Online Security

Botnet

A botnet refers to a type of bot running on an IRC network that has been created with a trojan. When an infected computer is on the Internet the bot can then start up an IRC client and connect to an IRC server. The Trojan will also have been coded to make the bot join a certain chat room once it has connected. Multiple bots can then join in one channels and the person who has made them can now spam IRC chat rooms, launch huge numbers of Denial of Service attacks against the IRC servers causing them to go down.

Browser hijacker

A common spyware program that automatically changes your web browser\'s home page, even if you change it back.

Buffer Overflow

The condition wherein the data transferred to a buffer exceeds the storage capacity of the buffer and some of the data “overflows” into another buffer, one that the data was not intended to go into. Since buffers can only hold a specific amount of data, when that capacity has been reached the data has to flow somewhere else, typically into another buffer, which can corrupt data that is already contained in that buffer. Malicious hackers can launch buffer overflow attacks wherein data with instructions to corrupt a system are purposely written into a file in full knowledge that the data will overflow a buffer and release the instructions into the computer’s instructions

Computer Worm

A self-reproducing program which is distinguished from a virus by copying itself without being attached to a program file, or which spreads over computer networks, particularly via email.

Crimeware

A type of malicious software that is designed to commit crimes on the Internet. Crimeware may be a virus, spyware or other deceptive piece of software that can be used to commit identity theft and fraud. See also malware.

Cyber Crime

Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.

CyberCrimes

Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.

DDoS Attack

On the Internet, a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users. A hacker (or, if you prefer, cracker) begins a DDoS attack by exploiting a vulnerability in one computer system and making it the DDoS (master.) It is from the master system that the intruder identifies and communicates with other systems that can be compromised. The intruder loads cracking tools available on the Internet on multiple -- sometimes thousands of -- compromised systems. With a single command, the intruder instructs the controlled machines to launch one of many flood attacks against a specified target. The inundation of packets to the target causes a denial of service. While the press tends to focus on the target of DDoS attacks as the victim, in reality there are many victims in a DDoS attack -- the final target and as well the systems controlled by the intruder.

DoS Attack

Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.

Facebook Forced Invite

On the Facebook social networking site, a forced invite is a term associated with Facebook applications. After installing some applications, users are then directed to a page where they are prompted to invite their Facebook friends to also install the application. Some applications require users to send these requests to successfully complete the installation of the application itself. In February 2008 Facebook updated its Facebook Platform Policy stating that the application must present the user with a friend invite page that includes a Facebook-rendered Skip, Cancel, or Skip This Step button, or provide users with an alternative means to navigate off the friend invite page.

Hacker

A slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s). Among professional programmers, depending on how it used, the term can be either complimentary or derogatory, although it is developing an increasingly derogatory connotation. The pejorative sense of hacker is becoming more prominent largely because the popular press has coopted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. Hackers, themselves, maintain that the proper term for such individuals is cracker.

Identity Theft

Keylogger

A keylogger is a type of surveillance software (considered to be either software or spyware) that has the capability to record every keystroke you make to a log file, usually encrypted. A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and Web site URLs you visit. Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware allowing your information to be transmitted to an unknown third party.

Keystroke logger

Hardware device or a software program that records each keystroke made on a particular computer. Marketed as a way for parents to monitor their children(s) activities on a computer, keystroke loggers are sometimes downloaded unwittingly by users. The keystroke logger then records the keystrokes and periodically uploads the information over the internet.

Malware

Short for malicious software, software designed specifically to damage or disrupt a system, such as a virus or a Trojan horse.

Obfuscated URL

Also called a hyperlink trick, an obfuscated URL is a type of attack where the real URL that a user is directed to is obfuscated — or concealed — to encourage the user to click-through to the spoof Web site. For example, the attacker may use a cleverly misspelled domain name (e.g. PayPals.com instead of PayPal.com), or hide the actual URL in friendly text, such as (click here to verify your account now). Obfuscated URLs are commonly used in phishing attacks and other spam e-mails.

Phishing

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. Phishing, also referred to as brand spoofing or carding, is a variation on (fishing), the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Port Scan

A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a “well-known” port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed for weakness.

RAT

Short for Remote Access Trojan, a Trojan horse that provides the intruder, or hacker, with a backdoor into the infected system. This backdoor allows the hacker to snoop your system, use your infected system to launch a zombie (attacks on other systems), or even run malicious code.

Rootkit

A rootkit is a type of malicious software that is activated each time your system boots up. Rootkits are difficult to detect because they are activated before your system(s) Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept data from terminals, network connections, and the keyboard.

Skimming

The act of using a skimmer to illegally collect data from the magnetic stripe of a credit, debit or ATM card. This information, copied onto another blank card(s) magnetic stripe, is then used by an identity thief to make purchases or withdraw cash in the name of the actual account holder. Skimming works by replacing a card reader like an ATM with a camouflaged counterfeit card reader. The counterfeit reader records all of the data on a credit, debit or ATM card as it passes through the skimmer. In addition to ATMs, other locations where card skimming happens include restaurants, taxis or other businesses where an employee will take the card from the actual account holder in order to run the charge. In these instances, the thief has fitted the card reader with a skimmer, or uses a hand-held skimmer hidden in a pocket.

Social Engineering

In the realm of computers, the act of obtaining or attempting to obtain otherwise secure data by conning an individual into revealing secure information. Social engineering is successful because its victims innately want to trust other people and are naturally helpful. The victims of social engineering are tricked into releasing information that they do not realize will be used to attack a computer network. For example, an employee in an enterprise may be tricked into revealing an employee identification number to someone who is pretending to be someone he trusts or representing someone he trusts. While that employee number may not seem valuable to the employee, which makes it easier for him to reveal the information in the first place, the social engineer can use that employee number in conjunction with other information that has been gathered to get closer to finding a way into the enterprise’s network. Phishing is a type of security attack that relies on social engineering in that it lures the victim into revealing information based on the human tendency to believe in the security of a brand name because they associate the brand name with trustworthiness.

Spam

Electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited e-mail. However, if a long-lost brother finds your e-mail address and sends you a message, this could hardly be called spam, even though its unsolicited. Real spam is generally e-mail advertising for some product sent to a mailing list or newsgroup.

Spear Phishing

A type of phishing attack that focuses on a single user or department within an organization, addressed from someone within the company in a position of trust and requesting information such as login IDs and passwords. Spear phishing scams will often appear to be from a company(s) own human resources or technical support divisions and may ask employees to update their username and passwords. Once hackers get this data they can gain entry into secured networks. Another type of spear phishing attack will ask users to click on a link, which deploys spyware that can thieve data.

Spyware

Any software that covertly gathers user information through the user(s) Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today. Aside from the questions of ethics and privacy, spyware steals from the user by using the computer(s) memory resources and also by eating bandwidth as it sends information back to the spyware(s) home base via the user(s) Internet connection. Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability. Because spyware exists as independent executable programs, they have the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the Web browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party. Licensing agreements that accompany software downloads sometimes warn the user that a spyware program will be installed along with the requested software, but the licensing agreements may not always be read completely because the notice of a spyware installation is often couched in obtuse, hard-to-read legal disclaimers.

Trojan Horse

A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer. The term comes from the a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, later Greek soldiers climbed out of the horses hollow belly, and open the city gates allowing their compatriots to pour in and capture Troy. Trojan horses are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horses are: * Remote Access Trojans * Data Sending Trojans * Destructive Trojans * Proxy Trojans * FTP Trojans * security software disabler Trojans * denial-of-service attack (DoS) Trojans

Virus

A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.

Vishing

The telephone equivalent of phishing. Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and fools the victim into thinking he or she will profit.

Wardriving

The act of driving around in a vehicle with a laptop computer, an antenna, and an 802.11 wireless LAN adapter to exploit existing wireless networks. Set on promiscuous mode, the wireless adapter,typically a NIC, will receive packets within its range. Wardriving exploits wireless networks that have ranges that extend outside the perimeter of buildings in order to gain free internet access or illegal access to an organization’s data. One safeguard against wardriving is using the WPA encryption standard.

Worm

A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer(s) resources and possibly shutting the system down.

Zombie

A computer that has been implanted with a daemon that puts it under the control of a malicious hacker without the knowledge of the computer owner. Zombies are used by malicious hackers to launch DoS attacks. The hacker sends commands to the zombie through an open port. On command, the zombie computer sends an enormous amount of packets of useless information to a targeted Web site in order to clog the site(s) routers and keep legitimate users from gaining access to the site. The traffic sent to the Web site is confusing and therefore the computer receiving the data spends time and resources trying to understand the influx of data that has been transmitted by the zombies. Compared to programs such as viruses or worms that can eradicate or steal information, zombies are relatively benign as they temporarily cripple Web sites by flooding them with information and do not compromise the site(s) data. Such prominent sites as Yahoo!, Amazon and CNN.com were brought down in 2000 by zombie DoS attacks.

Gloss Plugin made by: Joe Casabona