Web security tools Definitions

  • A

    anonymous Web surfing (Web anonymizer, SafeWeb)

    Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.

  • B

    browser hijacker (browser hijacking)

    A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.

  • buffer overflow

    A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow exploits may enable remote execution of malicious code or denial of service attacks.

  • C

    cache cramming

    Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run.

  • cache poisoning (domain name system poisoning or DNS cache poisoning)

    Cache poisoning, also called domain name system (DNS) poisoning or DNS cache poisoning, is the corruption of an Internet server's domain name system table by replacing an Internet address with that of another, rogue address.

  • content filtering (information filtering)

    On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable.

  • cookie poisoning

    On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.

  • cross-site scripting (XSS)

    Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.

  • D

    dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks.

  • DNS attack

    A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system (DNS).

  • G

    greynet (or graynet)

    Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department.

  • H

    honey monkey

    A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system expressly set up to attract and "trap" people who attempt to penetrate other people's computers... (Continued)

  • I

    information security (infosec)

    Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information.

  • J

    JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close