Hacking+(36)

Back to Home

|| || || || || || || || || || || || || || || || || Back to Home
 * Air Gap || -is a security measure often taken for computers and computer networks that must be extraordinarily secure. It consists of ensuring that a secure network is completely physically, electrically, and electromagnetically isolated from insecure networks, such as the public Internet or an insecure local area network. ||
 * Backdoor || -is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit. ||
 * Botnet || -is a collection of software agents, or robots, that run autonomously and automatically. The term is most commonly associated with IRC bots and more recently malicious software, but it can also refer to a network of computers using distributed computing software.
 * Cracker || -coined in an effort to distinguish between those adhering to the historical use of the term "hack" within the programmer community and those performing computer break-ins. ||
 * Data Execution Prevention (DEP) || -is a security feature that is intended to prevent an application or service from executing code from a non-executable memory region. DEP runs in two modes: hardware-enforced DEP for CPUs that can mark memory pages as nonexecutable, and software-enforced DEP with a limited prevention for CPUs that do not have hardware support.
 * Data Theft || -is a growing problem primarily perpetrated by office workers with access to technology. Employees often feel they have some right to the information and are inclined to copy and/or delete part of it when they leave the company, or misuse it while they are still in employment.
 * Dictionary Attack || - is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities. A dictionary attack uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary, derived from a list of words for example a dictionary or a bible. ||
 * Denial of Service (DoS) || -is an attempt to make a computer resource unavailable to its intended users and consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.
 * Distributed Denial of Service (DDoS) || -occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.
 * Fuzzing || -is a software testing technique that provides invalid, unexpected, or random data to the inputs of a program. If the program fails (for example, by crashing or failing built-in code assertions), the defects can be noted. ||
 * Honeypot || -is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers. ||
 * Identity Theft || -is a form of fraud or cheating of another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. The victim of identity theft can suffer adverse consequences if he or she is held accountable for the perpetrator's actions.
 * Intrusion Detection System (IDS) || -is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports by identifying possible incidents, logging information about them, attempting to stop them, reporting them to security administrators and identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies.
 * Keystroke Logging (keylogging) || is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous keylogging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
 * Logic Bomb || -is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met and is unwanted and unknown to the user of the software. ||
 * Malware || -is software designed to secretly access a computer system without the owner's informed consent and is hostile, intrusive, or annoying software or program code.
 * Man-in-the-Middle Attack (MITM) || -is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances.
 * Packet Sniffer || -is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams flow across the network, the sniffer captures each packet and, if needed, decodes and analyzes its content according to the appropriate RFC or other specifications. ||
 * Phishing || -is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. ||
 * Privelege Escalation || -is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions. ||
 * Rainbow Table Attack || -is an attack used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function, making attacks against hashed passwords feasible. ||
 * Rootkit || -is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality, other applications and by hiding applications that appropriate computing resources or steal passwords without the knowledge of administrators and users of affected systems. Rootkits can target firmware, a hypervisor, the kernel, or—most commonly—user-mode applications. ||
 * Sandbox || -is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users. The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. ||
 * Social Engineering || -is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. ||
 * Spoofing || -is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
 * Spyware || -is a type of malware that can be installed on computers and collects little bits of information at a time about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. ||
 * Threat || -is a possible danger that might exploit a vulnerability and is a potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. ||
 * Time Bomb || -refers to a computer program that has been written so that it will stop functioning after a predetermined date or time is reached.
 * Trojan || -is malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system.
 * Virus || -is a computer program that can copy itself and infect a computer. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer.
 * Vulnerability || -is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. ||
 * Wardriving || -is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer or PDA.
 * Whaling || -is someone going after a specific target and formulating messages to appeal specifically to that target. In many cases, the person being whaled is a high profile executive who stands to lose more than the average Joe. ||
 * Worm || -is a self-replicating malware computer program that uses a computer network to send copies of itself to other nodes and it may do so without any user intervention.
 * Zero Day Exploit || -is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer. Zero-day exploits are used or shared by attackers before the developer of the target software knows about the vulnerability. ||
 * Zombie || -is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse. Generally, a compromised machine is only one of many in a botnet, and will be used to perform malicious tasks of one sort or another under remote direction. Because the owner tends to be unaware, these computers are metaphorically compared to zombies.