Some definitions provided by Webopedia Online Dictionary for Computer and Internet Terms.
Access controls - After initial identification and authentication, access controls allow users to access files, applications and perform certain tasks. Essentially 'access controls' control individual access to computer capabilities. They allow the administrator of a computer to customize and define the rights of individual users of that computer, or computers, on a network. Using Access Controls, the administrator can define who has access to run which applications, view which files or perform certain tasks.
ACK (ACKnowledgment code) - Code that communicates that a system is ready to receive data from a remote transmitting station, or code that acknowledges the error-free transmission of data.
ActiveX - ActiveX is a set of technologies developed by Microsoft that enables software components to interact with one another in a networked environment, like the Internet, regardless of the development language in which they were created. Microsoft's office assistant "Clippy" uses ActiveX technology. Malicious code can abuse existing ActiveX components like "Clippy" or be contained in new ActiveX components downloaded to your machine. ActiveX also allows you to view Word or Excel documents within your Internet Explorer web browser. For more information, check out Microsoft's ActiveX Web site.
AES Short for Advanced Encryption Standard, a symmetric 128-bit block data encryption technique developed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The U.S government adopted the algorithm as its encryption technique in October 2000, replacing the DES encryption it used. AES works at multiple network layers simultaneously. The National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce selected the algorithm, called Rijndael (pronounced Rhine Dahl or Rain Doll), out of a group of five algorithms under consideration, including one called MARS from a large research team at IBM.
Anti-virus software - A tool that examines a system and/or network for viruses and removes any that are found. Most anti-virus software includes an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered.
Anti-virus software definitions - The latest virus protection updates, developed by research teams shortly after a virus is discovered. These updates are available for immediate download as soon as a fix for the virus has been created.
Authentication - Authentication is simply identity verification and is often required to gain access to computer systems or networks. For example, authentication is achieved when a user provides their username and password to log onto their ISP.
Authorization - The act of granting approval. Authorization to resources or information within an application can be based on simple or complex access control methods.
Back door - A loophole in the security of a computer system, sometimes deliberately coded by programmers, but more often an unforeseen technique to abuse the system. It is also known as a trap door.
BackOrifice (a.k.a. BackOrifice 2000) - A new version of the BackOrifice Trojan. When installed on a Microsoft Windows system, this Trojan horse program allows other users to gain full access to the system through a network connection. BackOrifice is used to transfer files, control infected systems, and use infected systems to infect or launch attacks on other systems.
Basic Internet Security - Typically employed in low value, low sensitivity applications using Secure Sockets Layer (SSL) for confidentiality, with the possible addition of UserID and Passwords for user authentication. CA See Certification Authority
bastion host A bastion host is a gateway between an inside network and an outside network. Used as a security measure, the bastion host is designed to defend against attacks aimed at the inside network. Depending on a network's complexity and configuration, a single bastion host may stand guard by itself, or be part of a larger security system with different layers of protection.
CA policy management - Control over CA properties such as whether the CA key is stored on hardware, the algorithm used to encrypt the CA signing key, and how often the CA updates its list of users whose certificates have been revoked.
CA signing key pair - This consists of one key that the CA uses to sign digital certificates. This key is known as the signing private key. When accessing encrypted or signed information, the trustworthiness of this information is validated, in part, by using the CA's public key to authenticate the CA's signature.
CERT/CC - Short for the Computer Emergency Response Team Coordination Center. CERT was started in December 1988 by the Defense Advanced Research Projects Agency, which was part of the U.S. Department of Defense, after the Morris Worm disabled about 10% of all computers connected to the Internet. CERT/CC is located at the Software Engineering Institute, a federally funded research center operated by Carnegie Mellon University.
Cert/CC studies Internet security vulnerabilities, provides services to Web sites that have been attacked and publishes security alerts. CERT/CC's research activities include the area of WAN computing and developing improved Internet security. The organization also provides training to incident response professionals.
Certificate - A digital "passport". A certificate is a secure electronic identity conforming to the X.509 standard. Certificates typically contain a user's name and public key. A CA authorizes certificates by signing the contents using its CA signing private key.
Certificate expiry - The date after which a user's certificate should no longer be trusted. The certificate expiry date is contained within the certificate.
Certificate renewal - The process of issuing a new certificate using the same public key from the previous certificate. Certificate renewal is used by some vendors who issue short lifetime certificates so that they can charge for each additional certificate issued.
Certificate revocation - The act of identifying certificates that are no longer trusted. Revoked certificates are identified on Certificate Revocation Lists (CRLs). With enhanced security management, applications automatically check the revocation status of certificates before trusting them.
Certificate Revocation List (CRL) - A list containing the serial numbers of public key certificates that have been revoked. CRLs are placed in directories so that applications can check the revocation status of certificates before trusting them.
Certificate validation - The process of checking the trustworthiness of a certificate. Certificate validation involves checking that the certificate has not been tampered with, has not expired, is not revoked, and was issued by a CA you trust.
Certification Authority (CA) - The system responsible for issuing secure electronic identities to users in the form of certificates. An example is Verisign.
Content filtering - The blocking, or "filtering," of undesirable Internet content. Businesses can block content based on traffic type. For example, Web access might be allowed, but file transfers may not be allowed. Content can also be filtered by site through the use of lists of URLs that are cataloged by content (these catalogs are updated frequently). Parents can control and restrict their children's access to inappropriate content via special browsers and content filtering programs.
Cookie - A message supplied to a Web browser by a Web server which may contain specific data about the end user. The browser stores the message in a text file and sends the message back to the server each time the browser requests a page from the server. Typical data stored includes the user's surfing habits, preferences or demographic data. This technology also is used to identify users and customize Web pages. Cookies may also be used to track user activity within a Web site.
cryptography - The art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable. As the Internet and other forms of electronic communication become more prevalent, electronic security is becoming increasingly important. Cryptography is used to protect e-mail messages, credit card information, and corporate data. One of the most popular cryptography systems used on the Internet is Pretty Good Privacy because it's effective and free. Cryptography systems can be broadly classified into symmetric-key systems that use a single key that both the sender and recipient have, and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.
Denial of Service attack (DoS) - Action(s) which prevent any part of a system or network from functioning properly. Denial of Service can result when a system, such as a Web server, has been flooded with illegitimate requests, thus making it impossible to respond to real requests or tasks. Yahoo! and e-Bay were both victims of such attacks in February 2000.
DHCP (Dynamic Host Configuration Protocol) - Software that automatically assigns IP addresses to client stations logging onto a TCP/IP network. It eliminates traditional manual assignment of permanent IP addresses. DHCP software typically runs in servers and is also found in network devices such as ISDN routers and modem routers that allow multiple users access to the Internet. Newer DHCP servers update the DNS servers after making assignments.
Digital ID - An encrypted file containing your personal security data, including your private keys. Access to your digital ID requires authentication via some combination of tokens, biometrics and/or passwords.
Digital signature - A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must be unforgeable. There are a number of different encryption techniques to guarantee this level of security.
Directory networking - Support for any LDAP-compliant directory provides the ability to network directories, which allows the retrieval of user certificates, cross-certificates and revocation information.
Digital signature - A digital signature is like a paper signature, except that it is fully electronic. A digital signature is impossible to forge, making it more secure than a paper signature. A digital signature provides verification to a recipient that the signed file came from the person who sent it, and that it was not altered since it was signed.
Directory - A directory is a software program that stores information (much like a database).
DNS (Domain Name System or Domain Name Server) - A domain name look-up system which interprets the domain name of a computer that is connected to the Internet into an IP address. DNS servers or switching stations are located at numerous strategic places to assist in the process of routing of e-mail and Internet connections. Successful routing can require routing and switching through several levels of DNS servers.
Dual key pairs - A combination of the user's encryption and signing key pairs. Two key pairs are required to satisfy the requirements for non-repudiation and key backup and recovery.
Encryption - To encrypt a file is to apply a mathematical function that transforms every character in the file into some other character. Encryption renders the file unreadable. This means no one, including you, can read the file until it is decrypted. Only you and the authorized recipients can decrypt the file.
Encryption key pair - This consists of the encryption public key and decryption private key. The public key portion of an encryption key pair is used to encrypt data which can be decrypted by the matching decryption private key.
Enhanced Internet Security - This is the required level of security needed for applications that deal with higher value and higher sensitivity transactions and information. This consists of enhanced levels of identification, entitlements, verification, privacy, and security management.
Entitlements - These are your rights and privileges, from an application perspective, based on who you are. Based on your identity and role, you may be granted or denied access to various types of applications or data.
Ethernet (a.k.a. "Thick Ethernet" and "ThickNet") - The most popular LAN access method, which is defined by the IEEE 802.3 standard. Ethernet is typically a shared media LAN. All systems on the segment share the total bandwidth, which is either 10 Mbps (Ethernet), 100 Mbps (Fast Ethernet) or 1000 Mbps (Gigabit Ethernet). Ethernet uses a thick coax cable as long as 1,640 feet without repeaters. With switched Ethernet, each sender and receiver pair have the full use of bandwidth. Ethernet was invented by Robert Metcalfe and David Boggs at Xerox PARC in 1973.
firewall - A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
- Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
- Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
- Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
- Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses. In practice, many firewalls use two or more of these techniques in concert. A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.
FTP (File Transfer Protocol) - A protocol used to send files back and forth over a TCP/IP network. It also can log onto a network, list directories, copy files and convert between the ASCII and EBCDIC character codes. FTP transfers can also begin from within a Web browser by entering ftp:// in front of the URL. Unlike e-mail programs in which files must be "attached," FTP handles binary files directly and is not forced to bother with encoding and decoding data.
Hacker - A person holds a great deal of knowledge and expertise in the field of computing, and who is capable of exercising this expertise with great finesse. This individual explores the details of computers, including security holes, and may exploit them. The hacker term has changed meaning over time. It was previously used to describe a dedicated programmer or devoted programming hobbyist.
Hash function - A function that produces a unique value, or fingerprint, for every unique input message. Hash functions are used when digitally signing and time stamping.
Hierarchical cross-certification - The process of adding a subordinate CA to a hierarchy of CAs. Ideal within organizations where multiple CAs are needed and where one root CA must control all other CAs.
honeypot - An Internet-attached server that acts as a decoy, luring in potential hackers in order to study their activities and monitor how they are able to break into a system. Honeypots are designed to mimic systems that an intruder would like to break into but limit the intruder from having access to an entire network. If a honeypot is successful, the intruder will have no idea that s/he is being tricked and monitored. Most honeypots are installed inside firewalls so that they can better be controlled, though it is possible to install them outside of firewalls. A firewall in a honeypot works in the opposite way that a normal firewall works: instead of restricting what comes into a system from the Internet, the honeypot firewall allows all traffic to come in from the Internet and restricts what the system sends back out.
By luring a hacker into a system, a honeypot serves several purposes:
- The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where the system has weaknesses that need to be redesigned.
- The hacker can be caught and stopped while trying to obtain root access to the system.
- By studying the activities of hackers, designers can better create more secure systems that are potentially invulnerable to future hackers.
ICMP (Internet Control and Message Protocol) - Used to communicate problems or availability information on the Internet. The Ping program uses ICMP to determine if a remote computer system is powered on and available on the Internet. ICMP is also used to communicate when a system cannot be found.
Identification - This is the concept of knowing exactly who you are dealing with in the electronic world.
IGMP (Internet Group Management Protocol) - The standard for IP Multicasting on the Internet. It's used to establish host memberships in particular multicast groups on a single network. The particulars of the protocol allow a host to inform its local router, using Host Membership Reports, that it wants to receive messages addressed to a specific multicast group.
Intrusion detection - Techniques which try to detect intrusion or unauthorized entry into a computer or network by observation of actions, security logs or audit data. Intrusion detection is the discovery of break-ins or attempted break-ins either manually or via specific software systems that operate on logs or other information available on the network.
IP (Internet Protocol) - The communications standard that defines how the Internet works. IP defines how data is formatted and what particular information it contains to allow information to be exchanged on computer systems existing on a variety of different networks utilizing different hardware. An example of the information defined by the IP is in an IP datagram, which includes the addresses of the two computers communicating and the data they wish to exchange. This is not unlike an addressed envelope one would send using the postal service.
IP datagram - A piece of a message transmitted over a packet-switching network. In addition to the data being sent, a packet also contains the destination address. In IP networks, datagrams are often called packets.
IP fragment - A fragment of an IP packet or datagram. Packets are sometimes broken into fragments to be transported.
IP spoofing - A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host. Newer routers and firewall arrangements can offer protection against IP spoofing.
Key and certificate management - Refers to generating keys for encryption and signing, storing the keys in certificates, and administering keys securely and transparently, so that they are provided to users where and when they are needed. Included in key and certificate management is key update. Keys should have limited lifetimes and be updated regularly in a secure, transparent manner.
Key backup and recovery - Key backup is the process of maintaining the user's decryption keys. Key recovery is the process of restoring the decryption keys. All organizations require decryption key backup and recovery capabilities to prevent data loss when users forget their password or lose their digital ID.
Key lifetime - The length of time a key is valid. All keys have a specific lifetime except the decryption private key, which never expires. An organization needs a policy regarding key lifetimes. This policy should consider when keys will no longer be needed as well as the risks and threats of private key disclosure due to brute force attacks. Key update Key update involves creating a new key pair and generating a corresponding public key certificate.
LAN (Local Area Network) - A computer network that covers a relatively small area. Most LANs are kept to a single building or group of buildings. However, one LAN can be connected to other LANs over any distance via telephone lines and radio waves. A system of connected LANs is called a Wide Area Network (WAN).
Lightweight Directory Access Protocol (LDAP) - A Directory Access Protocol (DAP) specified by IETF RFC 1487.
Logic bomb (a.k.a. fork bomb) - A computer program that is triggered under certain conditions specific to the requirements set forth by the programmers of the logic bomb. Trigger conditions may be a date or time combination. When the Logic Bomb is triggered, it then makes copies of itself, "exploding," until the entire system is locked.
Macro virus - A type of computer virus that is encoded as a macro and embedded in a document. Macro viruses are commonly associated with Microsoft Office applications. Once the macro virus infects one document, it can embed itself in all future documents created within the applications. Macros may insert words or numbers into documents or change the command functions of the application.
Mail bomb - An e-mail that is sent, often multiple times, to an enormous number of recipients, urging them to respond to a single system or person. The result can often overload and crash a system.
Malicious code - Hardware, software or firmware that is intentionally introduced to a system for an unauthorized or malicious purpose. A Trojan horse is an example of malicious code.
MD5 - An algorithm created in 1991 by Professor Ronald Rivest that is used to create digital signatures. It is intended for use with 32 bit machines and is safer than the MD4 algorithm, which has been broken. MD5 is a one-way hash function, meaning that it takes a message and converts it into a fixed string of digits, also called a message digest.
When using a one-way hash function, one can compare a calculated message digest against the message digest that is decrypted with a public key to verify that the message hasn't been tampered with. This comparison is called a "hashcheck."
Mobile code - Mobile code uses legitimate technologies such as Java applets and ActiveX controls as pathways for introducing malicious code, which may destroy programs and compromise system integrity. Mobile code attacks can modify data, steal passwords or files, redirect modem dial-ins or launch a Denial of Service attack. Malicious mobile code is usually executed without user knowledge or consent.
NetBus - Netbus is a remote Trojan program similar to BackOrifice. If this program is running on your computer and you are connected to the Internet, anyone who has the Netbus client program can invade your computer -- without your knowledge or consent -- to collect data from your computer such as passwords, e-mail and keystroke patterns. Once intruders have gained access via NetBus, they can execute programs in your computer, copy files, plant Trojan horses or viruses, control your mouse and more.
NNTP (Network News Transfer Protocol) - An industry protocol standard for the distribution, request, retrieval and posting of news articles on newsgroup servers.
Nonrepudiation - In reference to digital security, nonrepudiation means to ensure that a transferred message has been sent and received by the parties claiming to have sent and received the message. Nonrepudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
Nonrepudiation can be obtained through the use of:
- digital signatures -- function as a unique identifier for an individual, much like a written signature.
- confirmation services -- the message transfer agent can create digital receipts to indicated that messages were sent and/or received.
- timestamps -- timestamps contain the date and time a document was composed and proves that a document existed at a certain time.
Notarization - The validity of binding business transactions provides that users actually signed the transaction at a specific time.
Packet sniffer - A device or program that monitors packets traveling between computers on a network. A packet is a block of data that transmits the identities of sending and receiving stations, error-control information and data. Packet sniffing devices can be used to compromise computer security by intercepting data (such as confidential financial information or passwords) while it is being transmitted between two machines.
Peer-to-peer cross-certification - The process of certifying the trustworthiness of another organization's CA so that users can successfully validate the users from the cross-certified CA. Peer-to-peer cross-certification is ideal between organizations where each firm has secure control over its own organization and maximum flexibility to form relationships as business requirements dictate.
Piggybacking - Gaining unauthorized access to a system via another user's legitimate connection.
PKI networking - Enables users in one Certification Authority (CA) to communicate securely with users from another, trusted, CA domain.
Policy networking - Establishes a trusted relationships between or within organizations for a limited amount of time.
POP (Point of Presence) - The point where a line from a long distance carrier connects to the line of the local telephone company or to the user if the local company is not involved. For online services and Internet providers, the POP is the local exchange users dial into with their modem.
Port scanning - An attempt by hackers to find the weaknesses of a computer or network by scanning or probing system ports via requests for information. It can be used by IT professionals as a genuine tool to discover and correct security holes. But it can also be used maliciously to detect and exploit weaknesses.
PPP (Point-to-Point Protocol) - A method of connecting a computer to the Internet. PPP is relatively stable when compared to older versions of similar technology.
PPPoE (Point to Point Protocol over Ethernet) - A proposal specifying how a host personal computer (PC) interacts with a broadband modem (i.e. xDSL, cable, wireless, etc.) to achieve access to the growing number of high-speed data networks. Relying on two widely accepted standards, Ethernet and point-to-point protocol (PPP), the PPPoE implementation requires virtually no more knowledge on the part of the end user other than that required for standard dial-up Internet access. In addition, PPPoE requires no major changes in the operational model for Internet Service Providers (ISPs) and carriers.
Privacy - Privacy entails keeping data confidential while in transit and in storage from end to end of the transaction lifecycle or information exchange. It also constitutes the policy surrounding the use and disclosure of this information within the enterprise.
Private key - The portion of a key pair that is kept secret by the owner of the key pair. Private keys sign or decrypt data.
Public-key - A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the encryption recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it.
An important element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key.
Public-key systems, such as Pretty Good Privacy (PGP), are becoming popular for transmitting information via the Internet. They are extremely secure and relatively simple to use. The only difficulty with public-key systems is that you need to know the recipient's public key to encrypt a message for him or her. What's needed, therefore, is a global registry of public keys, which is one of the promises of the new LDAP technology.
Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometime called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption).
Public Key Infrastructure (PKI) - A system that provides the basis for establishing and maintaining a trustworthy networking environment through the generation and distribution of keys and certificates. This is also the foundation technology for providing enhanced Internet security.
Registration Authority (RA) - Refers to the people, processes, and tools used to support the registration ongoing administration of users.
Retro-virus - Waits until all possible backup media are infected with the virus before it performs malicious tasks visible to the user, so that it is not possible to restore the system to an uninfected state. Sometimes known as an "anti-anti-virus virus," this is a virus designed to avoid detection by anti-virus software.
Revocation system networking - Certificates can be revoked, and applications can automatically check the revocation status of certificates.
RFC (Request for Comments) - A series of notes about the Internet, started in 1969. An RFC can be submitted by anyone. Eventually, if it gains enough interest, it may evolve into an Internet standard. Each RFC is assigned an RFC number.
Roaming - A method of allowing users to access security services via their Digital ID without being constrained to a specific PC, device, or location.
Security Management - The act of effectively and efficiently managing identification, entitlements, verification, and privacy such that there is less burden of administration for end users and administrators regardless of application or platform.
Security policy - An organization's security policy governs the use of technology in the organization to achieve security objectives.
Signing key pair - Consists of a privately held key for signing data and a key distributed publicly so others can verify the signature.
Simple Public Key Mechanism (SPKM) - A secure session protocol specified by IETF RFC 2025.
Single login - A method of minimizing the proliferation of passwords and successive logins to ease user frustration and minimize the risk that passwords will be written down.
SMTP (Simple Mail Transfer Protocol) - A protocol for sending e-mail messages between servers. Most e-mail systems use SMTP to send messages from one server to another. In addition, SMTP is generally used to send messages from a mail client to a mail server.
Smurfing - A Denial of Service attack in which an automated program attacks a network by exploiting Internet Protocol (IP) broadcast addressing. An attacker will spoof (impersonate) the source address of an ICMP echo request (ping) and send it to many systems on a network at once causing a flood of echo replies. This causes clogging of the network and prevents normal network communication.
Spam - The functional equivalent to unsolicited, electronic junk mail. It is often used to advertise products or to broadcast a political or social commentary. Spam floods a user's inbox with irrelevant, unwanted messages.
Spoofing - Faking the sending address or otherwise masquerading as an authorized user in an attempt to gain illegal entry into a secure system.
Spyware - Spyware is any software or program that employs a user's Internet connection in the background (the so-called "backchannel") without their knowledge or explicit permission. Silent background use of an Internet "backchannel" connection requires a complete and truthful disclosure of backchannel usage, followed by the receipt of explicit, informed consent for such use. If permission is not obtained, the act is considered to be information theft.
SSL (Secure Sockets Layer) - Provides authentication and confidentiality on top of existing applications like Web browsers. Digital Certificates and Digital Signatures utilize this protocol layer to enhance security during online transactions.
Symmetric key - One key that can be used to encrypt and decrypt the same data. Symmetric key encryption is different from public key encryption, which relies on one key held privately (for signing or decryption) and a second key distributed to the public (for signature verification or encryption).
TCP (Transmission Control Protocol) - TCP is one of the main protocols in TCP/IP networks. TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered in the same order in which they were sent.
Telnet - A terminal emulation program for TCP/IP networks. The Telnet program runs on your computer and connects your computer to a server on the network. At such time, you can enter commands through the Telnet program and each direction given will be executed as if you were entering them directly on the server console. This enables you to control the server and communicate with other servers on the network.
Trin00 - A Trojan program that is run from a remote host and can be used to control a system or cause it to attack another network. Classified as a Distributed Denial of Service attack tool.
Trojan horse - A seemingly useful and innocent program that contains hidden code that allows the unauthorized modification, exploitation or destruction of data. Trojan horse programs are generally distributed via the Internet. Games, freeware and screen savers are common vehicles for Trojan horses.
UDP (User Datagram Protocol) - a transport layer communications method, or protocol, used for applications that transmit short bursts of data. This protocol offers a limited amount of service and is therefore the mechanism for data communication for applications that do not require verification of delivery at the destination.
Unix - A multi-user, multi-tasking operating system that is mainly used as the master control program in workstations and particularly servers.
User mobility - A method of accommodating users who log in from different workstations or devices.
User policy management - Flexible control over user settings such as algorithms used to encrypt and sign user data.
Verification - The act of providing an auditable record of a transaction. This can be in the form of a digital signature. This binds each party to a transaction such that they cannot repudiate participating in it.
virus - A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
Since 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses.
Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.
VPN (Virtual Private Network) - Refers to a network in which some of the parts are connected using the public Internet, but the data sent across the Internet is encrypted, so the entire network is "virtually" private. A typical example would be a company network where there are two offices in different cities. Using the Internet, the two offices merge their networks into one network, but encrypt traffic that uses the Internet link.
worm - (1) A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down. (2) When used in all capital letters, WORM is an acronym for for write once, read many, an optical disk technology that allows you to write data onto a disk just once. After that, the data is permanent and can be read any number of times. Is an independent program that replicates itself, crawling from machine to machine across network connections. It often clogs networks as it spreads -- often via e-mail.