A firewall technology that accepts or rejects packets based on their content.
The process of breaking messages into packets at the sending router for easier transmission over a WAN.
A number of characters often added to data before an operation such as hashing takes place. Most often unique values, known as one-time pads, are added to make the resulting hash unique.
See Password Authentication Protocol (PAP).
The process of breaking a network into smaller components that can be individually protected.
A type of intruder detection that logs all network events to a file for an administrator to view later.
A nonactive response, such as logging. Passive response is the most common type of response to many intrusions. In general, passive responses are the easiest to develop and implement.
One of the simplest forms of authentication. Authentication is accomplished by sending the username and password to the server and having them verified. Passwords are sent as clear text and, therefore, can be easily seen if intercepted.
Attempting to enter a password by guessing its value.
A list of passwords that have already been used.
See Port Address Translation (PAT).
A fix for a known software problem.
The act of gaining access.
Security set up on the outside of the network or server to protect it.
See Pretty Good Privacy (PGP).
A virus that modifies and alters other programs and databases.
A form of social engineering in which you simply ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. Commonly sent via e-mail.
Someone who abuses phone systems, as opposed to data systems.
Control access measures used to restrict physical access to the server(s).
An object, such as a locked door, used to restrict physical access to network components.
The first layer of the OSI model; controls the functional interface. See also Open Systems Interconnection (OSI) model.
On a computer, an interface where you can connect a device.
Security that guards the physical aspects of the network.
A TCP/IP utility used to test whether another host is reachable. An Internet Control Message Protocol (ICMP) request is sent to the host, which responds with a reply if it's reachable. The request times out if the host isn't reachable.
A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host's buffer. A ping of death usually causes the remote host to reboot or hang.
Standard telephone service, as opposed to other connection technologies like Digital Subscriber Line (DSL).
Network communication in which two devices have exclusive access to a network medium. For example, a printer connected to only one workstation is using a point-to-point connection.
A full-duplex line protocol that supersedes Serial Line Internet Protocol (SLIP). It's part of the standard TCP/IP suite and is often used in dial-up connections.
An extension to Point-to-Point Protocol (PPP) that is used in virtual private networks (VPNs). An alternative to PPTP is L2TP.
Rules or standards governing usage.
An attribute of some viruses that allows them to mutate and appear differently each time they crop up. The mutations make it harder for virus scanners to detect (and react) to the viruses.
See Post Office Protocol (POP).
See Post Office Protocol Version 3 (POP3).
Some kind of opening that allows network data to pass through.
A means of translating between ports on a public and private network. Similar to Network Address Translation (NAT), which translates addresses between public and private.
The item (physical or software) that scans a server for open ports that can be taken advantage of. Port scanning is the process of sending messages to ports to see which ones are available and which ones aren't.
Anything that occurs "after the fact," such as an audit or review.
An e-mail access program that can be used to retrieve e-mail from an e-mail server.
The protocol used to download e-mail from an SMTP e-mail server to a network client. See also Simple Mail Transfer Protocol (SMTP).
See Plain Old Telephone Service (POTS).
A device that "conditions" the electrical supply to take out spikes and surges.
A device that provides electrical power.
See Point-to-Point Protocol (PPP).
See Point-to-Point Tunneling Protocol (PPTP).
The sixth layer of the OSI model; responsible for formatting data exchange, such as graphic commands, and converting character sets. This layer is also responsible for data compression, data encryption, and data stream redirection. See also Open Systems Interconnection (OSI) model.
The process of controlling access to evidence within chain-of-custody measures, often by placing it in a controlled-access area with a single custodian responsible for all access.
An implementation of RSA encryption. See also RSA.
A state of security in which information isn't seen by unauthorized parties without the express permission of the party involved.
A system that allows users to connect voice, data, pagers, networks, and almost any other application into a single telecommunications system. A PBX system allows an organization to be its own phone company.
Information that isn't for public knowledge.
An asymmetric encryption technology in which both the sender and the receiver have different keys. A public key is used to encrypt messages and the private key is used to decrypt them. See also public key.
The part of a network that lies behind a firewall and isn't "seen" on the Internet. See also firewall.
An audit performed to verify that no user is accessing information, or able to access information, beyond the security level at which they should be operating.
The result when a user obtains access to a resource they wouldn't normally be able to access. Privilege escalation can be done inadvertently, by running a program with Set User ID (SUID) or Set Group ID (SGID) permissions or by temporarily becoming another user (via su or sudo in Unix/Linux or RunAs in Windows 2000/2003).
The list of processes currently running on a system. In Windows NT/2000, it can be seen with Task Manager; the ps command shows it in Unix/Linux. Viewing a process list is one of the first steps to take to look for rogue processes running on a server.
A mode wherein a network interface card (NIC) intercepts all traffic crossing the network wire and not just the traffic intended for it.
A software and hardware troubleshooting tool that is used to decode protocol information to try to determine the source of a network problem and to establish baselines.
Standards or rules.
A type of firewall that prevents direct communication between a client and a host by acting as an intermediary. See also firewall.
An implementation of a web proxy. The server receives an HTTP request from a web browser and makes the request on behalf of the sending workstation. When the response comes, the proxy cache server caches a copy of the response locally. The next time someone makes a request for the same web page or Internet information, the proxy cache server can fulfill the request out of the cache instead of having to retrieve the resource from the Web.
A proxy server that also acts as a firewall, blocking network access from external networks.
A type of server that makes a single Internet connection and services requests on behalf of many users.
Information that is publicly made available to all.
A technology that uses two keys—a public key and a private key—to facilitate communication. The public key is used to encrypt a message to a receiver. See also private key.
A set of voluntary standards created by RSA security and industry security leaders.
A two-key encryption system wherein messages are encrypted with a private key and decrypted with a public key.
The Internet Engineering Task Force (IETF) working group developing standards and models for the Public Key Infrastructure (PKI) environment.
The part of a network outside a firewall that is exposed to the public. See also firewall.
An encryption system employing a key that is known to users beyond the recipient.
18.189.170.208