Skip To Content
Internode
Home About Internode Contact Internode Support Products Business Residential
Home - Support - Security - Glossary


Customer Security

A glossary for Internet security terms.
  • Advanced Encryption Standard (AES) - a method of encryption that uses strong keys, most commonly used by WPA2 to secure wireless connections and is currently the most popular method of encryption used worldwide. It is approved by the NSA for use with Top Secret Material.
  • Alert - a warning indicating a potential problem with your system or network.
  • Attack - an active attempt to breach the security of a system.
  • Authentication - the method of establishing the identity of the correct person or user. Typically presented in the form of user-name and password request on a website, forums, banking, email and so on.
  • Bot/Zombie - an automated system typically used to issue attacks under the command of a controller. The attack typically involves several bots. Other forms of bots can be automated systems that send responses on messaging clients and ‘pretend’ to be human but attempt to gain information or advertise products. A collection of bots are typically called BotNet.
  • Breach (Compromise) - a successful attack, usually through a operating system or application vulnerability, used to compromise a system.
  • Brute Force - an attack where all possibilities are tried in a procedural way. For example if brute forcing a 4 number code the process would be similar to the following:
    • 0000
    • 0001
    • 0002
    And so on. These methods can take quite some time. The length of time depends on the number of characters in the password and complexity of the overall password.
  • Crack - a modification to an application that may alter its intended function, typically used to bypass a programs security, often a hive for viruses and malware.
  • Compromised System - a system that is compromised is no longer trustworthy, having been infiltrated by a malicious user or program.
  • Denial of Service - a form of attack that is intended to disrupt or deny access to a system or resource such as a website by overloading its capacity causing it to fail. Distributed Denial of Service (DDOS) attacks occur when multiple machines attack a single target.
  • Data Encryption Standard (DES) - a method of encryption that is popular for use, but is not as secure or as transparent in design as AES.
  • Encryption - the process of transforming information in such a way that it cannot be understood without the relevant key to decipher ("unlock") it.
  • Firewall - helps prevent your computer from being compromised by an attacker, by inspecting all traffic passing through and assessing whether it is legitimate. Many home broadband routers have inbuilt firewalls.
  • Keylogger - a piece of software that records all key inputs within a computer, these can be used in both malicious and legitimate purposes. Keyloggers are generally considered an invasion of privacy; malicious uses involve the collection of credit card details, passwords and account details.
  • Malware - software or code written with malicious intent, it includes Viruses, Spyware, Trojans, worms and other malicious software.
  • Local Area Network (LAN) - typically a group of computers in a local area (such as the same building) that generally share a single outward connection or gateway to the Internet.
  • Passphrase - similar to a password but usually significantly longer and contains multiple words.
  • Password - a word or combination of letters, numbers and symbols that is used either by itself or in combination with a username to gain access to a secured place such as a website, a computer or a router.
  • Peer to Peer (P2P) - networking protocols and software that share between end users rather then the traditional Client-Server connection. A common use for peer to peer protocols is sharing files between users, legally or illegally.
  • Phishing - emails or websites that attempt to imitate a legitimate site or email in order to obtain users details for malicious use.
  • Pop-up - advertisements that ‘pop up’ in their own window to advertise a product in an attention grabbing way. Most browsers have in-built defences against pop-ups.
  • Port - ports are used so traffic does not get misdirected to the wrong application on your computer. Each software application has a pre-assigned or "on the spot" negotiated port.
  • Root kit - a piece of code or several pieces of code intended to hide that a system has been compromised by other software. They commonly are used as a conduit for malicious software to exploit to gain greater access than intended allowing them to do far more damage than may normally be possible.
  • Script Kiddies - people who use other peoples attack scripts without necessarily understanding them to attack systems or networks connections, hence the reference to someone young and inexperienced.
  • Spam - unsolicited email that is typically sent in the attempt to generate income through advertising products. It is believed that a large percentage of email is spam, perhaps more than 80%.
  • Spyware - software that monitors the behaviour of a user (such as browsing habits) which can add additional advertisements to ones browsing experience targeted depending on their activities. These can occur even when not browsing in the form of a pop-up. Spyware is often poorly written and can impact on system performance negatively.
  • Social Engineering - the method of positioning one’s self where one can glean information or access they would not have otherwise, by manipulating people. A good example of this would be a person masquerading as an employee to gain access to offices and information.
  • Secure Socket Layer (SSL) - an encrypted layer used for temporary connections to ensure they cannot be snooped viewed without permission, often used to secure web browsing.
  • Temporal Key Integrity Protocol (TKIP) - a rotating time-based encryption protocol that ensures that a key is not repeated for some time, to help prevent keys from being used multiple times in succession. TKIP is typically used with wireless WEP and WPA security; while it can be used with WPA2, it is not advisable.
  • Trojan - a piece of software that can allow for unauthorised remote control of a computer without the users knowledge. Typically these gain access to a system under the guise of a legitimate piece of software. The name is derived from the story of the Trojan Horse from Greek mythology.
  • Update/Patch/Service Pack - software that updates the existing software to fix bugs or add new features. These are typically provided free by the developer and should be applied promptly.
  • Username - the identifier name for an account within a system, typically combined with a password to gain access.
  • Virus - a self replicating piece of code that can impact system performance by causing actions that are not intended by the end user to occur. These are typically malicious and contain a payload that can have a variety of effects.
  • Virus Scanner - an application that uses various methods to find malicious software. These can be simple or robust. They can include active scanners that scan all current activities for malicious code signatures. Upon discovery of this signature they can either remove the offending file automatically, move the file to a safe location (quarantine) or attempt to clean the offending file whilst leaving it in place.
  • Virtual Private Network (VPN) - a method of connecting machines or networks on the Internet into a private network, usually with encryption and authentication. This is most commonly used by people connecting to work networks from their home Internet connection. Once authenticated, the machine is virtually connected to the work network as if they were at the work location.
  • War Driving/War Walking - the act of finding unsecured wireless networks and using the connection for personal or malicious uses. Some people who find a connection may mark or ‘chalk’ this location for others to know of and use. This can be prevented by use of well-secured wireless networks.
  • Wide Area Network (WAN) - a network that is of an extended size typically over multiple campuses or buildings. The Internet is the largest form of WAN.
  • Wired Equivalent Privacy (WEP) - a form of wireless encryption used in securing a wireless connection that has serious flaws, and is no longer seen as a reliable method to secure a wireless connection.
  • Worm - a form of self replicating malware that delivers itself through network connections, spreading and infesting a network causing congestion within network links and slow downs.
  • WiFi Protected Access (WPA) - a form of wireless encryption used in wireless routers to secure a connection between the router and device (laptop etc). The successor to WEP, WPA2 is the improved variant.
  • Zero-Day Exploit - an operating system and application security vulnerability that has an already known exploit, but does not yet have a patch released for it.