FBLA Cyber Security - Soumil Kothari

Packet Filtering or Packet Purity

analyzed against a set of filters. That make it though the filters are sent to the requesting system and others are discarded

Stateful Inspection

Compares certain key parts of the packet to a database of trusted information

IP Addresses

Blocks certain IP addresses or a range of IP addresses

Protocols

Decides which of the systems can allow or have access

Ports

Blocking or disabling ports of severs that are connected. Maintain the kind of data flow you want to see and close down possible entry points for hackers.

Keywords

will block any website that has to deal with certain predetermined keywords

IP

Internet Protocol. The main delivery system for information over the Internet

TCP

a protocol developed for the internet to get data from one network device to another

HTTP

Hyper Text Transfer Protocol

FTP

Files Transfer Protocol. Used to upload or download files

UDP

User Datagram Protocol. Used for information that requires no response. For example streaming audio or video

ICMP

Internet Control Message Protocol. Used by a router to exchange information with other routers

SMTP

Simple Mail Transport Protocol. Used to send text based information, email

SNMP

Simple Network Management Protocol. Used to collect system information from a remote computer

Telnet

used to preform commands on a remote computers

Remote Login

When someone connects to a computer via the Internet.

Application backdoor

Hidden access that provides some level of control of the program

SMTP Session Hijacking

by gaining access to a list of e mail addresses a person can send spam to thousands of users

Operating System Bugs

operating systems backdoors.

E-mail bombs

Large quantity of bulk e-mail that overwhelms an e-mail server preventing user access.

Macros

tools that allow a user to program repetitive tasks into the computer;s memory so that they can be quickly accomplished with the touch of a couple of keys that the user has selected

spam

unwanted e-mail (usually of a commercial nature sent out in bulk)

Redirect bombs

Hackers can use ICMP to change the path information take by sending it a different router.

Source Routing

Technique in which the originator of a packet can attempt to partially or completely control the path through the network to the destination.

Proxy Server

a server that all computers on the local network have to go through before accessing information on the Internet.

Adware

Any software application that displays advertising banners while the program's running. Authors may include additional code, which can be viewed thru pop-up windows or a bar that appears on the computer screen. Usually includes code that tracks a user's personal info & passes it on to 3rd parties, w/o the user's authorization or knowledge.

Alert

Notification that a specific attack has been directed at the information system of an organization.

Attack

Intentional act of attempting to bypass one or more computer security controls.

Audit Trail

A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Useful both for maintaining security and for recovering lost transactions.

Authenticate

To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information system, or to establish the validity of a transmission.

Authentication

Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information

Back Door

Hidden software or hardware mechanism used to circumvent security controls.

Backup

A copy of data and/or applications contained in the IT stored on magnetic media outside of the IT to be used in the event IT data are lost.

Blended Threat

A computer network attack that seeks to maximize the severity of damage and speed of contagion by combining methods, for example using characteristics of both viruses and worms, while also taking advantage of vulnerabilities in computers, networks, or other physical systems. An attack using a blended approach might send a virus via an e-mail attachment, along with a Trojan horse embedded in an HTML file that will cause damage to the recipient computer. Ex. Nimda, CodeRed, Bugbear.

Bots

Remote control agents installed on your system; often controlled remotely via Internet Relay Chat (IRC). Once a system is infected, it becomes part of a network and is used in conjunction with other infected members to carry out the wishes of the owner or herder. These can scan networks for vulnerabilities, install various Distributed Denial of Service (DDoS) tools, capture network packets, or download and execute arbitrary programs. Computers or systems infected can be used to distribute spam to make it harder to track and prosecute the spammers.

Broadband

The general term used to refer to high-speed network connections; typical for connections in excess of 1 Megabit per second (Mbps) to be so named.

Browser/Browser Settings

Configuration strategy to manage the risk associated with active content while still enabling trusted sites

Certification

The comprehensive evaluation of the technical and non-technical security features of an IT and other safeguards, made in support of the accreditation process, that establishes the extent to which a particular design and implementation meet a specified set of security requirements.

Ciphertext

Form of cryptography in which the plaintext is made unintelligible to anyone, who intercepts it by a transformation of the information itself, based on some key.

Configuration Management

The process of keeping track of changes to the system, if needed, approving them.

Contingency Plan

A plan for emergency response, backup operations, and post-disaster recovery maintained by an activity as a part of its security program that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.

Cookie

Pieces of information generated by a Web server and stored in the user's computer, ready for future access; embedded in the HTML information flowing back and forth between the user's computer and the servers; were implemented to allow user-side customization of Web information.

Countermeasures

Action, device, procedure, technique or other measure that reduces the vulnerability of an information system.

Data Driven Attack

A form of attack that is encoded in seemingly innocuous data which is executed by a user or a process to implement an attack; concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall.

Data Integrity

The state that exists when automated data is the same as that in source documents, or has been correctly computed from source data, and has not been exposed to alteration or destruction.

Denial of Service

Result of any action or series of actions that prevents any part of an information system from functioning.

Dial-Up

The service whereby a computer terminal can use the telephone to initiate and effect communication with a computer.

Dictionary Attack

An attack that uses a brute-force technique of successively trying all the words in some large, exhaustive list.

Digital Signature

A way to verify that an email message is really from the person who supposedly sent it and that it hasn't been changed. You may have received emails that have a block of letters and numbers at the bottom of the message- this mathematical algorithm is used to combine the information in a key with the information in the message. The result is a random-looking string of letters and numbers.

Distributed Tool

A tool that can be distributed to multiple hosts, which can then be coordinated to anonymously perform an attack on the target host simultaneously after some time delay.

DNS Spoofing

Assuming the name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

DSL

Digital Subscriber Line Internet connectivity, unlike cable modem-based service, provides the user with dedicated bandwidth. However, the maximum bandwidth available to is usually lower than the maximum cable modem rate because of differences in their respective network technologies. Also, the "dedicated bandwidth" is only dedicated between your home and the provider's central office -- the providers offer little or no guarantee of bandwidth all the way across the Internet.

Encryption

The translation of data into a secret code; the most effective way to achieve data security. To read these files, you must have access to a secret key or password that enables you to decrypt it.

EULA

A contract between you and the software's vendor or developer. Some software packages state that you agree to the contract by removing the shrink-wrap on the package. However, you may be more familiar with the type of this that is presented as a dialog box that appears the first time you open the software. It usually requires you to accept the conditions of the contract before you can proceed.

Firewall

A system designed to prevent unauthorized access to or from a private network; can be implemented in both hardware and software, or a combination of both; frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through this, which examines each message and blocks those that do not meet the specified security criteria.

Flooding

Type of incident involving insertion of a large volume of data resulting in denial of service.

Gateway

A bridge between two networks.

Hacker

Unauthorized user who attempts to or gains access to an information system.

Internet

A global network connecting millions of computers; has more than 200 million users worldwide, and that number is growing rapidly.

Intranet

A network based on an internet belonging to an organization, usually a corporation, accessible only by the organization's members, employees, or others with authorization. Its Web sites look and act just like any other Web sites, but the firewall surrounding it fends off unauthorized access.

Intrusion

Unauthorized act of bypassing the security mechanisms of a system.

ISP

Who provides you with internet services

Malicious Code

Software capable of performing an unauthorized process on an information system.

Management Controls

Security methods that focus on the management of the computer security system and the management of risk for a system.

Mobile Code

Software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution by the recipient. Malicious types of this are designed, employed, distributed, or activated with the intention of compromising the performance or security of information systems and computers, increasing access to those systems, disclosing unauthorized information, corrupting information, denying service, or stealing resources.

Operation Controls

Security methods that focus on mechanisms that primarily are implemented and executed by people (as opposed to systems).

Packet

A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and message.

Packet Filtering

A feature incorporated into routers to limit the flow of information based on pre-determined communications such as source, destination, or type of service being provided by the network; let the administrator limit protocol specific traffic to one network segment, isolate email domains, and perform many other traffic control functions.

Packet Sniffer

A device or program that monitors the data traveling between computers on a network.

Patches (Software Patches)

Updates that fix a particular problem or vulnerability within a program. Sometimes, instead of just releasing this vendors will release an upgraded version of their software.

Pharming

Seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof Web sites which appear legitimate, pharming 'poisons' a DNS server by infusing false information into the DNS server, resulting in a user's request being redirected elsewhere. Your browser, however will show you are at the correct Web site, which makes pharming a bit more serious and more difficult to detect. It affects more people than phishing.

Phishing

Use email or malicious web sites to solicit personal, often financial, information. Attackers may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts

Probe

An attempt to gather information about an information system for the apparent purpose of circumventing its security controls.

Proxy

Software agent that performs a function or operation on behalf of another application or system while hiding the details involved.

RADIUS

An authentication and accounting system used by many Internet Service Providers (ISPs). When you dial in to the ISP you must enter your username and password. This information is passed to a RADIUS server, which checks that the information is correct, and then authorizes access to the ISP system.

Remote Access

The hookup of a computing device via communication lines such as ordinary phone lines or wide area networks to access network applications and information

Replicator

Any program that acts to produce copies of itself. Examples include; a program, a worm, or virus.

Retro-virus

A virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.

Risk Analysis

The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards.

Risk Management

Process of identifying, controlling, and eliminating or reducing risks that may affect IT resources.

Rootkit

A hacker security tool that captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more.

Security Incident

An adverse event in a computer system or the threat of such an event occurring.

Security Plan

Document that details the security controls established and planned for a particular system.

Security Specifications

A detailed description of the safeguards required to protect a system

Sensitive Data

Any information, the loss, misuse, modification of, or unauthorized access to, could affect the national interest or the conduct of Federal programs, or the privacy to which individuals are entitled under Section 552a of Title 5, U.S. Code, but has not been specifically authorized under criteria established by an Executive order or an act of Congress to be kept classified in the interest of national defense or foreign policy.

Smart Card

A credit-card-sized device with embedded microelectronics circuitry for storing information about an individual. This is not a key or token, as used in the remote access authentication process.

Smurfing

Software that mounts a denial of service attack by exploiting IP broadcast addressing and ICMP ping packets to cause flooding

Spam

To indiscriminately send unsolicited, unwanted, irrelevant, or inappropriate messages, especially commercial advertising in mass quantities.

Spim

Spam that is sent over Instant Messaging.

Spoofing

Unauthorized use of legitimate identification and authentication data, however it was obtained, to mimic a subject different from the attacker. Impersonating, masquerading, piggybacking, and mimicking are forms of this

Spyware

Any software using someone's Internet connection in the background without their knowledge or explicit permission. These applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with this. Once installed, the this monitors user activity on the Internet and transmits that information in the background to someone else. It can also gather information about e-mail addresses and even passwords and credit card numbers.

System Integrity

The quality that a system has when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.

Threat

Any circumstance or event with the potential to adversely impact an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service.

Trojan Horse

A malicious or harmful code contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk.

Virus

Self-replicating, malicious code that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence.

Vulnerability

A weakness in automated system security procedures, technical controls, environmental controls, administrative controls, internal controls, etc., that could be used as an entry point to gain unauthorized access to information or disrupt critical processing.

Web Bugs

HTML elements, often in the form of image tags, that retrieve information from a remote web site. While the image may not be visible to the user, the act of making the request can provide information about the user. These are often embedded in web pages or HTML-enabled email messages.

Worm

Independent program that replicates from machine to machine across network connections often clogging networks and information systems as it spreads.

Instant Messaging

Common communication using a computer.

E-mail Attachment

Files sent with E-mails that may contain malware