June 2007

  • Final exam: Web attack prevention and defense

    Discover how much you've learned about Web server security with this final exam on Web attack prevention and defense.

  • Malware: Glossary

    This is a glossary of terms related to malware.

  • Malicious Computer Code: Glossary

    This is a glossary of terms related to malicious computer code.

  • buffer overflow

    A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold.

  • white hat

    White hat describes a hacker (or, if you prefer, cracker) who identifies a security weakness in a computer system or network but, instead of taking malicious advantage of it, exposes the weakness i...

  • smurfing

    A smurf attack is an exploitation of the Internet Protocol (IP) broadcast addressing to create a denial of service.

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data. The practice is similar to eavesdropping but is not necessarily limited to gaining access to data dur...

  • war dialer

    A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem.

  • snoop server

    A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis.

  • phreak

    A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.

  • pharming

    Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.

  • man in the middle attack (fire brigade attack)

    A bucket brigade attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting their own public key for the requested one, so that the two...

  • packet monkey

    On the Internet, a packet monkey is someone (see cracker, hacker, and script kiddy) who intentionally inundates a Web site or network with data packets, resulting in a denial-of-service situation f...

  • Electrohippies Collective

    The Electrohippies Collective is an international group of hacktivists based in Oxfordshire, England, whose purpose is to express its displeasure with the use of the Internet "as a tool for corpora...

  • Google hacking (Google scanning or Engine hacking)

    Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet...

  • hijacking

    Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades...

  • ethical hacker

    An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.

  • Echelon

    Echelon is an officially unacknowledged U.S.-led global spy network that operates an automated system for the interception and relay of electronic communications.

  • hacktivism

    Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

  • gray hat (or grey hat)

    Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.