2600 - A hacker organization who publishes 2600 magazine. 8lgm - 8 Little Green Men hacker group that puts out security tips. Abuse of Privilege - When a user performs an action that they should not have, according to organizational policy or law. Access - The ability for a computer user to view, change, communicate with a file or record in a computer system. Access Control - Restriction on a computer user to use a computer system or a file or record on the computer system. ActiveX - Microsoft scripting language used for their Internet browser. Anonymous ftp - An anonymous file transfer protocol that will accept any user name and an anonymous or no password. This is a common way for hackers to gain access to a computer. ASIM (Automated Security Incident Measurement) - Automated security tool that monitors network traffic and collects information on targeted unit networks by detecting unauthorized network activity. ATM (Asynchronous Transfer Mode) - A high-speed form of networking that supports data communications, video, and voice communications on the same line. Attack - An attempt to bypass security controls on a computer. An active attack alters data. A passive attack releases data. Whether an attack will succeed depends on the vulnerability of the computer system and the effectiveness of existing countermeasures. Audit - To record independently and later examine computer system activity such as logins, file accesses, and security violations. Audit Trail - An audit trail may be on paper or on disk. In computer security systems, a chronological record of when users log in, how long they are engaged in various activities, what they were doing, whether any actual or attempted security violations occurred. AUSCERT - Australian Computer Emergency Response Team. Authenticate - In networking, to establish the validity of a user or an object (i.e., communications server). Authentication - The process of establishing the legitimacy of a node or user before allowing access to requested information. During the process, the user enters a name or account number (identification) and password (authentication). Authorization - The process of determining what types of activities are permitted. Usually, authorization is in the context of authentication. Once you have authenticated a user, the user may be authorized different types of access or activity. Back door - A hole in the security of a computer system deliberately left in place by designers or maintainers. BIP - Base Information Protection office. Browser - A program designed to help users view and navigate on the Internet (World Wide Web). Browsers are sometimes also called Web clients, since they get information from a server. Bug - An unwanted and unintended property of a program or piece of hardware, especially one that causes it to malfunction. C - The name of a programming language used often in the Unix environment. C++ - An object-oriented programming language. An improved version of the C programming language. Callback - A security procedure used with modems connected to terminals dialing into computer systems. When a computer system answers a phone call, it does not allow a direct login at that time. The computer calls back the telephone number associated with the authorized user's account. CDS: CSAP Database System - An AFCERT relational database system containing information ranging from detailed computer hardware and software specifications, vulnerabilities and countermeasures, malicious logic, and system connectivity descriptions. CERT - Computer Emergency Response Team. CGI - Common Gateway Interface. CGI is the method that Web servers use to allow interaction between servers and programs. Chat Group - A virtual meeting place where you can converse with other users from all parts of the globe. The chat groups are "live." CIAC - Computer Incidnet Advisory Capability. An organization of the Depeartment of Energy which provides computer security services. COAST - Computer Operations, Audit, and Security Tools. Organization at Purdue University which collects computer security tools. Communications Security - Procedures designed to ensure that telecommunications messages maintain their integrity and are not accessible by unauthorized individuals. Computer Security - Technological and managerial procedures applied to computer systems to ensure the availability, integrity and confidentiality of information managed by the computer system. Computer Security Incident - Any intrusion or attempted intrusion into a computer system. Incidents can include probes of multiple computer systems. Computer Security Intrusion - Any event of unauthorized access or penetration to a computer system. Cookie - A handle, transaction ID, or other token of agreement between cooperating programs. COPS - Computer Oracle and Password System. A computer network monitoring system for Unix machines. Core - The main storage of a computer system. A core dump captures data and files in memory. Countermeasure - Action, device, procedure, technique, or other measure that reduces the vulnerability of an automated information system. Crack - a password cracking program. Crack Root - To defeat the security system of a Unix machine. Cracker - One who breaks security on a computer system. Crash - A sudden, usually drastic failure of a computer system. Crytographic Checksum - A one-way function applied to a file to produce a unique "fingerprint" of the file for later reference. Checksum systems are a primary means of detecting file system tampering on Unix. CSAP (Computer Security Assistance Program) - Program to implement information protection operations capabilities using a combination of administrative controls, reporting procedures, specially developed automated security tools, incident response, intelligence threat data, and special survey and analysis capabilities. CSET (Computer Security Engineering Team) - The CSET focus on specific systems and networks. The team overtly surveys policy, procedures, training, awareness, connectivity and physical security of a specific system. CSETs document problems with policy and directives, operating procedures, configuration management, training and awareness, system connectivity, physical security, and unauthorized software. Cyberspace - Information space loaded with visual cues and navigable by computers.. The Internet is considered as a crude cyberspace. Daemon - A program that is not invoked explicitly, but lies dormant waiting for some condition to occur. Data Encryption Standard (DES) - An encryption standard developed by IBM and then tested and adopted by the National Bureau of Standards. This is a private key encryption algorithm adopted as the federal standard for the protection of sensitive but unclassified information . DNS (Domain Name System) - A distributed networked-based naming service on the Internet. DNS Spoofing - Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain. Dump - An undigested and large amount of information routed to an output device. Usually it is a backup of computer files and data. Email - Electronic mail automatically passed through computer networks and/or modems over common-carrier lines. Encryption - The process of scrambling files or programs, changing one character string to another through an algorithm (such as the DES algorithm). FAQ - Frequently Asked Question. A collection of common questions. Filter - A program that processes an input data stream into an output data stream in some well-defined way. Finger - A program that displays information about a particular user or all users logged on a computer system. Firewall - Computer on a network used to isolate, filter, and protect local systems from external connectivity by controlling the amount and kinds of traffic that will pass between the two. Fix - A patch or solution to a reported computer problem. Flame - An online message intended to insult or provoke other users. Flooding - Sending lots of text to the screen at once. Freeware - Free software distributed by email or bulletin boards. FTP - file transfer protocol. Used to get or put files from one computer to another. Gateway - A bridge between two networks. GIF - Graphical Image Format. An image file. GNU - A Unix-woralike development effort of the Free Software Foundation. Good Times - A hoax virus. Guru - A computer expert. Hack - Any software in which a significant portion of the code was originally another program. Hacker - A person who enjoys exploring the details of computers and how to stretch their capabilities. Home Page - A World Wide Web (WWW) repository for information. HTML - Hypertext Markup Language. Computer language and tags used by web browsers. Incident - Any intrusion or attempted intrusion into a computer system. Incidents can include probes of multiple computer systems. Internet - A collection of worldwide computer networks. Intrusion - An unauthorized access or penetration of a computer system. Intrusion Detection - Detection of break-ins or break-in attempts either manually or via software expert systems that operate on logs or other information available on the network. IP Spoofing - An attack whereby a system attempts to illicitly impersonate another system by using its IP network address. IRC (Internet Relay Chat) - A worldwide "party line" network that allows one to converse with others in real time. ISDN (Integrated Services Digital Networking) - A network that shares high-speed data communications along with voice communications on the same wires. It splits basic service into shared channels, each of which can be used for different calls. ISP - Internet Service Provider. An ISP is a company that sells Internet access. Java - A computer language developed by Sun for web browsers. Joe Password - A type of logging into a computer system where the password is the the same as the user name. JPEG - An image file. Letterbomb - A piece of email containing data or a program intended to do bad things to the recipients's machine or terminal. LAN (Local Area Network) - An interconnected system of computers and peripherals. LAN users share data stored on hard disks and can share printers connected to the network. Link - A word or picture you select on a Web page, usually by clicking your mouse on it, leading to a new page. Linux - A free Unix workalike program available on the Internet. Logic Bomb - A type of programmed threat. A mechanism for releasing a system attack of some kind. It is triggered when a particular condition, such as a certain date, occurs. Mailbomb - To send, or urge others to send, massive amounts of email to a single system or person with intent to crash the system. This is a denial of service attack. Malicious Logic - Hardware, softwae, or firmware that is intentionally included or introduced into a system for unauthorized purposes. MUD (Multi-User Dungeon) - A virtual reality adventure game played over the Internet. Network - A data communications system that allows a number of systems and devices to communicate with each other. Operational ASIM site - ASIM has been installed, is capturing and analyzing data, and is sending the data to the AFCERT. Packet - A group of data elements transmitted together that generally form part of a larger transmission made up of a number of packets. Packet Sniffer - A device or program that monitors the data traveling between computers on a network. Password - A secret sequence of characters that is used to authenticate a user's identity, usually during a login of a computer. Patch - A temporary addition to a piece of code to fix an existing bug or misfeature. Perl - Practical Extraction and Report Language. An interpreted computer language used mostly with Unix systems. phf Hack - Phonebook file demonstration program that hackers use to gain access to a computer system and potentially read and capture password files. PGP - Pretty Good Privacy. An encryption program. Phreaking - The art and science of cracking the phone network. Ping - Slang term for a small network message (ECHO) sent by a computer to check for the presence of another computer. Pkzip - A program to compress a file or files. Probe - Any effort to gather information about a machine or its users on-line for the apparent purpose of gaining unauthorized access to the system at a later date. Protocols - Agreed-upon methods of communications used by computers. It is the set of rules and formats for the exchange of information, particularly over a communications network. Proxy - A software agent that acts on behalf of a user. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination. RFC (Request For Comment) - One of a long-established series of Internet informational documents and standards. Root - The superuser account in a Unix system. Rootkit - A hacker security tool that captures passwords and message traffic to and from a computer. SATAN - Security Administrator Tool for Analyzing Networks. A tool for remotely probing and identifying the vulnerabilities of systems on Internet Protocol networks. SCSI - Small Computer System Interface. A bus-independent standard that interfaces a computer with peripheral devices. Sendmail - A Unix mail program with lots of known vulnerabilities to hack into a computer system. Server, Web - A computer which feeds documents and media to the browsers that request them. Shell - A computer command interpreter used to pass commands to an operating system. Snarf - To grab a large document or file for the purpose of using it with or without the author's permission. Sneaker - An individual hired to break into computer systems to test their security. Sniffer - A program to capture data across a computer network. Used by hackers to capture user id names and passwords. Spam - To crash a programm by overrunning it with large data. Also, to cause a person or newsgroup to be flooded with irrelevant or inappropriate messages. SPI (Secure Profile Inspector) - A network monitoring tool for Unix, developed by the Department of Energy. Spoof - A trick that causes an authorized user to perform an action that violates system security or that gives away information to an intruder. Superuser - The account with all privileges. Root account. System Administrator or System Administrator-level privileges Surf - To traverse the Internet in search of interesting stuff. TCP/IP - Transmission Control Protocol/Internet Protocol. This is the wide area networking protocol that makes the Internet work. Telnet - A communication protocol to Internet hosts. TFTP - trivial file transfer protocol. Token - A physical item that is used to provide identity. Typically an electronic device that can be inserted into a computer system to gain access. Trojan Horse - Computer program containing an apparent or actual useful function that contains additioal (hidden) functions that allows unauthorized collection, falsification, or destruction of data. Troll - An online message whose purpose is to attract responses and make the responders look stupid. People who troll want to make you waste your time responding to their pointless statements. Unix - A computer operating system. It is the most widely used multiuser general-purpose operating system in the world. URL (Uniform Resource Locator) - This is the address that identifies a document or resource on the World Wide Web. Virus - A cracker program that searches out other programs and infects them by imbeding a copy of itself in them. A virus cannot infect other computers without assistance. Vulnerability - Hardware, firmware, or software flow that leaves a computer processing system open for potential exploitation. The possible exploitation can be either from an external or internal source, thereby resulting in risk for the owner, user, or manager of the system. War Dialer - A cracking tool that calls a given list or range of phone numbers and records those which answer to identify computer systems. Warez - Cracked versions of commercial software with their copy-protection stipped off. Warez sites usually contain illegal, pirated software or games. Webmaster - The person at a site providing World Wide Web information who is responsible for maintaining their web site. Worm - A program that propagates itself over a network, reproducing itself as it goes.