List of words related to Security

  1. adware : parasitic software that generates (usually tacky) popups or injects ads into webpages. A cousin of spyware.
  2. attack : attempt to break in to one or more computers and take malicious action — may or may not be successful on a particular computer.
  3. attack vector : see vector
  4. browser helper object (BHO) : BHOs extend the functions of Internet Explorer. They may seem harmless to install, but BHOs are powerful enough to do what any malicious program could do.
  5. computer system : see system below
  6. cracker : usually means a malicious hacker — often referred to as a “black hat” or “black hat hacker” People who break the protection of software so that illegal copies can be made are called crackers too, and finally. I believe it’s also a southern term used to disparage a white person. πŸ™‚
  7. crimeware : a form of intrusive software designed to extort of steal something of value, for example your account credentials or personal identity data.
  8. definitions : see signatures below
  9. dialer : Dialers cause your PC to call long-distance or for-pay numbers, rather than your ISP. Th result is a large telephone bill for you and a nice profit for the perpetrator.
  10. email worm : malicious code that replicates itself by searching through the victims address book and mailing itself to the addresses it finds (see worm below.
  11. exploit : attack based on a specific vulnerability, for example the preview pane of Outlook Express can activate malicious content in email messages that are in HTML format.
  12. foistware : software that installs software on your system on the sly. It’s usually bundled with “bait” software that conceals the intrusive software.
  13. hack(ing) : break(ing) into and compromising a computer in person (hacker/cracker), rather than through malware.
  14. hacker : adept computer programmer, often self taught — often referred to as a “white hat”, but loosely used as a generic term for cracker.
  15. malware : software that is deliberately destructive, but often used as a general term for all kinds of malevolent and parasitic computer code. Trojan-horses, adware, spyware, hijackers, dialers, viruses and worms are specific examples. The first malware — back before the term existed — was a virus. “Virus” is also used (carelessly IMHO) as a generic term for malware. Malware has evolved to become largely crimeware.
  16. identity theft : taking over your financial identity: The first step is collection of enough of your personal data to be able to take the second step, which will probably be to apply for new credit cards in your name and plunder them before you find out. More identity theft actually starts with offline information theft, than with online theft, but the trend is increasingly online.
  17. payload : malicious code carried by attack vectors — spyware, Trojan-horses, dialers, destructive code and other malware. Some attacks deliver multiple payloads (warheads).
  18. script kiddies : juveniles who simply download other people’s hacking tools and malware and see what damage they can do.
  19. signatures (definitions) : telltale characteristics — the fingerprints or DNA of viruses and other malware Signature files are frequently updated, as often as once a day.
  20. POP : Post Office Protocol (POP) is one of the main protocols for downloading email to an email client (program).
  21. social engineering : fooling a computer user to obtain information, for example account numbers or passwords, which makes gaining access to their computer or online account easy. It is often done by telephone, but online, sending bogus email messages is the “preferred” method. These convincing messages often lead victims to counterfeit Web sites where they unwittingly enter their information.
  22. spam : unsolicited email, most of which is a scam of one form or another. [more]
  23. spoof : It’s very easy to put bogus “From”, “To” and “Reply To” addresses in email messages. It’s a common part of social engineering (above). It’s also easy to set up a counterfeit Web site, or create links in email messages or on Web sites that don’t take you where it looks like they will. All this is spoofing.
  24. spyware : Parasitic software that is secretly or obscurely installed on your computer when you install free toolbars, “helpers”, other nifty things; by visiting sneaky websites, or when you click deceptive email attachments. In the best case, spyware creates pop-up adds. In the worst case it steals your passwords, or even your personal identity.
  25. system : a group of independent but interrelated elements comprising a unified whole — in this security context, either the operating system and its adjuncts, or the computer system as a whole, which includes the operator.
  26. system worm : my term for the first class of worm (see worm below) which propagates without human intervention.
  27. Trojan-horse (Trojan) : parasitic software used to infiltrate targeted computers so the Trojan-master can access them remotely. Often designed for a specific purpose, such as relaying spam, but some Trojans give the master total control of the computer. Trojans seldom do damage, as a virus would, because the master wants his control to remain hidden.
  28. vector : from biology — an agent that carries and transmits a disease. Related to computers, a vector is a defined method of attack, directed at specific weak spots — attack gateways — in computers or networks. Tragically, the human element is often what’s targeted.
  29. The intent is to infect or or gain control. In the case of a worm, this control is used to propagage replicas of the malware to other computers. It’s like the flu: soon the Internet has an epidemic on it’s hands. πŸ™‚
  30. Vectors are often confused with the payload of the vector. For example, the “SoBig” worm — an attack vector — is often called a virus. Yes, it carries a virus, but that is its payload. Strictly speaking, worms are not viruses. The name “worm” comes from the way they worm their way through networks.
  31. virus : a program that reproduces its own code by attaching itself to other executable files so that the virus code runs when the infected executable file is run. Viruses almost always seek to do damage as well as replicate.“Virus” is often used (carelessly IMHO) for any kind of intrusive or destructive — worms, Trojans, spyware, etc.
  32. virus definitions : see signatures above
  33. webmail : web-based email that presents messages as webpages, rather than classic email, where the messages are downloaded directly. Web mail is read in a browser, rather than in an email client, so browser security considerations apply. The practical effect is usually somewhat reduced security.
  34. vulnerability : “A security exposure in an operating system or other system software or application software component.”
  35. worm : (1) intrusive code that breaks into other computers and starts itself running with no human intervention, and subsequently uses the newly infected computer to break into more computers; (2) intrusive code that self-propagates by emailing copies of itself from computers it has already infected (this one requires human intervention — opening the attachment — and so is often called a virus).
  36. zombie : a computer with a Trojan-horse installed. The Trojan lets the Trojan owner access the computer remotely. Networks of these used as a staging ground for anonymous attacks on other computers.

This entry was posted in S. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s