Internet security tips and advice » Security Glossary

Encryption

Igor Pankov — Fri, 20 Jun 2008 15:01:15 +0000

Encryption is a way of securely storing or transferring data by using special encryption key or algorithm to cipher its contents. For anyone else except the target recipient, the encrypted source will appear as a piece of unreadable, garbled data, making encryption a valuable instrument to hide private or secret information from strangers.

The target recipient possesses the unique decryption key which enables to decipher encrypted data and thus arrive at the original content. If someone manages to get hold of the unique decryption key, he/she can read that data as well. That’s why it’s important to keep the key in secure, tightly guarded location.

Zero-day (0-day or 0day) malware

Igor Pankov — Thu, 12 Jun 2008 15:22:15 +0000

Zero-day is often referred to as unknown, or recently discovered samples of malicious code or exploits that are not yet covered by antivirus or security companies, consequently, there is no antidote to it. Zero-day malware or attacks are most dangerous because they cannot be tackled with the use of signatures that identify such threats and help block them.

Proactive Protection

Igor Pankov — Sat, 07 Jun 2008 11:49:17 +0000

Any of the broad characteristics of a security system that centers on preempting a threat rather than removing it after the infection has ensued. Proactive Protection is the term often used interchangeably with technologies similar to HIPS when talking about blocking unauthorized activity or non-signature detection in antivirus programs that involves sample analysis for potential virus-like behavior.

Exploits

Igor Pankov — Fri, 30 May 2008 06:55:24 +0000

Exploits, also know as exploit code, are malicious commands that exploit software vulnerabilities. Developers are usually pretty quick to create patches for vulnerable code, and you should make sure that you apply all patches for applications and operating systems you use as soon as those patches become available. Once the patch is applied, the exploit can no longer be used against your system.

Proof of concept code (POC)

Igor Pankov — Fri, 23 May 2008 15:03:25 +0000

After a security researcher has found a vulnerability in a company’s software, he/she may opt to corroborate his findings by creating a proof-of-concept code. This code proves that the underlying vulnerability could be exploited and used with malicious intent. In a preponderance of cases, the POC is not hostile and serves only to encourage the vendor to quickly mitigate the risk by releasing a patch.

Spoofing

Pavel Goryakin — Thu, 15 May 2008 06:26:26 +0000

Spoofing is the imitation of something legitimate on the Internet. This could be a website’s address in the browser address bar, the MAC or IP address of a connecting LAN client, or a DNS query that could lead to the disclosure of personal information from a computer. Spoofing is closely related to faking, and has become an established security and hacker term meaning a forgery.

Internet Worm

Igor Pankov — Thu, 08 May 2008 13:47:05 +0000

Worm (Internet worm) is a self-replicating malicious program that propagates over the network infecting the nodes it contacts on its route. Worms can spread via email, peer-to-peer software, Instant Messaging clients and other sources. Worms clog Internet channel by using additional bandwidth.Worms gained notoriety when Robert Morris at Cornell University created the one that shut down many Unix network computers in 1988. The most prolific worm instances are MyDoom and its derivatives – NetSky and Bagel.

Leaktest

kozhemyak — Wed, 30 Apr 2008 19:57:31 +0000

Leaktest is a special tool set for testing the firewall’s ability to resist data breaches through unauthorized system interactions. Leaktests serve to measure how the firewall, or proactive security system also known as HIPS, can manage and control local activities of the applications installed on a PC. Currently, there are more than thirty leaktests that examine the firewall’s outbound strength by imitating various would-be attacks to steal data by bypassing the firewall’s outbound barriers. Leak tests got its name from the term “leak”, to reflect how the firewall can resist data leakage.

Firewall

kozhemyak — Fri, 18 Apr 2008 14:08:32 +0000

Firewall (software) – is a computer program that protects a computer’s connection to the network, usually, the Internet from hacker attacks and malicious software. Among the firewall’s key tasks are: preventing unauthorized access to the computer, stealthing (hiding) all open ports, controlling which programs are allowed to access the Internet and automatically defending against hacker’s probes and mass-distributed attacks on the host PC. Advanced firewalls may have additional functionality.

Browser

kozhemyak — Tue, 15 Apr 2008 14:04:30 +0000

Browser is a software application that enables a user to view a webpage stored on a remote computer on the Internet or other locations. The browser enables interacting with web pages’ content and managing inbound/outbound data transfer requests.

The most popular web browsers today are Microsoft Internet Explorer which is integrated into the Windows Operating System, and the third-party application from the Mozilla Foundation called Firefox. Opera browser from the Norwegian Opera Software comes in a distant third place according to usage ratings.