|
Access Control Lists
Rules for packet filters (typically routers) that define which packets to pass and which to block
Access Router
A router that connects your network to the external Internet. Typically, this is your first line of defense against attackers from the outside Internet. By enabling access control lists on this router, you'll be able to provide a level of protection for all of the hosts ''behind'' that router, effectively making that network a DMZ instead of an unprotected external LAN.
Anti-Virus Software
Anti-Virus software scans a computer's memory and disk drives for viruses. If it finds a virus, the application informs the user and may clean, delete or quarantine any files, directories or disks affected by the malicious code.
Application-Layer Firewall
A firewall system in which service is provided by processes that maintain complete TCP connection state and sequencing. Application layer firewalls often re-address traffic so that outgoing traffic appears to have originated from the firewall, rather than the internal host.
Attack
An attempt to subvert or bypass a system's security. Attacks may be passive or active. Active attacks attempt to alter or destroy data. Passive attacks try to intercept or read data without changing it.
Authentication
The process of determining the identity of a user that is attempting to access a system.
Authorization
The process of determining what types of activities are permitted. Usually, authorization is in the context of authentication: once you have authenticated a user, they may be authorized different types of access or activity.
Cable modem
A Modem designed for use on a TV coaxial cable circuit. Usually providing high-speed asymmetric Internet connectivity.
Circuit-level gateway
Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Connectivity
The ability to communicate between computers and terminals. Can be a physical or logical connection path.
Cookie
A cookie is a piece of data which often includes an unique identifier, that is sent to your browser from a web site you visit, stores as a file on your computer, identifies you as a unique user and track your web usage. In certain cases (determined by the data in the cookie itself), the client returns the cookie to the server that originally delivered it. Persistent cookies are created in order to recognize users when they return to a website and enable the site to offer a customized experience tailored to that user - such as remembering your name and password on protected login pages.
Data Driven Attack
A form of attack in which the attack is encoded in innocuous-seeming data which is executed by a user or other software to implement an attack. In the case of firewalls, a data driven attack is a concern since it may get through the firewall in data form and launch an attack against a system behind the firewall.
Decryption
The process of decoding data that has been encrypted into a secret format. Decryption requires a secret key or password.
DNS server
Domain Name System server. A computer that keeps a database of domain names and their corresponding IP addresses. When a computer sends a domain name to a DNS server, the server returns the IP address for that domain.
The Domain Name System is a mechanism used in the Internet or
Intranet for translating names to host computers into addresses. DNS allows host computers not directly on the Internet to have registered names in the same style. DNS allows you to use the Internet without remembering long lists of numbers.
DNS spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.
DOS (Denial-Of-Service) attack
A malicious kind of attack that floods the intended destination IP address with requests. Example: by pinging 400 to 500 times per second.
Dynamic IP
A dynamic IP address is an IP address that changes periodically. A different IP address may be assigned every time you connect to the Internet. This makes it more difficult for the others to locate your computer or other devices from elsewhere on the Internet.
Encrypting Router
See Tunneling Router and Virtual Network Perimeter.
Encryption
A method of scrambling or encoding data to prevent unauthorized users from reading or tampering with the data. Only individuals with access to a password or key can decrypt and use the data. The data can include messages, files, folders, or disks.
Firewall
A firewall is a barrier between your network and the Internet, through which only authorized traffic can pass. This can be either a software or hardware firewall.
Software: The program is installed onto your computer to control access between your computer and the internet. Hardware: This is a piece of equipment that connects to the outside of your computer. The Hardware Firewall (Router) Connects to your DSL/Cable modem then to the internet giving you the most protection.
FTP
File Transfer Protocol. A standard protocol for copying files to and from remote computers over TCP/IP networks, such as the Internet. FTP uses ports 20 and 21. FTP is commonly used to download programs and other files to your computer from other servers. It is also used to upload Web page files to your own Web site. SFTP is a secure version of FTP. SFTP protocol allows you to securely transfer your files in a way that resembles traditional ftp, except it uses strong encryption so that your password and data aren't sent in clear text.
Gateway
A gateway is what it sounds like. It's an entrance and an exit into a communication network. A gateway intercepts and steers electronic signals from one network to another. In data networks, gateways are typically a node on both two networks that connects two otherwise incompatible networks.
Hacker
A person who attempts unauthorized access of other people's computers for the purpose of obtaining information on those computers or to do damage to those computers.
High anonymous proxy server
These proxy servers do not pass an IP-address of a client and don't send any variables indicating that you are using proxy server to host and look like real browser.
HTTP
HyperText Transfer Protocol. A set of rules for requesting pages from a web server and transmitting pages (including text, graphic images, sound, video, and other multimedia files) to the requesting Web browser. HTTP uses TCP port 80.
HTTP proxy server
HTTP proxy server is a proxy allowing to work on the Internet with HTTP and (not always) FTP protocols. It can carry out caching of information downloaded from the Internet.
Now HTTP proxy servers are the most widespread. Their support (ability to use them) is included into many programs: browsers, download managers etc. However, their support is not realized at a level of an operating system – in order to use them, you should configure all programs, which should use proxies, in an appropriate way.
HTTPS
HyperText Transfer Protocol Secure. A variation of HTTP that uses encryption to transmit data securely (secure HTTP). HTTPS uses TCP port 443.
ICMP
Internet Control Message Protocol is a network-layer Internet protocol that provides message packets to report errors and other information relevant to IP packet processing. ICMP provides a number of diagnostic functions and can send error packets to host. ICMP uses the basic support of IP and is an integral part of IP.
Instant Messaging
A type of communications service that enables you to create a private chat room with another individual. Typically, the instant messaging system alerts you whenever somebody on your private list is online. You can then initiate a chat session with that particular individual.
There are several competing instant messaging systems. Unfortunately, there's no standard, so anyone you want to send instant messages to must use the same instant messaging system that you use.
Intranet
An intranet is a private LAN designed for use by everyone within an organization. The essential idea of an intranet is that it uses LAN (and WAN) technologies to facilitate communication between people and improve the knowledge base of an organization's employees.
Intrusion
Unauthorized access to computer systems and networks, usually for malicious activity.
IP address
Internet Protocol address. A 32-bit numeric address assigned to hosts that use TCP/IP. The address for a host must be unique on the network. IP addresses are usually expressed as four decimal numbers, each ranging from 0 to 255, separated by periods. For example, 127.0.0.1.
IP Spoofing
A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host. Some routers and firewalls arrangements can offer protection against IP spoofing.
ISP
Internet Service Provider is an organization that provides access to the Internet.
Java applet
A small program that runs in a restricted environment that is managed by your browser. Most Java applets are used to add multimedia effects, interactivity, or other functionality to a web page, but they can be used for malicious purposes.
JavaScript
A scripting language that is similar to, but less capable than, Java. JavaScript code can be included in web pages to add interactivity and other functionality.
LAN (Local Area Network)
A computer network that serves users in a limited area such as a building. One local area network can be linked to another. Two or more local area networks are called a Wide Area Network (WAN).
Logging
The process of storing information about events that occurred on the firewall or network.
NAT
Network Address Translation is an Internet standard that enables a local area network to use one set of IP addresses for internal traffic and a second set of IP addresses for external traffic. This allows a company to shield internal addresses from the public Internet. NAT translates the internal local addresses into globally unique IP addresses before sending packets to the outside network.
Network
A group of two or more computer systems linked together. There are many types of computer networks, including LANs and WAN.
Network-Layer Firewall
A firewall in which traffic is examined at the network protocol packet layer.
Packet
A logical grouping of information that includes a header and(usually) user data. A continuous sequence of binary digits of information is switched through the network and an integral unit.
Packet filtering
Security established through the use of a set of filter rules that operates by examining IP packets to allow them to pass or not. A router that implements packet filtering is known as a screening router or firewall router.
Patch
A temporary fix to a program bug. A patch is an actual piece of object code that is inserted into (patched into) an executable program.
PGP
Short for Pretty Good Privacy. PGP is a technique for encrypting messages. PGP is one of the most common ways to protect messages on the Internet because it is effective, easy to use, and free. PGP is based on the public-key method, which uses two keys -- one is a public key that you disseminate to anyone from whom you want to receive a message. The other is a private key that you use to decrypt messages that you receive.
Ping
A method by which an ICMP packet is sent over a TCP/IP network to a particular address and echoed back to confirm that a particular site can be reached via the network.
Port
In TCP/IP and UDP networks, an endpoint to a logical connection. By convention, some protocols use a well-known port number (for example, HTTP uses port 80), although this is configurable.
Proxy / Proxy Server
A proxy server is a kind of buffer between your computer and the Internet resource(s) you are accessing. The data you request come to the proxy first, and only then it transmits the data to you. A proxy server receives a request for an Internet service (such as a web page request) from a user. If the proxy server is also a cache server, it can use its local cache of previously downloaded web pages to provide the page without forwarding the request to the Internet. If the page is not in the cache, the proxy server uses one of its own IP addresses to request the page from the server on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it to the user.
Proxy cascade (proxy chain)
Proxy chain (cascade) is a connection of 2 or more proxy servers. To make a proxy chain you can use as many proxy servers as you can or want.
Router
A device that performs routing and appropriate paths for data packets across networks as it traverses an internetwork or WAN.
Screening Router
A router configured to permit or deny traffic based on a set of permission rules installed by the administrator.
SMTP
Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client.
Sniffer
A program and/or device that monitors data traveling over a network. Sniffers can be used both for legitimate network management functions and for stealing information off a network. Unauthorized sniffers can be extremely dangerous to a network's security because they are virtually impossible to detect and can be inserted almost anywhere. This makes them a favorite weapon in the hacker's arsenal. On TCP/IP networks, where they sniff packets, they're often called packet sniffers.
Social Engineering
An attack based on deceiving users or administrators at the target site. Social engineering attacks are typically carried out by telephoning users or operators and pretending to be an authorized user, to attempt to gain illicit access to systems.
TCP/IP
Transport Control Protocol/Internet Protocol. TCP/IP is the standard method of sending data on the Internet. It is based on data packets that have a set format, including to and from addresses. Generally refers to the Internet Protocol Suite, which includes TCP and IP, as well as several other protocols used by computers to communicate with each other. TCP/IP is the standard protocol used on the Internet. It can also be used as a communications protocol in intranets and extranets.
TCP/IP is a two-layered program. The higher layer, Transmission Control Protocol, manages the assembling of a message or file into smaller packets that are transmitted over the Internet and received by a TCP layer that reassembles the packets into the original message. The lower layer, Internet Protocol, handles the address part of each packet so that it gets to the right destination.
Tunneling Router
A router or system capable of routing traffic by encrypting it and encapsulating it for transmission across an untrusted network, for eventual de-encapsulation and decryption.
User Datagram Protocol (UDP)
User Datagram Protocol is a connectionless protocol. It uses IP to send datagrams in a similar way to TCP, except that like IP, and unlike TCP, UDP does not ensure the packets reach their destination. UDP is used in applications where it is not essential for 100% of the packets to arrive. While TCP is safer, UDP is often faster.
Virtual Network Perimeter
A network that appears to be a single protected network behind firewalls, which actually encompasses encrypted virtual links over untrusted networks.
| 
