McConnell Technology & Training Center
Basic Computer Security Glossary of Terms
ADSL Asynchronous Digital Subscriber Line - a new technology that allows more data to be sent over existing copper telephone lines (POTS). ADSL supports data rates of from 1.5 to 9 Mbps when receiving data (known as the downstream rate) and from 16 to 640 Kbps when sending data (known as the upstream rate). A special modem is required for its use.
Adware Software used to obtain marketing information about you and your internet surfing habits. It is a form of spyware.
Anti-virus Software used to detect malicious code using known signatures. Because of its dependence on these signatures, which increase constantly, it is very important to update your anti-virus software regularly.
Bandwidth Generally, the amount of data that can be transmitted in a fixed amount of time. For digital devices, the bandwidth is usually expressed in bits per second(bps) or bytes per second.
Bastion Host A bastion host is a gateway between an inside network and an outside network. Used as a security measure, the bastion host is designed to defend against attacks aimed at the inside network.
Black Hat A person who breaks into your information system either through software, hardware, or social engineering for malicious intent.
Blogging A relatively new way of sharing information and opinions on the Internet through journaling rather than designing ineractive or animated web sites.
CIRT Computer Incident Response Team. A CIRT is a carefully selected and well-trained group of people whose purpose is to promptly and correctly handle an incident so that it can be quickly contained, investigated, and recovered from. It is usually comprised of members from within the company. They must be people that can drop what they are doing (or re-delegate their duties) and have the authority to take actions.
Cookie A message given to a Web browser by a Web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server.
The main purpose of cookies is to identify users and possibly prepare customized Web pages for them. When you enter a Web site using cookies, you may be asked to fill out a form providing such information as your name and interests. This information is packaged into a cookie and sent to your Web browser which stores it for later use. The next time you go to the same Web site, your browser will send the cookie to the Web server. The server can use this information to present you with custom Web pages. So, for example, instead of seeing just a generic welcome page you might see a welcome page with your name on it.
Coat-tailing Non-badged, unauthorized persons walking behind a badged, authorized employee to gain access to a facility or compound. Also called drafting.
Cracker A person who attempts to break into a computer system. The term was coined in the mid-80s by hackers who wanted to differentiate themselves from individuals whose sole purpose is to sneak through security systems. Whereas crackers sole aim is to break into secure systems, hackers are more interested in gaining knowledge about computer systems and possibly using this knowledge for playful pranks. Although hackers still argue that there's a big difference between what they do and what crackers do, the mass media has failed to understand the distinction, so the two terms -- hack and crack -- are often used interchangeably. 
DDoS  Distributed Denial of Service - A denial of service attack that floods the communication links or the web-site with erroneous data causing relevant traffic to go unserviced. It is executed by using many different computers, zombies, to send the bogus data at a synchronized appointed time.
DMZ A Demilitarized Zone is used by a company that wants to host its own Internet services without sacrificing unauthorized access to its private network.
The DMZ sits between the Internet and an internal network's line of defense, usually some combination of firewalls and bastion hosts.
Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP ) servers, FTP servers, SMTP (e-mail) servers and DNS servers. 
DoS  Denial of Service - An attack that floods the communication links or the web-site with erroneous data causing relevant traffic to go unserviced.
DSL Digital Subscriber Line - DSL technologies use sophisticated modulation schemes to pack data onto copper wires. They are sometimes referred to as last-mile technologies because they are used only for connections from a telephone switching station to a home or office, not between switching stations. 
An intelligence gathering technique accomplished by digging through trash/dumpsters to obtain valuable information such as credit card numbers, Social Security Numbers, or company sensitive /company proprietary information. A great deal of credit card fraud stems from thrown out receipts. 
Encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text. 
Extranet A buzzword that refers to an intranet that is partially accessible to authorized outsiders. Whereas an intranet resides behind a firewall and is accessible only to people who are members of the same company or organization, an extranet provides various levels of accessibility to outsiders. You can access an extranet only if you have a valid username and password, and your identity determines which parts of the extranet you can view.  
Firewall A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. 
Hacker A slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s). Among professional programmers, depending on how it used, the term can be either complimentary or derogatory, although it is developing an increasingly derogatory connotation. The pejorative sense of hacker is becoming more prominent largely because the popular press has coopted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. Hackers, themselves, maintain that the proper term for such individuals is cracker. 
Intranet A network based on TCP/IP protocols (an internet) belonging to an organization, usually a corporation, accessible only by the organization's members, employees, or others with authorization. An intranet's Web sites look and act just like any other Web sites, but the firewall surrounding an intranet fends off unauthorized access. 
An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. 
Prevention System
A system that sits on the network to detect behavior that precedes an attack, and blocks the originator from gaining access to the target internal information system
ISP Internet Service Provider - a company that provides access to the Internet. For a monthly fee, the service provider gives you a software package, username, password and access phone number. Equipped with a modem (either dial, cable, or DSL), you can then log on to the Internet and browse the World Wide Web and USENET, and send and receive e-mail. 
Logic bomb A malicious program (virus, worm, or trojan horse) that lies dormant until a preset time is reached to take action.
Malware Any malicious software such as a virus, worm, spyware, or trojan horse.
MIME Multipurpose Internet Mail Extensions - a specification for formatting non-ASCII messages so that they can be sent over the Internet. Many e-mail clients now support MIME, which enables them to send and receive graphics, audio, and video files via the Internet mail system. In addition, MIME supports messages in character sets other than ASCII. 
PayPal A third-party payment service used for making purchases on the internet
Port In TCP/IP and UDP networks, an endpoint to a logical connection. The port number identifies what type of port it is. For example, port 80 is used for HTTP traffic. Also see Well-Known TCP Port Numbers in the Quick Reference section of Webopedia.
An intelligence gathering action that entails looking over a persons shoulder to read or capture keystrokes and obtain their password as they type.
The act of acquiring information about an individual or company, such as telephone numbers, employee names or data, network or server information, or any type of confidential data by carrying on seemingly innocent conversations. 
Spam Electronic junk mail or junk newsgroup postings that are unsolicited e-mail. 
Spider A program that automatically fetches Web pages. Spiders are used to feed pages to search engines. It's called a spider because it crawls over the Web. Another term for these programs is webcrawler. 
Spoofing A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host. 
Spyware Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. 
A password composed of at least six characters combining upper and lower case letters, numbers, and special characters.
TCP / IP Transmission Control Protocol / Internet Protocol - the protocols used in networking to determine how sessions between networked devices are created and maintained, and how the data packets are shaped and sent.
URL Uniform Resource Locator - the global address of documents and other resources on the World Wide Web.
The first part of the address indicates what protocol to use, and the second part specifies the IP address or the domain name where the resource is located.
For example, the two URLs below point to two different files at the domain The first specifies an executable file that should be fetched using the FTP protocol; the second specifies a Web page that should be fetched using the HTTP protocol: 
Virus A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. 
War dialing The practice of utilizing a reiterative program to dial numbers to determine if a modem answers on the other end. Once a modem is found, the infiltrator will use other tools to try to exploit remote access controls through the modem.
A password that is easily guessed, such as the name of your friend, spouse, or pet, your birthday, or a dictionary word. 
In TCP/IP and UDP networks, a port is an endpoint to a logical connection and the way a client program specifies a specific server program on a computer in a network. Some ports have numbers that are preassigned to them by the IANA, and these are known as well-known ports (specified in RFC 1700). Port numbers range from 0 to 65536, but only ports numbers 0 to 1024 are reserved for privileged services and designated as well-known ports. Examples of well-known ports are : HTTP - port 80; FTP  - ports 20 and 21; HTTPS - port 443.
WEP Wireless Encryption Protocol - a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN. WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one end point to another.
White Hat A hacker that uses their computer skills to improve or identify program weaknesses rather than exploit them.
Worm A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down. 
Zombie A computer that has been implanted with a program that puts it under the control of a malicious hacker without the knowledge of the computer owner. Zombies are used by malicious hackers to launch DoS attacks. The hacker sends commands to the zombie through an open port. On command, the zombie computer sends an enormous amount of packets of useless information to a targeted Web site in order to clog the site's routers and keep legitimate users from gaining access to the site.
Reference :,