Antivirus Program

ACL

Short for Access Control List, ACL is a listing that tells a computer operating system or other network device what rights a users has to each item on a computer or network device.

Authentication

Authentication and authorize are terms used to describe the process of identifying a person and making sure they are really who they say they are. For example, a password is a very basic method of authorizing someone.

Antivirus program

Also known as Antivirus Software, AVS, or just AV; an antivirus program is a type of software is designed to protect your computer and/or network against computer viruses. If and when a virus is detected, the computer will generally prompt you that a virus has been found, and ask what action should be done such as deleting the virus.

Asymmetric Encryption

A type of encryption where the key to encrypt and decrypt the information is different. This type of encryption gives the encryption even more security by preventing someone from creating a decryption key from the encryption key used to encrypt the data.

Attack

An organized attempt on a person or company designed to cause issues or damage. For example, a DOS attack is designed to cause a decrease of performance or completely take down a web site.

Backdoor

Also known as a manhole or trapdoor, a backdoor is a term used to describe a back way, hidden method, or other type of method of bypassing normal security in order to obtain access to a secure area.

Boot sector virus

Type of computer virus that infects the first or first few sectors of a computer hard drive or diskette drive allowing the virus to activate as the drive or diskette boots.

Brute-force attack

A type of password attack that does not attempt to decrypt any information but simply continue to try different passwords. For example, a brute-force attack may have a dictionary of all words and/or a listing of commonly used passwords. To gain access to the account using a brute-force attack, the program would try all the available words it has to gain access to the account. Another type of brute-force attack is a program that runs through all letters and/or letters and numbers until it gets a match.
Although a brute-force attack may be able to gain access to an account eventually, these types of attacks can take several hours, days, months, and even years to run. The amount of time it takes to complete these attacks is dependent on how complicated the password is.
To help prevent brute-force attacks many systems will only allow a user to make a mistake in entering their username or password three or four times. If the user exceeds these attempts the system will either lock them out of the system or prevent any future attempts for a set amount of time.

Cipher

1. Algorithm of encoding or encrypting data. Text that is ciphered is text that cannot be read unless a special password or key is put in to decode it.
2. Windows command line command. See cipher command page for additional details and examples.

Confidentiality

Term used to describe data that is kept from any other users that should not have access to it unless permission is granted by the owner of the data.

Cracker

Individual who is able to decipher codes and passwords being able to break security systems for illegal reasons.

Cryptography

The process of manipulating data so that is unreadable and also being able to reverse this process. This is usually used for security reasons for important files so that it can be seen only by people that are supposed to see it.

Cryptology

The study of cryptography.

Data theft

Term used to describe when information is illegally copied or taken from a business or other individual. Commonly, this type of information is user information such as passwords, social security numbers, credit card information, other personal information, and/or other confidential corporate information. Because this information is illegally obtained, when the individual who stole this information is apprehended, it is likely he or she will be prosecuted to the fullest extent of the law.

DDoS

Short for Distributed Denial of Service, DDoS is a type of DoS attack that uses several computers to attack one victim. Often a DDoS attack is first done by hacking or infecting dozens, hundreds, or even thousands of other computers with instructions on when to attack and how; when that time arises, all infected computers attack at once. A DDoS is often needed to attack a big site that is capable of handling large ammounts of traffic.

Decryption

Process of taking encoded or encrypted text or other data and converting it back into text that you or the computer are able to read and understand. This term could be used to describe a method of un-encrypting the data manually or with un-encrypting the data using the proper codes or keys.

Default password

A password (usually "admin", "root", "password", "<blank>", "secret", or "access") assigned to a program or hardware device by the developer or manufacturer. Although default passwords may help protect from some users they can be easily entered by users that know what they are doing.

Deffie-Hellman

The first Public Key Cryptography developed by Whitfield Deffie and Martin Hellman in 1976.

DOS

1. Short for Disk Operating System, DOS is an acronym often used to describe MS-DOS.
2. Short for Disk Operating System, DOS refers to any type of operating system that runs from a disk drive. Today all operating systems could be considered disk operating systems.
3. Short for Denial of Service, a DoS attack is a form of attacking another computer or company by sending millions or more requests every second causing the network to slow down, cause errors or shut down. Because it is difficult for a single individual to generate a DoS attack, these forms of attacks are often created from another company or college and/or worms are created to create zombie computers to create a DoS attack.

DES

Short for Data Encryption Standard, DES is also sometimes referred to as the Data Encryption Algorithm (DEA) and is a type of encryption standard first approved as a US federal standard in November 1976. Although still sometimes used, DES has been widely replaced by AES.

Dictionary attack

A type of password attack that does not attempt to decrypt any information but simply tries each of the words in a dictionary in hopes that the user has used one of the words as his or her password.
To help prevent brute-force attacks many systems will only allow a user to make a mistake in entering their username or password three or four times. If the user exceeds these attempts the system will either lock them out of the system or prevent any future attempts for a set amount of time.

Digital signature

Method of data encryption used to verify the identity of an individual transmitting information over the Internet.
Digital Certificates
Digital certificates are electronic documents used to verify the unique identities of principals and entities over networks such as the Internet. A digital certificate securely binds the identity of a user or entity, as verified by a trusted third party known as a certificate authority, to a particular public key. The combination of the public key and the private key provides a unique identity to the owner of the digital certificate.

DNS hijacking

Unauthorized and illegal modification of a DNSserver that directs users attempting to access a web page to a different web page that looks the same, a competitor page, or a page insulting the company or organization owning the real page.

E-mail bomb

Term used to describe a type of attack where a user or group of users send a massive amount of e-mails to interrupt the user or business from receiving e-mail, responding to e-mails in a timely fashion, or causing other e-mail related issues.

Spoof

In general the term spoof refers to a type of hacking or deception technique that imitates another person, software program, hardware device, or computer, with the intentions of bypassing security measures. One of the most commonly known types of spoofing is IP spoofing.

Eavesdropping

Also known as earwigging, eavesdropping is a term used to describe the process of listening, monitoring, and/or examining someone without their permission and/or knowledge. For example, a user could eavesdrop on someone's e-mail or chat conversation.

Encrypt

The process of making data unreadable by other humans and/or computers for the purpose of preventing others from gaining access to its contents. Encrypted data is generated using an encryption program such as PGP, encryption machine, or a simple encryption key and appears as garbage until it is decrypted. In order to read or use the data, it must be decrypted and only those who have the correct password and/or decryption key are able to make the data readable again.
A very basic encryption technique known as simple substitution or a substitution cipher shifts the letters of the alphabet over a few characters. For example, as shown below the alphabet has been shifted over four characters.
Encrypt key:
a=e, b=f, c=g, d=h, e=i, f=j, g=k, h=l, i=m, j=n, k=o, l=p, m=q, n=r, o=s, p=t, q=u, r=v, s=w, t=x, u=y, v=z, w=a, x=b, y=c and z=d.
Decrypt key:
a=w, b=x, c=y, d=z, e=a, f=b, g=c, h=d, i=e, j=f, k=g, l=h, m=i, n=j, o=k, p=l, q=m, r=n, s=o, t=p, u=q, v=r, w=s, x=t, y=u and z=v
Using this technique a user could encrypt the message: "computer hope free help for everyone" to: "gsqtyxiv lsti jvii lipt jsv izivcsri". Below is an example of how this could be done using Perl.
$alpha = "abcdefghijklmnopqrstuvwxyz";
$message = "computer hope free help for everyone";
@alpha = split(//, $alpha);
$i=1;
foreach $alpha (@alpha) {
if ($i >= 23) {
$i = -3;
}
$key{$alpha} = $alpha[$i+3];
$i++;
}
@message = split(//,$message);
foreach $message (@message) {
if ($message =~/[a-z]/i) {
$new .= "$key{$message}";
}
else {
$new .= "$message";
}
}
print "Old: $message\nEncrypted: $new\n";

Ethical hacking

A term used to describe a type of hacking that is done to help a company or individual identify potential threats on the computer and/or network. In order for hacking to be deemed ethical the hacker must obey the below rules.

1. You have permission to probe the network and attempt to identify potential security risks. It's recommended that if you are the person performing the tests that you get written consent.
2. You respect the individual's and/or company's privacy and only go looking for security issues.
3. You report all security vulnerabilities you detect to the company, not leaving anything open for you or someone else to come in at a later time.
4. You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware if not already known by the company.

Users who are interested in becoming a Certified Ethical Hacker (CEH) can visit

File protection

Methods used in protecting valuable data on computers. Generally, file protection is accomplished by password protecting a file or only providing rights to a specific user or group.

Firewall

A softwareutility and/or hardwaredevice that limits outside networkaccess to a computer or local network by blocking or restricting ports. Firewalls are a great step for helping prevent un-authorized access to a company or home network. The image to the right is a 3Com SuperStack 3 Firewall, an example of what a hardware firewall may look like. /

• A listing of computer firewall programs as well as additional information about preventing unauthorized access to your computer can be found on document CH000464.
• See document CH000907 for additional information about disabling firewalls.
• Additional information about computer security can be found on our security question and answer page.

Root

1. Also known as an admin, administrator, and gatekeeper, root is a super user on a computer network. Generally, a root is used to refer to the system administrator on a Unix / Linux network and is an individual who has complete access to a network.
2. The highest level in a directory hierarchy. For example, in MS-DOS, the root of the primary hard disk drive would C:\.

• See our su or super user command page for additional information on this command and/or visit our Unix / Linux help page for a full listing of commands and help.
• Additional information and help with MS-DOS can be found on our MS-DOS help page.
• Users in the Microsoft recovery console can set the current directory to the system root directory by using the systemroot command.

Hacker

1. A term that first started being used in the 1960s and was used to describe a programmer or someone who hacked out computer code, later the term evolved to an individual who had an advanced understanding of computers, networking, programming, and/or hardware but did not have any malicious intents.
Today, a hacker is often associated with an individual who illegally breaks into other computer systems to damage and/or steal information. Some users today who consider themselves leet may refer to themselves as haxors or h4x0rs. However, often these types of users are nothing more than script kiddies.
Although the media and most people think of hackers as malicious or evil, the majority of hackers are people who are curious about how computer, networks, and/or programs work and are often simply exploring and learning.
2. In computer online gaming a hacker is a term often associated with a gamer who is cheating.

• Additional information about how to hack someone or something can be found on document CH000806.
• For information about where Computer Hope stands on hackers, please see our underground section.

Identity theft

A description of a type of data theft where the person obtaining the information illegally is primarily searching for personal information and/or records. Often the user is looking for such information as full name, maiden name, address, date of birth, social security number, passwords, phone numbers, email, family information, credit card numbers, other credit information, etc. The user then uses this information to gain access to bank accounts or other protected areas, uses your personal information as their own identification, and/or sells your information.
Tips on preventing identity theft:

1. When entering any personal information on the Internet make sure you're entering it on a secure page. Additional information about making sure an Internet page is secure can be found on document CH000507.
2. When purchasing something over the Internet unless you plan on buying something from that same company again in the near future do not store your credit card and/or personal information with that site.
3. Make sure to have an active and up-to-date spyware protection program and antivirus protection program.
4. Be aware of fake e-mails / phishing e-mails that claim to be a company such as your bank requesting any personal information or login information.
5. Make sure your computer is secure. Additional information and tips on securing your computer can be found on document CH000464.
6. If you're a victim of a stolen computer make sure to read document CH001011 for additional information and help with dealing with this issue.

• Additional information and help with identity theft can also be found at:

IDS

Short for Intrusion Detection System, IDS is a security measure that helps notify an administrator or company when a device is being opened. For example, some corporate computers are equipped with an IDS system; if the case is removed from the computer an alarm will sound.

Spoof

In general the term spoof refers to a type of hacking or deception technique that imitates another person, software program, hardware device, or computer, with the intentions of bypassing security measures. One of the most commonly known types of spoofing is IP spoofing.
IP spoofing
A method of bypassing security measures on a network or a method of gaining access to a network by imitating a different IP address. Some security systems have a method of helping to identifying a user by his or her IP address or IP address range. If the attacker spoofs their IP address to match this criteria it may help bypass security measures. This technique is also used to deceive a web page, poll, or other Internet contest into thinking the user is someone else allowing him or her to get more hits or falsely increase a votes rank.
E-mail or address spoofing
Process of faking a senders e-mail address. This type of spoofing is used to fool the recipient of the e-mail into thinking someone else actually sent them the message. This is commonly used to bypass spam filters or to trick the user into thinking the e-mail is safe when in reality it contains an attachment that is infected with a virus.
Web page spoof
A fake web page or spoof on another commonly visited page. For example a malicious user may create a spoof page of Microsoft's, eBay, PayPal or Google's home page that looks identical but is hosted on a different server. These type of pages are commonly used in phishing e-mails to extract information from the user such as usernames and passwords or to send malicious files to them.

Kerberos

Developed by MIT, Kerberos isnetworkauthenticationprotocol designed to encrypt and secure data on an insecure network.
See the official MIT Kerberos page at:

Logic bomb