Chapter 1 Network Defense Fundamentals
virus
Computer code that copies itself from one place to another surreptitiously and performs actions that range from benign to harmful
packet filters
Devices or software that block or allow transmission of packets of information based on port, IP address, protocol, or other criteria
return on investment (ROI)
The total value gained after a solution has been deployed. A positive ROI means the solution has solved more problems than it creates
malware
Software, such as viruses, worms, and Trojans, designed to cause harm, allow theft, or otherwise compromise a computer system
integrity
The goal of ensuring the accuracy and consistency of information during all processing (storage, transmission, and so forth)
confidentiality
The goal of preventing intentional or unintentional disclosure of communication between a sender and recipient
authentication
The process of determining authorized users' identities through matching a username and password, a fingerprint or retinal scan, a smart card and PIN, and so on.
defense in depth (DiD)
A layering approach to security that protects a network at many different levels by using a variety of strategies and methods
nonrepudiation
A method for ensuring that the sender can't deny sending a message and the receiver can't deny receiving it
socket
A network connection that uses a TCP/IP port number combined with a computer's IP address
cracker
A person who attempts to gain access to unauthorized resources on a network, usually by finding a way to circumvent passwords, firewalls, or other protective measures
demilitarized zone (DMZ)
A subnetwork of publicly accessible Web, e-mail, and other servers that's outside the LAN but still protected by the firewall
worm
A type of malware that creates files that copy themselves repeatedly and consume disk space. They don't require user intervention to be launched; they are self-propagating.
spyware
A type of malware that includes adware, tracking cookies, dialers, and spam
macro virus
A type of malware that performs the same functions as a macro but tends to be harmful
Trojan programs
A type of program that appears harmless but introduces viruses or causes damage to a computer or system
backdoors
A way of gaining unauthorized access to a computer or other resource, usually through an opening in a program that's supposed to be known only to the program's author
packet monkey
An attacker who's primarily interested in blocking Web site activities through a distributed denial-of-service attack
script kiddies
Attackers (often young people) who spread viruses and other malicious scripts and use techniques to exploit weaknesses in computer systems
availability
Making sure those who are authorized to access resources can do so in a reliable and timely manner
physical security
Measures taken to physically protect a computer or other network device from theft or environmental disasters
password security
Measures to protect passwords, including selecting good passwords, keeping them secure, and changing them as needed. Using multiple passwords, including screensaver passwords and passwords for protecting critical applications, also helps guard against unauthorized access
signatures
combinations of flags, IP addresses, and other attack indicators that are detected by a firewall or IDS