Friday, July 30, 2010      

ACL
Access controls lists specify the type of access granted or denied to a specific asset such as a network, server or file from a specific source.
Supplied by:   Brian Contos

Adware
See spyware
Supplied by:   secureIT

Air-gapped
An abstract used to define an architecture where internal systems/networks are not physically or logically connected to external systems/networks such as sensitive applications not being accessible from the Internet
Supplied by:   Brain Contos

Back door
Piece of software that allows access to the computer system, bypassing normal authentication procedures
Supplied by:   secureIT

Biometric Authentication
A method for using the physical characteristics of a person for authentication such as hand geometry, finger prints, retina patterns and voice.
Supplied by:   Brian Contos, Arcsight

Blended threat
A program that combines the characteristics of viruses, worms and Trojan horses. A blended threat, such as the Nimda outbreak in 2005, is a recent phenomenon
Supplied by:   secureIT

Browser hijacker
Program designed to alter a computer user's browser settings
Supplied by:   secureIT

Defense-in-depth
A strategy for having multiple layers of security instead of a single point of failure such as deploying network-and host-based firewalls
Supplied by:   Brian Contos

Exploit
Piece of software that attacks a particular vulnerability
Supplied by:   

File extension
The three-letter code at the end of a file name that tells you what kind of file it is. Double extensions are often used to conceal viruses
Supplied by:   secureIT

Firewall
Software application and/or hardware, which prevents unauthorised access to your computer from the Internet and prevents unauthorised programs sending information from your computer.
Supplied by:   secureIT

Hackers
A term used to define an individual(s) who attempts to gain unauthorised access to computer systems for the purpose of stealing and/or corrupting data
Supplied by:   secureIT

IDS
Intrusion Detection Systems are deployed on hosts or networks and attempt to detect malicious activity.
Supplied by:   Brain Contos

Keystroke Loggers
Software that captures the keys pressed on your computer keyboard and sends a log of these to the hacker via the Internet. Used to capture your passwords and often included in Trojans.
Supplied by:   secureIT

MAC (Media Access Control)
An address, unique to each computer's network interface adapter, often used as a layer of authentication in wireless security.
Supplied by:   secureIT

Malware
Malicious software
Supplied by:   secureIT

Mantraps
A physical security mechanism with at least two doors. After passing through the first door it must lock before the next door can be opened.
Supplied by:   Brain Contos

Password sniffer
A program that seeks out passwords on your computer, then sends them to a hacker. A keylogger can grab anything typed on the keyboard.
Supplied by:   secureIT

Pharming
Use of "poisoned" Internet routing to redirect users to a duplicate (but malicious) web site.
Supplied by:   secureIT

Phishing
The use of 'spoofed'emails and fraudulent websites which are designed to trick recipients into divulging personal financial data such as credit card numbers, account usernames and PINs/passwords.
Supplied by:   secureIT

Rogue dialer
Program that changes modern settings on a computer, so that network connection takes place via an expensive (toll) connection
Supplied by:   secureIT

Root kit
Set of software tools frequently used by an intruder after gaining access to a computer system
Supplied by:   secureIT

Social engineering
Obtaining confidential information by manipulating legitimate users.
Supplied by:   secureIT

Spear phishing
Targeted phishing
Supplied by:   secureIT

Spyware
Software installed as part of another application which is designed to monitor and report back on activity on a computer. Often installed without the users knowledge. May also be called scumware, adware or malware.
Supplied by:   secureIT

Trojans
An apparently harmless program that contains malicious code designed to give control of your computer to a hacker. Can be used to record keystrokes (see keystroke logger) and delete files or even view your screen contents.
Supplied by:   secureIT

Virus Definition Files
The list of known viruses that anti-virus software searches for on your computer or incoming files and emails. In order for anti-virus software to work effectively it is vital that you should keep your virus definition files as up to date as possible.
Supplied by:   secureIT

Viruses
Software disguised as something else that can cause damage to data and systems. Often spread as email attachments or files hidden in disks.
Supplied by:   secureIT

VPN
Virtual Private Networks allow encrypted communication across networks such as the Internet. While there are many uses, they were initially designed to allow a private tunnel between two public, Internet-separated location, thus allowing a secure and more cost effective alternative to private dedicated links for communication.
Supplied by:   Brain Contos

Wabbit
Self-replicating, non-propagating code (uncommon)
Supplied by:   secureIT

Warez
Copyrighted material traded in violation of its copyright license; generally refers to releases by organised groups.
Supplied by:   secureIT

WEP
Wired Equivalent Privacy, a weak and easily cracked form of wireless network security.
Supplied by:   secureIT

Worm
Similar to viruses in that they are programs that are often designed to interfere with the computes they infect. They don't attach themselves to files or other programs but spread automatically across networks of computers.
Supplied by:   secureIT

WPA
Wi-Fi Protected Access, a fairly strong form of wireless network security.
Supplied by:   secureIT

Zombie
A computer that has been compromised by a hacker/cracker, and is being used by that outside person to perform malicious (or at least illegal) activity unbeknown to the computer's owner.
Supplied by:   secureIT