As we enter 2010 and become increasingly reliant on technology, computers, and the internet to manage resources and operations in both the private and public sectors, we believe that cyber crime and cyber terrorism will become the "threat of the new millennium."
The FBI defines terrorism as "the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives." One description for cyber terrorism would be the FBI's definition of terrorism with an explanation of cyberspace immediately following.
Therefore, cyber terrorism is defined as the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives in the worldwide network of computer and/or computer networks that use the TCP/IP network protocols to facilitate data transmission and exchange.
If cyber space is a type of community, a giant neighborhood made up of networked computer users around the world, then it seems natural that elements of a traditional society can be found taking shape as bits and bytes. Electronic merchants engage in electronic commerce, plugged-in educators provide networked education, and doctors meet with patients in offices on-line. It comes as no surprise that there are also cyber criminals committing cyber crimes.
The original Internet operated in a single domain of trust and assumed that its users would be honest and reliable. This model has changed. The group of Internet users has grown to include any individual in the world who has access to a PC, a modem, and a telephone line. A segment of this population of users has proven to be dishonest, unreliable, and dangerous.
Because the Internet was designed as an open system, there was little provision for basic security. The current Internet technology does not include a standard for reliably identifying individuals or servers that are connected to the Internet. The standard Internet technology passes data in open text allowing easy access for prying eyes. These basic security vulnerabilities, as well as others, make this data transport medium a technology with major security concerns.
Most companies rely heavily on private computer networks to support their business activities. These networks are generally more expensive than using the Internet for transporting business information. In addition, companies are under great pressure to open their networks in order to support home and mobile workers, provide Internet access, and create opportunities for business. These economic pressures have persuaded most organizations to move toward the expanded use of the Internet. The increasing openness of private networks to the Internet makes them more vulnerable to attack.
The Internet is being used for purposes far beyond its original design intent. It is becoming as part of business processes and is changing the way organizations define themselves. Internet use has its risks that continue to increase as the technology changes. Organizations that choose to use the technology must be willing to manage the risks.
Threats and Countermeasures
• Firewalls and System Probing
Hackers are using sophisticated, automated tools to scan for vulnerabilities in a company’s corporate network and systems behind the firewall. These hacker tools have proved to be quite effective.
Solution: Organizations can prevent this by ensuring that their systems sit behind a network firewall and that any services available through this firewall are carefully monitored for potential security exposures.
• Network Operating
Hackers attempt to exploit well-known vulnerabilities in the network operating systems that are used to share files between computers. These attacks, usually through network firewalls, can result in compromised administrator access.
Solution: To combat this, ensure systems do not allow operating systems access through the firewall, and enable access controls to restrict who can access files.
• Electronic Mail Attacks
Hackers can compromise network systems by simply sending e-mail to it. Companies who accept e-mail from the Internet and who have exposed versions of the send mail program are potential targets from this attack. In 1994, more than 20,000 systems were compromised due to this exposure.
Solution: To prevent this from occurring, check with vendors to ensure systems are running a current version of send mail or a more secure mail product.
• Vendor Default Password Attack
Systems of all types come with vendor installed user id names and passwords. Hackers are well educated on these default user names and passwords, and use the accounts to gain unauthorized administrative access to a system.
Solution: Protect systems by ensuring that all vendor passwords have been changed.
• Spoofing, Sniffing, Fragmentation and Splicing Attacks
Computer hackers have been using sophisticated techniques and tools at their disposal to identify and expose vulnerabilities on Internet connected private networks. These tools and techniques can be used to capture names and passwords, as well as compromise trusted systems through the firewall.
Solution: To protect systems from this type of attack, check with computer and firewall vendors to identify possible security precautions and tools. Tools would include advanced authentication and encryption systems.
• Social Engineering Attacks
Hackers will attempt to gain sensitive or confidential information from companies by placing calls to employees and pretending to be another employee. These types attacks can be effective in gaining user names and passwords, as well as other sensitive information.
Solution: Train employees to use identification processes to verify the caller’s identity.
• Easy-to-Guess Password Compromise
Most passwords that are easy to remember are also easy to guess. These include words in the dictionary, common names, slang words, song titles, etc. Computer hackers will attempt to gain access to systems using these easy-to-guess passwords usually via automated attacks.
Solution: Protect systems by ensuring that passwords are not easy to guess, that they are at least eight characters long, contain special characters, and utilize both upper-case and lower-case characters.
• Destructive Computer Viruses
Computer viruses can infect systems on a widespread basis in a very short period. These viruses can be responsible for erasing system and user data.
Solution: Protect systems from computer viruses by using anti-virus software and stand-alone scanning stations.
• Transitive Trust
Computer hackers will scan command history files for invocations of the "rlogin" command to discover the user that access remote networks. Attacker compromises the user’s account and has a foothold into your entire network.
Solution: System administrators must be careful to map out trust relationships between hosts on networks. Keep workgroups of hosts from cross-sharing too many common users and file systems. You may want to consider internal firewalls.
• Trojan Horses
Hackers will install "backdoor" or "Trojan Horse" programs on business computer systems, allowing unrestricted access into internal systems, which will bypass security monitoring and auditing policies.
Solution: Conduct regular security analysis audits to identify potential security vulnerabilities and to identify security exposures.
The above list is not all-inclusive and does not include internal organizational issues like: proper business use, customer privacy, trademark violations, intranet concerns, and others. The list of security issues will continue to change and grow along with the technology. Connecting an organization’s network to the Internet has risks that must be managed. In addition to the above solutions, many organizations have chosen to use advanced authentication and encryption systems to reduce their organization’s exposure to Internet hazards. These advance security systems provide the added advantage of improving internal security. After all, history has shown that most security incidents occur from within the organization.
Cyber Terms
Note: For a quick search of terms, use the “Edit” “Find” function.
(TM)
ASCII rendition of the trademark-superscript symbol appended to phrases that the author feels should be recorded for posterity, perhaps in future editions of this lexicon. Sometimes used ironically as a form of protest against the recent spate of software and algorithm patents and 'look and feel' lawsuits.
120 reset
/wuhn-twen'tee ree'set/ /n./ [from 120 volts, U.S. wall voltage] To cycle power on a machine in order to reset or unjam it.
1TBS
One True Brace Style
2600
A hacker organization whose main product is 2600 magazine. This publication has (at times) been considered the premier hacker print product.
4.2
/for' poynt too'/ /n./ Without a prefix, this almost invariably refers to BSD Unix release 4.2. Note that it is an indication of cluelessness to say "version 4.2", and "release 4.2" is rare; the number stands on its own, or is used in the more explicit forms 4.2BSD or (less commonly) BSD 4.2. Similar remarks apply to "4.3", "4.4" and to earlier, less-widespread releases 4.1 and 2.9.
8lgm
8 Little Green Men hacker group that compiles and distributes security tips
back door
A hole in the security of a system deliberately left in place by designers or maintainers. The motivation for such holes is not always sinister; some operating systems, for example, come out of the box with privileged accounts intended for use by field service technicians or the vendor's maintenance programmers.
backward combatability
/bak'w*rd k*m-bat'*-bil'*-tee/ /n./ A property of hardware or software revisions in which previous protocols, formats, layouts, etc. are irrevocably discarded in favor of `new and improved' protocols, formats, and layouts, leaving the previous ones not merely deprecated but actively defeated. (Too often, the old and new versions cannot definitively be distinguished, such that lingering instances of the previous ones yield crashes or other infelicitous effects, as opposed to a simple "version mismatch" message.) A backwards compatible change, on the other hand, allows old versions to coexist without crashes or error messages, but too many major changes incorporating elaborate backwards compatibility processing can lead to extreme software bloat.
bag on the side
An extension to an established hack that is supposed to add some functionality to the original. Usually derogatory, implying that the original was being overextended and should have been thrown away, and the new product is ugly, inelegant, or bloated. Also /v./ phrase, `to hang a bag on the side [of]'. "C++? That's just a bag on the side of C ...." "They want me to hang a bag on the side of the accounting system."
bandwidth
This refers to the maximum amount of data which can be carried at a given time by your internet connection (modem - phone line - ISP). A low bandwidth connection means your internet connection will be slower, pictures will take more time to download, and if you are a private user, your phone bills will be higher! Think of bandwidth like a tube line. Some passengers wanting to travel at busy times will be disappointed - they won't fit on the train and will have to wait for the next one. This is what happens when you try to access the internet with low bandwidth at busy times - even simple pages can take longer, and large complex images could take (seemingly) forever.
bang addressing
Bang is depicted by the exclamation (!) symbol. In domain name addressing, the mailbox name, organization name, and the name of the network are separated by ! and read from right to left. For example, mynetworking!myorg!mybox.
banners
Banners are the basic unit of advertising on the Web. They were pioneered by GNN and HotWired back in the frontier days of 1994 and are now nearly ubiquitous, appearing in all sorts of shapes, sizes, and locations.
basic input/ouput system
Provides the basic instructions for controlling system hardware. BIOS is coded into the ROM of some computers.
Basic Networking Utilities (BNU)
One of several updated versions of UUCP Version 2.
baud rate
The speed at which your modem can transmit and receive information. It was the prevalent measure for data transmission speed until replaced by a more accurate term, bps (bits per second).
bdflush
A UNIX shell daemon program that executes every 30 seconds, flushing disk buffers, and serving to update the file system.
behavior
Microsoft implemented the behavior attribute of Cascading Stylesheets in a way that enabled object-oriented programming to enter the world of Web authoring. By encapsulating dHTML in an external object, the properties and methods of that object can be used. A Web page can then use these objects with the behavior attribute. This means, for example, that a Web author no longer has to perform an explicit browser detection.
bell-la padula security model
A formal transition model of computer security policy that describes a formal set of access controls based on information sensitivity and subject authorizations.
benign environment
A safe data environment, usually protected from external malicious elements by security precautions.
bestcrypt
Software by Jetico Inc., that creates and supports encrypted virtual disks, visible regulardisks with typical drive letters, The data stored ona BestCrypt disk is stored in container file, and encrypted using DES.
between-the-lines entry
Access that an unauthorized user gets, typically by tapping the terminal that is inactive at the time, of a legitimate user.
biba integrity model
A formal security model for the integrity of subjects and objects in a system.
bind
To make an association between two or more objects, programming objects or networking components, for example.
bit
Binary digit the smallest unit of data used in computing. Its value is either zero or one.
bit depth
Bit depth describes the file size of an image by orders of magnitude. When wrangling with file size versus image quality, it's often important to minimize the bit depth of an image while maximizing the number of colors. To calculate the maximum number of colors for an image of a particular bit depth, remember that the number of colors is equal to two to the power of what the bit depth is. For example, a GIF can support up to eight bits per pixel, and therefore can have as a many as 256 colors, since two to the power of eight equals 256.
bitmap (.bmp)
A bitmap is a mapped array of pixels that can be saved as a file. Both JPEG and GIF are bitmap graphic formats. Currently, the only other way to store an image is as a vector graphic. You can't easily scale bitmap images, but you can control every single pixel and thus achieve many effects impossible in vector graphics. Conversely, vector formats offer advantages of scalability and lower bandwidth requirements. When you compress a bitmapped image, you suck out some of the visual information. To bypass this, the portable network graphics format (or PNG, pronounced "ping") was designed to store a single bitmap image for transmittal over computer networks without losing this data.
Bits Per Second (BPS)
A measurement of the rate that data is transferred. The data rate of your modem and computer affects the speed that you can transmit or receive information over the internet. Upgrading your modem or the computer itself can increase the speed of data transfer and help save you money on your phone bill.
blob
Binary Large Object, used to describe any random large block or bits, usually a picture or sound file; can be stored in a database but normally not interpretable by a database program. Can be used as a mild hacker threat (mailbomb) when mailed. Can also be used to hide malicious logic code.
block
A unit of storage for data and other information
blue box devices
Gadgets created by crackers and phone hackers (phreakers) to break into the telephone system and make calls bypassing normal controls and/or billing procedures.
BNC (Bayonet Neil -Concelman)
A type of connector used to join a coaxial cable with a 10BASE-2 Ethernet network.
bomb
A general synonym for crash, normally pertaining to software failure.
boolean search
A Boolean search is one formed by joining simple terms in a logical way with "AND", "OR" and "NOT". The search can be built up using the connecting words several times and bracketing terms together. So if you want to find a website about trout fishing in the United Kingdom but keep getting articles about diving you could use the Boolean search "trout AND (fish OR fishing) AND (UK OR United Kingdom) NOT diving".
boot
To start up a computer, which involves loading the operating system and other basic software.
boot sector infector
A virus that infects the sector on a floppy disk from which a computer boots up.
bootstrap protocol (BOOTP)
A protocol that is used to automatically configure a network machine and or boot or initiate the operating system without user involvement.
breach
The successful defeat of security controls whichy could result in a penetration of the system. A violation of controls of a particular information system such that information assets or system components are unduly exposed.
bridge
A bridge connects a network to another network that user the same protocol. In bridging networks, messages are sent to every address on the network but accepted only by the intended destination node.
broadcast command
When a network is weighed down with continuous broadcast or multicast traffic. A broadcast storm may result in total loss of network service as packets multiply.
browser
Browsers are software programs that view Web pages and help you move through the Web. The browser that triggered the WWW explosion was Mosaic, a public domain graphical user interface (GUI) from the National Center for Supercomputer Applications (NCSA). Released in 1993, Mosaic made it possible to design documents containing images for display over the Internet. Up to that point, an Internet document was basically just a bunch of text on a server. In 1994, Mosaic ship-jumper Marc Andreessen released Netscape 1.1, following Mosaic's successful lead, by distributing the browser free of charge on the Internet in order to establish a wide user base.
buffer
A predefined space in memory or on disk, used to hold data while a computer system catches up. A buffer is like a queue, or a holding pen.
buffer overflow
When more data goes into a buffer (data holding area) than goes out. This is often due to a mismatch in processing rates between the producing and consuming processes. It can result in system crashes or the creation of an unexpected avenue to illegal system access.
bug
An unwanted and unintended attribute of a program or piece of hardware, especially one that causes it to malfunction.
bugtraq
A full-disclosure moderated mailing list for the discussion and announcement of computer security vulnerabilites. .
Bulletin Board System (BBS)
A system for 'posting' messages to other people - either to a specific person or, more commonly, to a whole group of people who will typically share an interest or an occupation. Most BBS's are very small, running on a single PC with 1 or 2 modems. Think of it as similar to the notice boards often found in universities or large companies. There are private BBSs (some needing payment or regular subscription) and open BBSs, for everyone to access.
byte
Bytes, kilobytes (KB), megabytes (MB) and gigabytes (GB) are used to measure amounts of computer data. One byte is roughly the same as one character (letter) of text. One KB (or one K) is approximately 1,000 bytes, one MB is approximately 1,000 KB, and one GB is approximately 1,000 MB. Documents are usually measured in KB and computer memory in MB or GB. Each byte consists of a number of 'binary digits' or 'bits' (usually 8) which are the 1s and 0s that make your computer tick.
C++
An object-oriented programming language, C++ has been acclaimed as the best language for making large-scale application programs. C++ is a superset of the C language.
cache
Caching (pronounced CASH-ing) is a technique computers use to save memory by storing frequently accessed files. Similarly, Web browsers have caches that keep recently downloaded Web pages handy, often as a list of links on the browser's toolbar. Browser caches are typically kept on your local drive, and you can usually adjust the amount of memory or disk space allotted for the cache. The benefit of Web caches is that you can access a cached page much more quickly than if you downloaded it from a distant server.
capability
Identification of an object that specifies the access privileges given to the accessor possessing the ability.
carrier sense mutiple access with collision detection(CSMA/CD)
The most popular method of controlling information transfer on an Ethernet network.
cartesian join
An unconditional join between two tables resulting in a match between every row in one table and every row in another table.
central processing unit (CPU)
Often called the processor, this is the most important element of a computer system because it is where most calculations occur.
certification authority
An issuer of Digital Certificates, such as those used in SSL conversations.
certifications
A thorough evaluation of security features as well as the verification that the designs and implementations of those features adhere to set of security requirements protocols.
changes root directory (CHROOT)
A UNIX command that forces the root directory to become something other than its default for the duration of the current task.
channel definition format (CDF)
Microsoft developed the channel definition format (CDF) as an application of the eXtensible markup language (XML), proposing it as a standard for push media. CDF allows Web publishers to push content at users through a channel, similar to Marimba's Castanet or Netscape's NetCaster. New content posted to a channel's Web server will push any software that supports the CDF format. One piece of software that doesn't support CDF, however, is anything written by Netscape, which uses its own NetCaster. While Microsoft has an advantage in working with the World Wide Web Consortium (W3C), it hasn't yet defined a user interface for the channels. Conversely, Marimba and Netscape aren't overtly trying to write a standard specification.
channels
Channels are the way in which push media deliver content. In Netscape's Netcaster, content can be brought onscreen without reloading the page or redrawing the whole screen. One interesting feature of the layer tag is the ability to change the source dynamically. For example, the Wired News section of the HotWired channel keeps one layer filled with the latest Wired News summary and reserves another for loading any story selected by the user.
chat script
A script made up of pairs of strings and used in a number of applications, but especially dailing out on modems or logging in to remote systems. A program waits to see the first chat script string called the "expect" string, and then transmits the second string, the "send" string.
chernobyl packet
Also called Kamikaze Packets. A network packet that induces a broadcast storm and network meltdown. Typically an IP Ethernet datagram that passes through a gateway with both source and destination Ethernet and IP addresses set as the respective broadcast addresses for the subnetworks being gated between.
chklastlog
To guarantee no entries were deleted, this UNIX utility examines the lastlog and WTMP files. Also, chkwtmp.
circuit level gateway
A firewall that validates TCP and UDP sessions before opening a connection. After handshake, it passes everything through until the session is ended.
client
A software program or computer that is served data or resources from a server software program or computer.
clipper chip
A tamper-resistant VLSI chip designed by the NSA for encrypting voice communications. It conforms to the Escrow Encryption Standard (EES) and implements the Skipjack encryption algorithm.
closed security environment
An environment where configuration controls ensure sufficient access to protect applications and equipment from implementation of malicious logic.
closed source
A software program, the source code of which is proprietary, and thus closed to public inspection. The opposition of closed source is open source.
color look-up table (CLUT)
In computer graphics, a color look-up table, or CLUT, is the set of available colors for a given application. For example, a 24-bit system can display 16 million unique colors, but a given program would use only 256 of them at a time if the display is in 256-color mode. The CLUT in this case would consist of the 16 million colors, but the program's palette would contain only the 256-color subset. To avoid dithering (i.e., varying the pattern of dots in an image) on 8-bit machines, you should only use colors from a predesignated CLUT.
comma-delimited file
A format for extracting data out of a database and placing it into a plain text file. Each line in the file contains one row and each column is separated from the following column by a comma.
Common Gateway Interface (CGI)
CGI allows a webpage to access programs running on external computers and 'report back' on the results. Uses for CGI include order forms, searchable databases and chat forums. Because CGI enables information to be processed on another computer and sent back to you as a webpage, you don't need a special browser to view this kind of website. In fact if you've ever used a search engine you've probably used a CGI.
communications security (COMSEC)
Measures taken to deny unauthorized persons access to classified information derived from telecommunications belonging to the U.S. Government, and to ensure the authenticity of such telecommunications.
companion virus
A virus that uses a similar name and rules of program precedence as a certain program, in order to associate itself with that program.
complex instruction set computer (CISC)
Most PC's use a CISC architecture in which the CPU supports as many as two hundred instructions.
compromise
An intrusion of security policy, which has the potential of disclosing private system information to an unauthorized user.
compromising emanations
Unintentionally transmitted signals, which divulge information.
computer abuse
The willful or negligent unauthorized activity that affects the availability, confidentiality, or integrity of computer resources. Computer abuse includes fraud, embezzlement, theft, malicious damage, unauthorized use, denial of service, and misappropriation.
Computer Emergency Response Team (CERT)
Supports others in enhancing the security of their computing systems; develops standardized set of reponses to security problems; provides a central point of contact for information about security incidents; assists in collecting and disseminating information on issues related to computer security, including information on configuration, management and bug fixes for systems.
computer fraud
Crimes involving deliberate misrepresentation or alteration of data in order to obtain something of value, perpetrated via or with regard to computers and/or information networks.
computer security (COMPUSEC)
The protection resulting from all measures to deny unauthorized access and exploitation of friendly computer systems. This involves the measures and controls that ensure confidentiality, integrity, and availabilty of the information processed and stored by a computer; these include policies, procedures, and the hardware and software tools necessary to protect the computer systems and the information processed, stored, and transmitted by the systems.
computer security technical vulnerability reporting program (CSTVRP)
A program that deals with technical weaknesses in commercially available hardware, firmware and software products.
computer, operations, audit and security technology (COAST)
A mutiple project, mutiple investigator laboratory of computer security research at the Computer Sciences Department of Purdue University. COAST colaborates with corporations regarding real-world information security issues.
concealment system
A system for keeping the confidentiality of sensitive information concealed by embedding it in irrelevant data.
configuration control
The management of changes to a system's hardware, firmware, software, and documentation, ensuring that a system is safe from improper alterations before, during, and after system implementation.
confinement
The isolation of sensitive data in order to avoid the risk of disclosure.
contamination
Lower-level data is contaminated by intermixing of higher-level data, resulting in altered security specifications, which are based on the unique requirements of differing levels of data.
contingency plan
An emergency response plan that involves taking action to make sure a program's security will guarantee the availability of crucial resources in an emergency situation.
controlled sharing
The access control that is applied to all users and components of shared system.
cookie
A cookie is a general mechanism which some sites use to record information about your trip to the site, the type of browser you are using and the way you move around within the site. Cookies are not necessarily an intrusion on your privacy - a useful and timesaving cookie could record the fields of a database you have shown interest in (weather in certain named cities, price of certain shares, hobbies you are keen on) and then on subsequent visits give you information relating to these fields without you having to specify them all over again.
cost-risk analysis
Assessment of the cost of adding data protection features to a system versus the cost of losing or compromising the data.
countermeasures
Action, device, procedure, technique, or other measure that reduces the vulnerability of an automated information system. Countermeasures that are aimed at specific threats and vulnerabilities involve more active techniques as well as activities traditionally perceived as security.
covert channel
An avenue of communications that enables two processes to send in a manner that defies the host systems's security policy.
crack
A popular type hacking tool used to defy the copyright protection measures of a program, or to decode encrypted passwords. System administrators also use cracks to assess weak passwords chosen by novice users, in order to enhance the security of an information system.
cracker
A label for someone who attempts to break into a computer system. More specifically, the term is used to denote anyone whose goal is simply to access a computer system without or regardless of manipulative/destructive intent.
cracking
The act of breaking into computer system.
crash
When your computer stops working. It may pause or 'freeze' up, or tell you to restart or quit. You may then find you have lost data or programs written since it was last 'backed up'. A computer crash should not necessarily be seen as a major problem, as in most cases the computer should restart again with no major problems. However, it is important to backup your data in case you do have major problems.
cron
A UNIX command used to schedule jobs to be at executed at predetermined times.
cryptanalysis
1) The analysis of a cryptographic system and/or its inputs and outputs to derive confidential variables and/or sensitive data. 2) Operations performed in converting encrypted messages to plaintext without initial knowledge of the crypto-algorithm and/or key employed in the encryption.
cryptographic hash function
A process that computes a value (referred to as a hashword) from a particular data unit in a manner that, when a hashword is protected, manipulation of the data is detectable.
cryptography
The science concerning the principles, means, and methods for rendering plain text untelligible, and for converting encrypted messages into intelligible form.
cryptology
The science which deals hidden, disguised, or encrypted communications.
cut and paste
Cut and paste refers to selecting some data (text, graphics, etc.) and using the Edit menu to Cut or Copy from a document and then Paste, either to a new location in the same document, or into another document.
cyan magenta yellow black (CMYK)
CMYK stands for cyan magenta yellow and blacK and is a color system used in the offset printing of full-color documents. Offset uses cyan, magenta, yellow, and black inks and is often referred to as "four-color" printing. Monitors use red, green, and blue light instead, so they display images using a different color system called RGB. One of the great problems of the digital age has been matching colors between these two systems; i.e., taking a digital RGB image and making it look the same in print using CMYK. These problems are addressed by applications such as the Pantone Matching System (PMS).
cyberspace
Metaphorically, the realm of information activities and entities resident, so to speak, in data networks and accessible via computers; the global world of internetted computers and communication systems; the notional environment within which electronic communication occurs. The space of virtual reality. A term used to refer to the entire collection of sites that can be accessed electronically. Information-space of a computer system or system of networks.
daemon
A background process that runs a specified operation at predetermined times or in response to particular events.
data
Representation of facts, concepts, or instructions in a formalized manner suitable for communication, interpretation, or processing by humans or by automatic means. Any representations such as characters or analog quantities to which meaning is or might be assigned.
Data is information stored on a computer or transmitted electronically. It takes the form of 1s and 0s. The data that your internet connection sends to you in the form of 0s and 1s is converted into what you see on the screen. When a data error occurs, the 1s and 0s get mixed up or garbled and this causes unexpected things to happen.
data access arrangement (DAA)
The electronic interface and modem within a computer that is required for any device connected to a public telephone line. DAA's are present in fax machines, PBX's, set-top boxes, and alarm systems.
data binding
As a computer science term, data binding is the substitution of a real value in a program after it has been compiled. For example, during compilation a compiler can assign symbolic addresses to certain variables or instructions. When the program is bound, or linked, the binder replaces the symbolic addresses with real machine addresses. The moment at which binding occurs is called "bind time" or "link time." In dHTML, data binding allows the client to look into a database and retrieve the content. This data can be automatically displayed in your table using the HTML data binding extensions, or you can manipulate the data with a script. Currently, dHTML data binding is only supported by Microsoft Internet Explorer.
data driven attack
A form of attack that is carried out by malliciously encoding a seemingly innocuous piece of data, which is executed by a user or a process to unknowingly cause damage. A data driven attack is a concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall.
data encryption standard
A private key cryptographic algorithm for the protection of data. The DES is intended for public and government use. The DES offers 72 quadrillion possible keys.
data type
JavaScript's ability to distinguish data types is similar to a human's ability look at a number and know that it's a batting average or a percentage or a price tag. We use signs like % and $ to connote these sort of data types. In JavaScript, programs can manipulate data types according to how each type is expressed. These data types include integer, string, Boolean, functions, and objects.
data/digital service unit (DSU)
A device used to convert LAN data frames to a format that can be transmitted via connectivity provided by the telecommunications industry( i.e. T-1's), and back again.
database
A software application that is designed to store repetitive data (such as an address list) and sort it in many ways. Complex databases can have links between different types of data so for example a database could be used to see how many books have been borrowed by a particular person from a library.
datagram
According to RFC 1594, "a self-contained, independent entity of data carrying sufficient information to be routed from the source to the destination computer without reliance on earlier exchanges between this source and destination computer and the transporting network."
debugger
A special program used to find errors in other programs. It allows a programmer to examine and correct errors.
decryption
The process of decoding data that has been encrypted into a secret format. Decryption requires a secret key or password.
Defense Advanced Research Projects Agency (DARPA)
The organization that sponsored ARPANET, the defense network responsible for standardizing the TCP/IP protocols and giving birth to the Internet.
degradation of service
Any reduction in service processes' reaction/response time, quantitative throughput, or quality parameters. This term is often used to denote the general set of service(s) impairment(s) which at the extreme constitutes an absolute denial of service. Note that a disruptive tactice capable of only degrading service(s) may reult in a complete denial of said service(s) from the perspective of the end user.
demon dialer
A program which repeatedly calls the same telephone number. This is benign and legitimate for access to a BBS or malicious when used as a denial of service attack.
denial of service
Denial of service attacks may include denying services or processes limited to one host machine. However, the term is most often invoked to connote action against a single host (or set of hosts) which results in the target's inability to perform service(s) for other users -- particularly over a network.
One may consider denial of service to be the case of degradation of service in which one or more normal functions parameters get zeroed out, at least as far as the end user is concerned.
denial time
The average length of time that an affected asset is denied to the organization. The temporal extent of operational malaise induced by a denial of service attack.
desktop
A desktop is the metaphor used to portray files on most computers. It consists of pictures, called icons, that show cabinets, files, folders, and various types of documents (that is, letters, reports, pictures). When all other applications have been shut down the desktop remains until the computer itself is closed down.
device
Any machine or component that attaches to a computer, i.e. a disk, drive, a printer, mouse, or a modem.
device file
A file that controls what physical devices are available for carrying UUCP connections and their configuration parameters.
dial-back authentication
A safety measure wherein a hosting modem dials back to a predefined number to resume contact and continue with authentication of a dialing user. An added level of security involves calling back with a dedicated bank of dial-out only modems, an inpractical solution for companies with many dialing users.
dial-up
An internet connection using a phone line. You have to dial a number (using your computer) and usually give a password before you can gain access to the internet, email, etc.
dialcode
Text used to designate a dial string, or a file containing that text.
dialer
A program containing that commands needed to allow a modem or other device to make a call.
digital audio tape (DAT)
A digital storage media type, capable of string up to 24 gigabytes of data.
digital liner tape (DLT)
An expensive media type that stores up to 70 gigabytes of data; sometimes used to back up large networks.
Digital Video Disc (DVD)
An optical storage medium similar to CD-ROM. DVD drives can read ordinary CD-ROM discs as well as the newer DVD discs with much higher storage capacities. DVD makes it possible to have high-quality feature length movies on a single disc. DVD is a new format but in time it may well replace CD-ROM. Huge amounts of data can be stored on a single disc, around 4.7GB compared to 650MB on a CD-ROM.
disk operating system (DOS)
The first widely-installed operating system for personal computers. DOS is a non-graphical, line-oriented, command-driven operating system. Versions include MSDOS and PCDOS.
DNS spoofing
A form of spoofing which exploits the Domain Name Service (DNS) by which networks map textual domain names onto the IP numbers by which they actually route data packets.
document object model (DOM)
The document object model (DOM) is the proposed specification for how objects on a Web page are represented. Of course, Microsoft and Netscape each have their own versions of the DOM and have submitted them to the World Wide Web Consortium (W3C) to decide on a standard. A DOM defines each object on a Web page (images, text, scripts, links, etc.) and also defines what attributes are associated with these objects and how they can be manipulated. The fact that Netscape Navigator and Microsoft Internet Explorer use different DOMs is one reason why each browser's implementation of dHTML is different.
domain host configuration protocol (DHCP)
A protocol for centrally and automatically managing the assignment of IP addresses in a network.
domain information groper (DIG)
A command -line tool used to gather information from a Domain Name System server.
domain name
Every computer on the internet has a numerical address (e.g. the IP address of one of our computers is 38.214.213.253). To make this easier for us humans to remember websites are usually given a name so they can be found easily (e.g. www.dssrewards.net). This is known as a 'domain name'.
domain name system (DNS)
The domain name system (DNS) is an Internet service that translates domain names (like hotwired.com) into IP addresses (like 204.160.88.11). We use domain names because people can remember words better than numbers, but Web servers still need the IP numbers to access the page. Every time you use a domain name, a DNS server must translate the name into the corresponding IP address
download (noun)
A download is an upgrade, demo or new version of an application, which you can copy from somewhere else on the internet over to your computer. For example, you can get a download of upgrades to RealPlayer from the RealPlayer site. Downloads are usually free (apart from the phone bill). Downloads with a lot of graphics or sound may take much longer, as this kind of data tends to take up a lot of memory.
download (verb)
Downloading is the term used to describe contacting another computer using the internet (or another wide area network) and getting a file from it. Software can be downloaded from the internet and then installed on a computer. Downloading can involve the transmission of lots of data - pictures, sound files, long text documents, etc - and thus the rate your modem runs at and the bandwidth you have will dictate how long you have to wait for the information to arrive.
drag and drop
Drag and drop is the action of clicking on an icon or selection of some kind, holding the mouse button down and moving the mouse to 'drag' the selection to a new location. When the mouse button is released the item is 'dropped'. Drag and drop is used to move files between folders or to the Recycle Bin or Wastebasket.
dropper
An executable file that drops a virus when executed (run). A dropper creates a virus and infects the user's system when it is executed.
dumpster diving
A form of intelligence gathering in which cast-off articles and information are scavenged in an attempt to obtain advantageous data. For example, going through someone's trash to recover documentation of their critical data.
Dynamic Host Configuration Protocol (DHCP)
A protocol that automatically assigns or "leases" an IP address to each user.
Easter egg
An Easter egg is an unanticipated surprise which is in a Web site or an application program. Easter eggs often appear as messages, images, or sounds.
electronic frontier foundation (EFF)
The chief organization for preserving civil liberties on the Internet. Founded in 1990, the EFF examines issues such as free speech, encryption, privacy, and intellectual property, and lobbies for them.
electronic mail (e-mail)
Email consists of simple text files sent from one person to another. The basics are the same regardless of whether the email is sent within the same office network or across the internet - messages are stored in electronic mailboxes and may be opened by the intended recipient wherever they are in the world. As well as being a rapid (and cheap) messaging service, the most recent email software allows you to send and receive other kinds of files as attachments to simple text messages.
encapsulation
(1) In programming, the process of combining elements to create a new entity, such as a procedure. (2) In networking, synonymous with tunneling.
encrypting file system
A feature of the Windows 2000 operating system that allows any file or folder to be stored in encrypted form and decrypted only by an individual user or an authorized recovery agent.
encryption
A change made to data, code, or a file so it no longer can be read or accessed without processing or decrypting. Roughly synonymous with encoding.
entity relationship diagram
A style of drawing a relational database model that uses boxes, text lines, and a few simple symbols to represent the entities and relationships in the model.
entrapment
The deliberate planning of apparent flaws in a system for the purpose of detecting attempted penetrations.
error message
A 'complaint' by the computer when something has gone wrong. There will often be some type of jargon heavy explanation, maybe even involving an 'error code'. If you receive an error message online, restarting or having another go at the site will often allow you to continue as normal. If it doesn't, examine the text of the error code. If it mentions an application that you know you've got and aren't using at the time, disable the application and re-enter the site. If you still have no joy, get in touch with your technical support. If it turns out that all is working correctly, mail the webmaster of the site in question - they'll be pleased to know of any genuine errors.
ethernet
A very common method of networking computers in a LAN. Ethernet will handle about 10,000,000 bits-per-second and can used with almost any kind of computer.
ethernet sniffing
A form of sniffing directed at basic Ethernet traffic (e.g., by monitoring packets passing through / by a router) and screening for packets of interest (e.g., those containing or indicative of passwords). This process can be performed by automatic means, with the composite 'take' being logged into a summary form for further analysis and exploitation.
event
In the good ol' days, computers handled user interactions as input of batched data. The user fed a hunk of data in, the computer did something to that data, then produced the results. With the advent of interactive devices like the GUI interface, computers could display answers to computations onscreen. The input for these interactions are events caused by the user, which could be keystrokes, button clicks, or the position of the mouse pointer.
event handler
Event handlers are functions that handle client-side events. Commonly used JavaScript event handlers include onClick, onMouseOver, and onLoad. When one of these events occurs - the user clicks on a link, for example - the event handler for that event will be executed.
execute
To carry out a task or set of tasks. To execute a program, for example, is to load it into memory and run it. An executable file is a program file. To execute code is to carry out the instructions described by the code.
expressions
In JavaScript, expressions are phrases that the interpreter can evaluate. For example, x + 10 and x < 10 are expressions since they can be evaluated, while x = 10 is simply a statement. In linguistical terms, JavaScript is made up of sentences, phrases, and words. The sentences are JavaScript statements, in which an entire action is expressed. The phrases are JavaScript expressions, in which the elements of the action can be created and put together to make a statement. The words are JavaScript operators, which are used to act upon the data passed to them.
eXtended server-side includes (XSSI)
eXtended server-side includes (XSSI) is part of Apache, a freely distributed Web-server application that's used by many sites, including HotWired. The XSSI module (mod_include) defines a set of commands that Apache will parse after a page is requested, but before it's sent to the browser. Unlike client-side scripting languages such as JavaScript, XSSI isn't dependent on the capabilities of the browser and is relatively inexpensive for the server. XSSI allows a variety of variables to pass according to set parameters (this is where the \"extended\" part comes in), while server-side includes are usually limited to including HTML fragments into a served document.
external gateway protocol (EGP)
A protocol used to exchange routing information between the gateway hosts of two autonomous networks, each with its own router.
fiber distributed data interface (FDDI)
A standard for transmitting data on optical cables at a rate of around 100,000,000 bits-per-second (10 times as fast as Ethernet, about twice as fast as T-3).
file
A block of labeled data on disk. There are many of files, including data files, text files, program files, and directory files.
file allocation table (FAT)
Hard disks store and retrieve files using this filing system, which involves a table of file locations on the disk.
file extension
To distinguish between the different types of file some operating systems use 'file extensions' which are a group of letters added after a full stop at the end of the file name. A file name might be 'myfile.txt' where the '.txt' extension indicates a text file or 'thispage.html' where the '.html' extension indicates an HTML file.
file infector
A virus that attaches itself to, or associates itself with, a file.
file not found
The error message seen when you enter an incorrect URL address or enter an address for a site which has moved or is now defunct. Sometimes you will see reasons for the error message and sometimes a site will even display a "we have moved " page. Often an site not found is simply the result of a typing error or misspelling.
file system
Or, File Management System, the set of procedures that an operating system or program uses to organize and keep track of files.
file transfer protocol (FTP)
FTP is a mechanism by which files may be copied from one computer to another over the internet. To copy files onto a web server (in order to update or create a website) FTP software is required. The basic method for exchanging files on the Internet.
filter
A filter is a program that receives a specified kind of data, then manipulates and outputs the results. Visual filters as a part of dHTML modify the appearance of a control. In fact, a visual filter can have complete authority over the control's visual output. An Alpha filter, for example, can control the opacity of its target, while the author controls the amount of opacity expressed as a percentage. Currently, visual filters are only supported by Microsoft Internet Explorer.
finger
An Internet software tool for locating people on other Internet sites. Finger is also sometimes used to give access to non-personal information, but the most common use is to see if a person has an account at a particular Internet site. Many sites do not allow incoming Finger requests, but many do.
firewall
A high level computer program, usually running on a separate dedicated computer, which sits between a company's internal computer network and its internet connection, only allowing specific types of data through it. It protects the computer network and the data stored on it from prying eyes, hackers and viruses as a firetrap does in a forest.
firmware
Software that is stored permanently, usually on a ROM chip. Firmware is hard software, or soft hardware, depending on perspective.
fishbowl
To contain, isolate and monitor an unauthorized user within a system in order to gain information about the user.
font
A font is the overall design for a set of characters. It describes the size, weight, and spacing of a character and shouldn't be confused with a typeface, which is a more general term. Courier is a typeface; Courier 24-point bold is a font. Computers display fonts in either a bitmap or a vector format. In a bitmapped font, each character is represented by an arrangement of dots. In a vector font system, the shape or outline of each character is defined geometrically. Since a vector font is scalable according to the defined outline, a vector system can make many differently sized fonts from one defined set of characters. Currently, the most widely used vector font systems are PostScript and TrueType.
foreign key
The primary key of a reference table that is stored inside another table. The foreign key connects the two tables. It allows access to all the information stored in both tables without repeating data from either table, other than the key column.
fork bomb
A disruptive piece of code directed toward a UNIX-based system which causes runaway 'forking' (splitting/replication) of operating system processes to degrade or (if saturation is achieved) deny the target system's operations.
frames
Frames are a feature of HTML that allow several different pages to be displayed in one window at the same time. Lots of websites use frames to keep a standard navigation bar on screen at all times as you move around the website. However frames have many disadvantages. They make pages more difficult to print and they make pages more difficult to bookmark (because the browser may print or bookmark one of the frames you can see but not the one with the information you want).
free software
Free software is the generic term for software distributed under a particular kind of license that ensures that all users of the software are free to do with it as they please, including redistribution, as long as the free license remains intact. The source code must come with the program, and the whole package is usually available for free, although some charges for distribution and technical support may additionally (and optionally) be made.
freeware
Freeware is a rather vague term used to describe programs that are available for free. However, the original code for the program need not necessarily be available, which is the main difference between freeware and free software).
frequently asked questions (FAQ)
Originally designed to cut down on basic technical support, FAQ's list and answer the most common questions on a particular subject.
fully-qualified domain name
A complete domain name; not just the top level domain(.com/.net/.edu), or the second level domain (yahoo, securityportal), but the whole thing. "www.securityportal.com" is an FQDN.
function
A function is a named group of statements in a program that performs a task when it is invoked. Other programming languages make a distinction between a function, which returns a value, and a procedure, which performs some operation but does not return a value. Since JavaScript does not make this distinction, you can create functions that return values elsewhere in your code.
gateway
A piece of hardware or software that translates between dissimilar protocols, or any mechanism providing access to another system. A gateway is used to link dissimilar networks together. An Appletalk network and a Microsoft network must be linked by a gateway computer. An ISP links its modem users to the Internet via a gateway.
general protection fault
A system violation that causes a message informing a user that the application program they are operating is attempting to access data storage or system memory that is not available for their use.
getty
A UNIX shell daemon that displays a login prompt on terminals and serial devices that are directly joined to the system and the console.
gigabyte
1024 megabytes
gopher
A client/server program used to make menus of information available over the Internet. Gopher has been all but replaced by the World Wide Web.
graphical user interface (GUI)
A computer interface composed of graphical components, designed to allow a user to navigate a program without keyboard commands. Usually a windowing system.
Graphics Interchange Format (gif)
A GIF is a type of image file. It is the most common way to compress and store images for transfer over the internet.
hacker
The label 'hacker' has come to connote a person who deliberately accesses and exploits computer and information systems to which they have no authorized access. Originally, the term was an accolade for someone highly motivated to explore what computers could do and explore the limits of there skills.
hacker ethic
1. The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing open-source and facilitating access to information and to computing resources wherever possible. 2. The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality.
Both of these normative ethical principles are widely, but by no means universally, accepted among hackers. Most hackers subscribe to the hacker ethic in sense 1, and many act on it by writing and giving away open-source software. A few go further and assert that all information should be free and any proprietary control of it is bad; this is the philosophy behind the GNU project.
hacking
Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.
hacking run
A hack session extended long outside normal times, especially one longer than 12 hours.
handshake
An interchange of information between to remote processes, used to establish communications according to a certain protocol.
hard disk
A magnetic disk that can store computer data. Hard disks hold more data and are faster than floppy disks.
hard drive
The drive that reads and writes data to/from a hard disk.
hardware
Any physical component.
hardware address
Every network interface has a hardware address, unique to itself, and defined by the manufacturer. The software portion of network relies on hardware addresses to absolutely identify a machine.
hardware address spoofing
Spoofing at the hardware address level in order to violate security without being noticed.
harvest
An obsolete NSA computer system used to monitor telegraph traffic.
hash
A hash, also known as an associative array, is a collection of data in which each piece of data has two components: a key and a value. Much like the hash at your local diner, JavaScript hashes go unordered: They're not indexed by numbers. For example, if you wish to use JavaScript to put up a different GIF animation on your site every day of the week, you might throw all these animations into a hash associated to each weekday as a key. Then you would refer to the key day to invoke that day's animation.
For example, in a normal array, you'd have:
dinner[0] = "monkey brain"; dinner[1] = "meatloaf";
But in a hash, you could use a string as the index:
dinner["monday"] = "monkey brain"; dinner["tuesday"] = "meatloaf";
hexadecimal
The hexadecimal (base 16) number system used for Web-page design consists of 16 unique symbols: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. For example, the decimal number 15 is equal to the hexadecimal number F. In HTML, an RGB color can be designated by RRGGBB with the first two numerals representing the amount of red, the second two the amount of green, and the last two the amount of blue. If you wanted your background to be red, you could write the code for a body background color as . Black is the absence of all color and white is the presence of all color, so in hexadecimal, black is at the bottom of the system (no red, green, or blue: #000000) and white is at the top (the maximum amount of red, green, and blue: #FFFFFF).
history
A UNIX shell command that lists the details of the history log in sequential order.
history log
Stored by the UNIX shell, this log keeps an entry track of recent commands entered by the user.
hoax
In virus terms, an email that warns of an invalid viral infection or risk, causing more concern than necessary to the user.
hole
A gap system memory that is unallocated and unused. More casually, a hole is any means by which an intrusion may occur.
honey, dan, ber (HDB)
One of several updated versions of UUCP Version 2, which corrects certain design deficiences.
host
A single computer or workstation, connected to a network. Often refers to a computer which hosts services.
host name command
A command that determines the hostname of a computer, as opposed to only determining an IP address number.
host table
Used to look up a hostname, which translates into a corresponding IP address.
hostname
On the Internet, the name used to locate a host's IP-address.
hypertext
Hypertext is text which is arranged in a non-linear fashion. In the case of the Web, when you click on a link, you get taken somewhere else on the Web, whether to another section of the document that you are looking at already or to a page hosted on another site on another continent
hypertext markup language (HTML)
The primary language used to creat Web pages. HTML consists of normal text and special codes, called tags, which tell a Web browser how to display the text. Tags determine the size of the font, color of the background, and other formatting details.
hypertext transfer protocol (HTTP)
The conversation between browsers and servers takes place according to the hypertext transfer protocol, or HTTP. Written by Tim Berners-Lee, it was first implemented on the Web in 1991 as HTTP 0.9. Currently, Web browsers and servers support version 1.1 of HTTP. It supports persistent connections, meaning that once a browser connects to a Web server, it can receive multiple files through the same connection. The next version, known as HTTP-NG, or hypertext transfer protocol - next generation - which we hope won't be followed by HTTP Voyager - will improve upon the basic HTTP architecture by using modularity and layering.
icon
A small graphic which, when clicked using a mouse, launches an application, program or, in the case of the World Wide Web, performs a hyperlink. Its image defines its content - usually in a logical way. Thus, email applications are often depicted by a letter or stamp. A speaker icon provides access to your sound functions. Within an application icons are grouped together as 'toolbars' to provide quick access to particular functions. Newer applications usually provide a text explanation for each icon as the mouse pointer passes over it.
ICQ
Derived from the phrase, "I Seek You"- A downloadable program that lets a user know when friends and contacts are also online on the Internet. It works by paging a user and enables chatting.
image map
A navigational image divided into a number of 'hot spots'. which when clicked takes you to another piece of information. A link can take you to another part of the same webpage, another webpage in the same website, or a page from an entirely different website somewhere else on the internet. The mouse pointer (cursor) changes to a hand shape when passing over an image map to show that it may be clicked if desired.
industry standard architecture (ISA)
A widely compatible 8-bit and 16-bit bus architecture used in many older PC's (as opposed to PCI).
information security (INFOSEC)
The result of any system of policies and procedures for identifying, controlling, and protecting from unauthorized disclosure, information whose protection is authorized by executive order or statute.
information system
A system of software, firmware, and hardware used to store, manipulate, control display, transmit and /or receive data.
information terrorism
An ill-defined term invoked to connote cyberspace mischief undertaken with intentions or ramifications analogous to the fear-inducing physical attacks we associate with terrorist activity.
install
Before applications can be used they first need to be installed. The process of installing involves starting a set-up application (often called setup.exe on Windows and depicted by a diamond/arrow icon on a Mac) and following some instructions. Once files have been copied by the set-up application to all the correct places, application software can be started without having to repeat the install process. The most common ways to install programs is from CD-ROM or via the internet.
Integrated Services Digital Network (ISDN)
An agreed standard for digital communication over telephone lines. ISDN is based on the fact that modern telephone networks turn analogue sound waves into a digital format at the telephone exchange, send them to the destination telephone exchange as a digital signal (at 64kbps) and then turn them back into analogue sound waves again. An ISDN line eliminates the analogue portion and simply gives you a digital connection direct to the exchange.
Intel corporation
The largest computer chip manufacturer in the world. A great majority of PC's are based o Intel's x86 architecture.
interface
Connects two separate entities, such as a computer with a user, a program to a program, a device to device, or a program to a device.
International Business Machines (IBM)
A leader in the computing industry for decades. View the IBM Web site at http://www.ibm.com/.
international data encyrption algorithm (IDEA)
A 128 bit private key block cipher encryption/decryption alogorithm. IDEA is a very secure algorithm, and no successful attacks on it have been reported.
International Standards Organization (ISO)
ISO (International Standards Organization) entities, sometimes referred to as character entities, are a group of ASCII characters that can be used in HTML to display special characters. For example, you can't simply type the ? symbol from your keyboard since it's not a standard ASCII character; it'll show up as garbage on your Web page. But if you use the ISO entity equivalent, the Web browser will be able to interpret the character correctly.
internet
A worldwide network of computer and computer networks that use the TCP/IP network protocols to facilitate data transmission and exchange.
Internet Advertising Bureau (IAB)
The Internet Advertising Bureau is an industry organization dedicated to the promotion of Web advertising. They establish standards, conduct industry research, and talk up the Web as a marketing nirvana. The IAB has done good work in the areas of metrics and Web branding, but their vested interest in presenting a rosy image of Web advertising can also make them a tad biased.
internet control message protocol (ICMP)
A protocol used between a host server and an Internet gateway that governs message control and error-reporting.
internet information server (IIS)
Microsoft Web Server, which runs and is only available on Windows NT platforms or later.
internet message access protocol (IMAP)
A versatile way of managing e-mail messages on a remote server.
internet protocol (IP)
The protocol by which data is sent from one computer to another on the Internet.
Internet Protocol Address (IP Address)
Every computer on the internet has a numerical address (e.g. the IP address of one of our computers is 38.214.213.253). To make this easier for us humans to remember websites are usually given a name so they can be found easily (e.g. www.dssrewards.net). This is known as a 'domain name'.
internet protocol security (IPSec)
A set of protocols being developed to support secure exchange of packets at the IP player.
Internet Relay Chat (IRC)
This is a real time chat system - you don't mail someone, wait for a reply, mail them back but instead join a live 'channel' on which (hopefully!) other people are also logged on. You can then type your comments, problems, boasts etc., for everyone on the channel to view - or for an individual's eyes only! You'll need a special piece of software to run IRC, and you'll then need to be connected to an IRC server
internet request for comments (RFC)
An official Internet document or standard that is drafted and then review by interested parties.
internet server application program interface ( ISAPI)
A system of MS Windows program calls that facilitates Web server appilcations that run faster than traditional Common Gateway Interface(CGI) applications.
Internet Service Provider (ISP)
Company that provides internet connection to its customers. To connect to the internet with an ISP you will typically need a modem for your computer and a phone line. You then dial-up the ISP and they give you access via their computers which are permanently connected to the internet. ISPs normally provide an e-mail account and a small amount of web space. Most ISPs charge a fixed monthly fee but some companies are now offering free access.
internet worm
A worm program that was unleashed on the Internet in 1988. It was written by Robert T. Morris as an experiment that got out of hand.
internetwork packet exchange (IPX)
A datagram (packet) protocol established by Novell, and used on its Netware client/server networks.
InterNIC
An authority that provides a variety of information management services for the Internet, including domain name registration.
intranet
A network of computer and computer networks that use the TCP/IP network protocols to facilitate data transmission and exchange inside one organization for internal use only.
intrusion
An instance of unauthorized access into or penetration of a computer or information system.
intrusion attempt
An event taken to be a potentially deliberate and unauthorized action toward accessing data/information, manipulating data/information, and/or rendering a given data/information system unreliable and unusable.
intrusion detection
Pertaining to techniques which attempt to detect intrusion into a computer or network by observation of actions, security logs, or audit data.
IP spoofing
An attack whereby a system attempts to illicitly impersonate another system by using its IP network address.
isof
This UNIX utility displays the status of a process and determines if it is friendly or malicious software.
java
Java is a programming language based on the idea of a 'virtual machine', a separate program that translates Java into something specific to a particular computer system. This way, identical Java code can be run on any Java-enabled system without changes. Java is widely used on the web, where most browsers contain a Java virtual machine as standard.
java archive (JAR)
A format used to store compressed Java applets, developed by Sun Microsystems.
java developement kit (JDK)
A software development package from Sun Microsystems that implements the basic set of tools needed to write, test and debug Java applications and applets.
joint electronic payments initiative (JEPI)
An initiative to automate payment transactions between computers. Acts as a general system into which payment mechanisms can be embedded, and in turn, contains minimal payment properties of its own.
Joint Photographic Experts Group (JPEG)
A JPG or JPEG is a standard type of image file. It is a very common way to compress and store images for transfer over the internet.
Kamikaze Packet
Also called Chernobyl Packet. A network packet that induces a broadcast storm and network meltdown. Typically an IP Ethernet datagram that passes through a gateway with both source and destination Ethernet and IP address set as the respective broadcast addresses for the subnetworks being gated between.
kernel
The core of an operating system that provides basic services. The kernel is surrounded by the shell, an interface layer.
key
A symbol or sequence of symbols used to encrypt or decrypt data.
key escrow
The system of giving a piece of a key to each of a certain number of trustees such that the key can be recovered with the collaboration of all the trustees.
keystroke monitoring
A specialized form of audit trail software, or a specially designed device, that records every key struck by a user and every character of the response that the computer returns to the user.
kill
A UNIX shell command that prevents program closure or initiation. The command blocks a signal from being sent to a script.
kilobyte
1024 bytes(2^10).
layer
The layer element, which is a Netscape proprietary tag, allows you to position content from another document on top of a Web page. One disadvantage with using layers is that it doesn't separate out structure from presentation because the layer must be absolutely positioned. Also, layer automatically targets all links in the embedded Web page to the window containing the outer page. Using
tags with this element is recommended because this allows layers to work with both Navigator and Internet Explorer.
leapfrog attack
Use of userid and password information obtained illicitly from one host to compromise another host. The act of TELNETing through one or more hosts in order to preclude a trace (a standard cracker procedure).
letterbomb
A piece of email containing live data intended to do malicious things to the recipient's machine or terminal. Under UNIX, a letterbomb can also try to get part of its contents interpreted as a shell command to the mailer.
license manager
A server application that manages the use of a multi-license client application.
link
A link is a bit of highlighted text on a Web page that connects to another Web page or file. Clicking the link sends your browser in search of the address attached to the text. That address can refer to another place on the same page, another page within the same site, or just about anywhere on the Internet. If you clicked on the text of the link, you would be taken to that URL
linux
A free or low cost UNIX derived operating system with a reputation for efficiency and fast performance. Linux includes many components usually found in a comprehensive UNIX system. Linux was originally developed by Linus Torvalds at the University of Helsinki in Finland.
Local Area Network (LAN)
This relates to your company's computer network, usually (but not always) within an office, building or closed geographical area. A whole LAN can be connected to the internet in order to allow everyone on it to be online, but without the protection of a 'firewall', this can lead to serious security risks
logic bomb
A resident computer program that when executed, checks for a particular condition or particular state of the system, which, when satisfied, triggers the perpetration of an unauthorized act.
login prompt
A request for a user to enter their login name and password in order to access a system or drive on a computer.
loop
A loop is like a JavaScript thought. Say you're a police officer using a radar gun to catch speeding motorists. If the speed limit is 55 miles per hour, you might say to yourself: "If a car makes my radar gun display a higher value than 55, I'll pull them over, but until then I will continue to take readings. And perhaps snack on this cruller." In JavaScript, the statement of this loop would be the action (firing up your motorcycle and chasing the speeder), and the expression would be the evaluation of whether or not the passing car made your radar gun read higher than 55. This is an example of a "while" loop:
while (carSpeed < 55) { carSpeed = readRadar(); // note: readRadar() should return the latest carSpeed }
pullEmOver(); // this will only execute once carSpeed is >= 55
macro
A saved set of instructions that a user creates or edits to automate tasks within a certain application or system.
macro virus
A macro that a user may execute unknowingly, which causes damage or replicates itself.
mail transport agent (MTA)
A program responsible for sending and receiving mail, the most common of which (in UNIX systems) is the sendmail daemon.
mailbomb
The mail sent to urge others to send massive amounts of email to a single system or person, with the intent to crash the recipient's system. Mailbombing is widely regarded as a serious offense.
man
A UNIX command that gives access to online manual files.
National Computer Security Center (NCSC)
Originally named the DoD Computer Security Center, the NCSC is responsible for encouraging the widespread availability of trusted computer systems throughout the Federal Government.
national information infrastructure (NII)
The nation-wide interconnection of communications networks, computers, databases, and consumer electronics that make vast amounts of information available to users.
national institute of standards and technology (NIST)
Formerly the National Bureau of Standards, the NIST promotes and maintains measurement standards, along with active programs for assisting industry and science to develop and use these standards.
netBIOS
A program that allows applications on different machines to communicate within a LAN (developed by IBM).
netBSD
A free, highly portable UNIX-derived operating system available for many platforms, from 64bits alpha servers to handheld.
netlog system sniffer
A UNIX sniffer program that includes three utilities- TCPLOGGER, UDPLOGGER, and EXTRACT.
netmask
Used by the TCP/IP protocol to decide how the network is broken up into sub-networks.
netMAX
A series of software products that build upon Linux.
netstat
This UNIX auditing command list information pertaining to the status of the TCP/IP network traffic transmitting to and from a host computer.
network
Two or more machines interconnected for the purpose of data transfer.
network acess point (NAP)
One of many Internet interconnection points that serves to tie Internet access providers together.
network address translation (NAT)
The translation of an address used within one network to a different IP address known within another network.
Network appliance
A specialized device that can access the Internet or private networks to perform defined tasks such as browsing a Web site or answering e-mail.
network computer (NC)
A concept computer from Oracle and Sun Microsystems that functions more like a terminal than a PC. Software is downloaded to a machine, which has only essential components. Also called a thin client.
network file system (NFS)
A software application that permits a client to work with files on a remote server as though they were local.
network information system (NIS)
An Information System based on the Client/Server model. Consists of a server, library of client programs, and some administrative tools.
network interface card (NIC)
The hardware card that serves as an interface between a network and a computer.
network level firewall
A firewall in which traffic is examined at the network protocol (IP) packet level.
Network mapping (NMAP):
A utility that scans large TCP/IP networks to discover ports that might be vulnerable to hackers. SYN attack:Also known as "SYNflooding," this type of online attack exploits a flaw in the TCP/IP protocol to gain entry to a server and tie up multiple access points.
network news transfer protocol (NNTP)
A protocol that specifies the way newsgroup are posted to, queried, and retrieved. NNTP's predecessor was UUCP.
network operating system (NOS)
A piece of software used to control general network activity.
network security
Protection of networks and their services from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects. Network security includes providing for data integrity.
network weaving
Another name for "Leapfrogging".
non-discretionary security
The aspect of DoD security policy which restricts access on the basis of security levels.
Novell
Novell is the largest network software company in the world. Its main product is Netware, which was at one time the most popular software for building local-area networks.
Novell Directory Services (NDS)
An administrative software product that manages access to computer resources and keeps track of users on a network.
NT file system (NTFS)
A faster, more secure file system developed by Microsoft, aimed at replacing the MS-DOS FAT system.
nuke
An exploit that causes a Windows operating system to crash or suddenly terminate. The "nuke" happens because of an out-of-band network packet that includes information that the operating system cannot process.
object (dHTML)
In object-oriented programming, an object is a self-contained entity that consists of both data and manipulation procedures. Similarly, HTML 4.0 includes the
leapfrog attack
Use of userid and password information obtained illicitly from one host to compromise another host. The act of TELNETing through one or more hosts in order to preclude a trace (a standard cracker procedure).
letterbomb
A piece of email containing live data intended to do malicious things to the recipient's machine or terminal. Under UNIX, a letterbomb can also try to get part of its contents interpreted as a shell command to the mailer.
license manager
A server application that manages the use of a multi-license client application.
link
A link is a bit of highlighted text on a Web page that connects to another Web page or file. Clicking the link sends your browser in search of the address attached to the text. That address can refer to another place on the same page, another page within the same site, or just about anywhere on the Internet. If you clicked on the text of the link, you would be taken to that URL
linux
A free or low cost UNIX derived operating system with a reputation for efficiency and fast performance. Linux includes many components usually found in a comprehensive UNIX system. Linux was originally developed by Linus Torvalds at the University of Helsinki in Finland.
Local Area Network (LAN)
This relates to your company's computer network, usually (but not always) within an office, building or closed geographical area. A whole LAN can be connected to the internet in order to allow everyone on it to be online, but without the protection of a 'firewall', this can lead to serious security risks
logic bomb
A resident computer program that when executed, checks for a particular condition or particular state of the system, which, when satisfied, triggers the perpetration of an unauthorized act.
login prompt
A request for a user to enter their login name and password in order to access a system or drive on a computer.
loop
A loop is like a JavaScript thought. Say you're a police officer using a radar gun to catch speeding motorists. If the speed limit is 55 miles per hour, you might say to yourself: "If a car makes my radar gun display a higher value than 55, I'll pull them over, but until then I will continue to take readings. And perhaps snack on this cruller." In JavaScript, the statement of this loop would be the action (firing up your motorcycle and chasing the speeder), and the expression would be the evaluation of whether or not the passing car made your radar gun read higher than 55. This is an example of a "while" loop:
while (carSpeed < 55) { carSpeed = readRadar(); // note: readRadar() should return the latest carSpeed }
pullEmOver(); // this will only execute once carSpeed is >= 55
macro
A saved set of instructions that a user creates or edits to automate tasks within a certain application or system.
macro virus
A macro that a user may execute unknowingly, which causes damage or replicates itself.
mail transport agent (MTA)
A program responsible for sending and receiving mail, the most common of which (in UNIX systems) is the sendmail daemon.
mailbomb
The mail sent to urge others to send massive amounts of email to a single system or person, with the intent to crash the recipient's system. Mailbombing is widely regarded as a serious offense.
man
A UNIX command that gives access to online manual files.
National Computer Security Center (NCSC)
Originally named the DoD Computer Security Center, the NCSC is responsible for encouraging the widespread availability of trusted computer systems throughout the Federal Government.
national information infrastructure (NII)
The nation-wide interconnection of communications networks, computers, databases, and consumer electronics that make vast amounts of information available to users.
national institute of standards and technology (NIST)
Formerly the National Bureau of Standards, the NIST promotes and maintains measurement standards, along with active programs for assisting industry and science to develop and use these standards.
netBIOS
A program that allows applications on different machines to communicate within a LAN (developed by IBM).
netBSD
A free, highly portable UNIX-derived operating system available for many platforms, from 64bits alpha servers to handheld.
netlog system sniffer
A UNIX sniffer program that includes three utilities- TCPLOGGER, UDPLOGGER, and EXTRACT.
netmask
Used by the TCP/IP protocol to decide how the network is broken up into sub-networks.
netMAX
A series of software products that build upon Linux.
netstat
This UNIX auditing command list information pertaining to the status of the TCP/IP network traffic transmitting to and from a host computer.
network
Two or more machines interconnected for the purpose of data transfer.
network acess point (NAP)
One of many Internet interconnection points that serves to tie Internet access providers together.
network address translation (NAT)
The translation of an address used within one network to a different IP address known within another network.
Network appliance
A specialized device that can access the Internet or private networks to perform defined tasks such as browsing a Web site or answering e-mail.
network computer (NC)
A concept computer from Oracle and Sun Microsystems that functions more like a terminal than a PC. Software is downloaded to a machine, which has only essential components. Also called a thin client.
network file system (NFS)
A software application that permits a client to work with files on a remote server as though they were local.
network information system (NIS)
An Information System based on the Client/Server model. Consists of a server, library of client programs, and some administrative tools.
network interface card (NIC)
The hardware card that serves as an interface between a network and a computer.
network level firewall
A firewall in which traffic is examined at the network protocol (IP) packet level.
Network mapping (NMAP):
A utility that scans large TCP/IP networks to discover ports that might be vulnerable to hackers. SYN attack:Also known as "SYNflooding," this type of online attack exploits a flaw in the TCP/IP protocol to gain entry to a server and tie up multiple access points.
network news transfer protocol (NNTP)
A protocol that specifies the way newsgroup are posted to, queried, and retrieved. NNTP's predecessor was UUCP.
network operating system (NOS)
A piece of software used to control general network activity.
network security
Protection of networks and their services from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects. Network security includes providing for data integrity.
network weaving
Another name for "Leapfrogging".
non-discretionary security
The aspect of DoD security policy which restricts access on the basis of security levels.
Novell
Novell is the largest network software company in the world. Its main product is Netware, which was at one time the most popular software for building local-area networks.
Novell Directory Services (NDS)
An administrative software product that manages access to computer resources and keeps track of users on a network.
NT file system (NTFS)
A faster, more secure file system developed by Microsoft, aimed at replacing the MS-DOS FAT system.
nuke
An exploit that causes a Windows operating system to crash or suddenly terminate. The "nuke" happens because of an out-of-band network packet that includes information that the operating system cannot process.
object (dHTML)
In object-oriented programming, an object is a self-contained entity that consists of both data and manipulation procedures. Similarly, HTML 4.0 includes the