANs at the network layer.

S     Top of Page

Scanner
A program which examines computers and network systems examining configurations and looking for security vulnerabilities. This type of program can be used by both defenders and attackers.

Security
A condition that results from the establishment and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences.

Security Incident
Any act or circumstance that involves classified information that deviates from the requirements of governing security publications. For example, compromise, possible compromise, inadvertent disclosure, and deviation.

Server
A system that provides network service such as disk storage and file transfer, or a program that provides such a service. A kind of daemon which performs a service for the requester, which often runs on a computer other than the one which the server runs.

SMTP (Simple Mail Transfer Protocol)
A protocol used to send email.

Spam
Unsolicited email, also sometimes called "Junk Mail". "Spamming" is an inappropriate attempt to use a mailing list to send the same message to a large number of people who didn't ask for it.

Spoofing
Pretending to be someone else. The deliberate inducement of a user or a resource to take an incorrect action. Attempt to gain access to an AIS by pretending to be an authorized user. Impersonating, masquerading, and mimicking are forms of spoofing.

Spyware
A general term for a program that surreptitiously monitors your actions. While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to employ spyware to gather data about customers. The practice is generally frowned upon.

SSL (Secure Sockets Layer)
SSL is a protocol method of passing sensitive information, such as credit card details, over the Internet. All communication is encrypted to prevent eavesdropping. An SSL URL is preceded by https:// instead of http://.

T      Top of Page

Telnet
A protocol used to logon to a remote computer. The method provides a remote console allowing resident commands to be implemented.

TCP/IP (Transmission Control Protocol/Internet Protocol.)
The suite of protocols the Internet is based on.

Terminal Hijacking
Allows an attacker, on a certain machine, to control any terminal session that is in progress. An attack hacker can send and receive terminal I/O while a user is on the terminal.

Threat
The means through which the ability or intent of a threat agent to adversely affect an automated system, facility, or operation can be manifest. A potential violation of security.

Threat Assessment
Process of formally evaluating the degree of threat to an information system and describing the nature of the threat.

Trace Packet
In a packet-switching network, a unique packet that causes a report of each stage of its progress to be sent to the network control center from each visited system element.