Jargon Buster

06/10/2008

 

Denial of Service (DoS): Result of any action or series of actions that prevents any part of an information system from functioning.
Distributed denial of service (DDoS) attack: Variety of DoS attack enlists multiple compromised computers to flood a single target with bogus information. A criminal hacker can hijack your computer and force it and others to perform a DoS attack against other computers, users or networks
Flooding: Type of incident involving the insertion of a large volume of data resulting in DoS.
Phreaking: Combining the words “phone” and “freak” phreaking refers to a wide subculture of hacking that involves manipulating and exploiting telephone systems.
Retro-virus: A virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.
Smurfing: Software that mounts a DoS attack by exploiting IP broadcast addressing and ICMP ping packets to cause flooding.
Whaling: Whaling is similar to spear phishing and is an e-mail scam targeting high level executives. The premise is that if you are going phishing why not go for a whale? Whaling is not a poorly written e-mail, the e-mails speak the language of the executives and engage them in conversations about stocks, legal and financial matters before getting them to release confidential information.
Zero-day exploit: Malicious hackers have discovered they can increase their level of destruction by cracking the defences of a product on the same day that news of a vulnerability breaks and/or an ensuing patch is released.

 

Backdoor: Programs that give an attacker access to and remote control of another computer. Backdoors are largely Trojans dealt with by most anti-virus products. NIPS (Network Intrusion Prevention System) helps detect and block backdoor communications.
Blended threat: A virus or worm using multiple infection techniques. This can include exploiting program vulnerabilities, Trojan behaviour, infecting files, Internet propagation routines, network-share propagation routines and spreading with no human intervention.
Camping out: A hacking technique of breaking into a system and finding an undetected place from which to monitor the system, store information or re-enter the system at a later time.
GTUBE: The acronym for ‘General Test mail for Unsolicited Bulk E-mail,’ a test to verify that anti-spam software is operating correctly.
Ham: A term used to refer to non-spam messages.
IPS (Intrusion Prevention System): A preemptive approach to host and network security used to identify and quickly respond to potential threats. An IPS monitors individual host and network traffic. However, because an attacker might carry out an attack immediately after he/she gains access, intrusion prevention systems can also take immediate action as preset by the network administrator.
Keylogger: Software that intercepts data between the user entering it and the intended recipient application. Trojan and PUP keyloggers are functionally identical.
Logic bomb: A program that allows a Trojan horse to lie dormant and then attack when the conditions are just right.
NIPS (Network Intrusion Prevention System): Software or a device that monitors network traffic and prevents attacks on a network or system.
On-demand scanning: A scheduled examination of selected files to find a virus or other potentially unwanted code. It can take place immediately on user request, at a scheduled future time, or at regularly scheduled intervals.
On-access scanning: Examining files every time they are opened, copied or saved to determine if they contain a virus or other potentially unwanted code compared to on-demand scanning.
Packer, packed executable: Executable files can be compressed with a packer that shrinks and possibly encrypts the original code. The packed executable will decompress and/or decrypt itself in memory while it is running, so that the file on disk is never similar to the memory image of the file. Packers are designed to avoid security software, prevent reverse engineering or supply some level of copy protection.
Potentially unwanted program (PUP): Software programs written by legitimate companies that may alter the security state or the privacy posture of the computer on which they are installed. This software can, but does not necessarily include spyware, adware and dialers, and could be downloaded in conjunction with a program that the user wants.
Polymorphic/polymorphism: A virus that attempts to evade detection by changing its internal structure or its encryption techniques. Polymorphic viruses change form with each infection to avoid detection by anti-viral software scanning for signature forms. Less sophisticated systems are referred to as self-encrypting.
Splog: A term for spammers who create a large number of blogs with links to a spam site. Because the links are included in a large number of blogs, they have high search-engine rankings. Splogs are created to attract people to spam sites, primarily via Google.
XSS (cross site scripting): A type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users.