computer security cf205
Firewall
most basic security device. A barrier between a network and the outside world. filters traffic entering and exiting.
gray hat hacker
normally a law abiding citizen but in some cases will venture into illegal activities.
Proxy server
often used with a firewall to hide the internal network's ip address and present a single ip address (its own) to the outside world
OSI
open systems interconnection model. Application. Presentation. Session. Transport. Network. Data Link. Physical
Logic bombs
software that lays dormant until some specific condition is met. When the condition is met, then the software does some malicious act such as deleting files, altering system configuration, or perhaps releasing a virus.
White hat hacker
upon finding some flaw in a system will report the flaw to the vendor of that system. Often hired specifically by companies to do penetration tests. There is a Certified Ethical Hacker test.
Malware
This is a generic term for software that has a malicious purpose. It includes virus attacks,worms, adware,Trojan horses, and spyware. This is the most prevalent danger to your system.
Repeater
a device used to boost signal. Used when a cable needs to go further than the the maximum length. Amplifier repeaters simply boost the entire signal they receive including any noise.. Signal repeaters regenerate the signal, and thus don't rebroadcast any noise.
war dialing
a hacker set up a computer to call phone numbers in sequence until another computer answered to try to gain entry to its system.
Switch
an intelligent hub. It works and looks exactly like a hub but when it receives a packet it will send that packet only out the port for the computer to which it needs to go.
NetBIOS
an older microsoft protocol that is for naming systems on a local network IRC - internet relay chat - used for chat rooms
Router
are programmable to control how they relay packets. Most have interfaces allowing you to configure them. Most are programmable to change how they route traffic. Two networks connected by a router are still separate networks.
WholS
command that queries a target IP address for information
CERT
computer emergency Response Team was the first computer incident-response team and it is still one of the most respected in the industry.
CIA triangle
confidentiality, integrity and availability.
DNS
domain name service - translates urls into web address
Least privileges
each user or service running on your network should have the least number of privileges/access required to do their job. (aka need to know in military and intelligence circles)
FTP
file transfer protocol - for transferring files between computers
Firewall and proxy server
guard the perimeter by analyzing traffic (at least inbound an in many cases outside as well) and blocking traffic that has been disallowed by the administrator
http
hypertext transfer protocol - displays web pages
Application
interfaces directly to the application and performs common application services for the application process. Protocols: POP SMTP DNS FTP
Phreaking
involves breaking into telephone systems. Defined by the new hackers dictionary as the action of using mischievous and mostly illegal ways in order to not pay for some sort of telecommunications bill, order, transfer or other service.
Layered security
is one in which not only is the perimeter secured, but individual system within the network are also secured. All servers, workstations, routers, and hubs within the network are secure. One way to accomplish this is to divide the network into segments as if it were a separate network.
POP3
post office protocol version 3 - retrieves email
Session
provides the mechanism for managing the dialogue between end-user application processes. Protocols - NetBIOS
key logger
records all of your keystrokes. some also take periodic screenshots of your computer.
Presentation
relieves the application layer of concern regarding syntactical differences in data representation within the end-user systems.
SMTP
simple mail transfer protocol - sends email
Intrusion-detection system
simply monitors traffic looking for suspicious activity that might indicate an attempted intrusion
Hub
small box-shaped electronic device into which you can plug network cables. If you send a packet from one computer to another a copy of that packet is actually sent out from every port on the hub.
Spyware
software that literally spies on what you do on your computer. Can be as simple as a cookie - a text file that your browser creates and stores on your hard drive.
skript kiddies
someone who calls himself or herself a hacker but lacks the expertise. Significant number of people you are likely to encounter who call themselves hackers, are script kiddies.
Sneaker
someone who legally breaks into a system in order to assess security defiencies
Perimeter Security
the bulk of security efforts are focused on the perimeter of the network. This focus must include firewalls, proxy servers, password policies, or any technology or procedure to make unauthorized access of the network less likely.
War driving
the hacker drives around trying to locate wireless networks.
Authentication
the most basic security activity. It is merely the process of determining if the credentials given by a user or another system (username and password) are authorized to access the network resource in question.
Black Hat Hacker
the person normally depicted in the media. Once they gain access to a system, there goal is to cause some type of harm. sometimes referred to as crackers.
Auditing
the process of reviewing logs, records, and procedures to determine if these items meet standards
Denial of service attacks
these are designed to prevent legitimate access to your system
ICMP
these are simply packets that contain error messages, informational messages, and control messages.
Session hijacking
these attacks are rather advanced and involve an attacker attempting to take over a session
Security Breaches
this group of attacks includes any attempt to gain unauthorized access to your system. This includes cracking passwords elevating privileges, breaking into a server...all the things you probably associate with hacking
Web attacks
this is any attack that attempts to breach your website. Two of the most common such attacks are SQL injection and cross-site scripting
DNS poisonin
this type of attack seeks to compromise a DNS server so that users can be redirected to malicious websites, including phishing websites.
TFTP
trivial file transfer protocol - a quicker but less-reliable form of ftp
Telnet
used to remotely log on to a system. You can then use a command prompt or shell to execute commands on that system. Popular with network administrators
NNTP
Network news transfer protocol - used for network news groups.