previous next Title Contents

Appendix 2 Glossary

Active Content WWW pages which contain references to programs which are downloaded and executed automatically by WWW browsers.

ActiveX Software components which will be downloaded automatically with a WWW page and executed by Microsoft, Inc.'s Internet Explorer WWW browser.

Applets Small applications written in various programming languages which are automatically downloaded and executed by applet-enabled WWW browsers

Browser A client program used to interact on the WWW

Firewall A method of protecting a network against security threats from other systems and networks by centralizing and controlling access to the network using a combination of hardware and software controls.

FTP File Transfer Protocol. A means to exchange files across a network.

Gopher Protocol designed to allow a user to transfer text or binary files among computer hosts across networks.

HTML The HyperText Markup Language. The mechanism used to create Web pages.

HTTP The HyperText Transport Protocol. The native protocol of the Web, used to transfer hypertext documents

Java A new programming language invented by Sun Microsystems, Inc. It can be used as a general purpose application programming language with built-in networking libraries. It can also be used to write small applications called applets. The execution environment for Java applets is intended to be safe, that is, executing an applet should not modify anything outside the WWW browser.

Killer packets A method of disabling a system by sending Ethernet or IP packets which exploit bugs in the networking code to crash the system.

Mailbombing Flooding a site with enough mail to overwhelm its email system. Used to hide or prevent receipt of email during an attack, or as a retaliation against a site.

News (Network News Transfer Protocol, NNTP) Protocol for Usenet news distribution. Usenet is a system for asynchronous text discussion in topic subdivisions called newsgroups.

Plug-in A set of dynamically linked libraries which are used to augment the functionality of a host program, such as a WWW browser. They are usually used to allow a WWW browser to display and manipulate data in proprietary formats, or to add new features tot he display or manipulation of a standard format.

Shoulder surfing Stealing passwords or PINs by looking over someone's shoulder.

Social Engineering Subverting information system security by using non-technical, i.e., social means.

Spamming Posing identical messages to multiple unrelated UNENET newsgroups. Often used as cheap advertising, to promote pyramid schemes, or simply to annoy other people.

Spoofing Using various techniques to subvert IP-based access control by masquerading as another system by using their IP address.

SSL The Security Socket Layer Protocol. Invented by Netscape Communications, Inc. This protocol provides end-to-end encryption of application layer network traffic

SYN floods A method of disabling a system by sending more SYN packets than its networking code can handle. See Killer packets.

Telnet Protocol used for (possibly remote) login to a computer host

USENET An email-based discussion system, originally supported by dial-up connections, now usually accessed via TCP/IP.

Virus A small program that inserts itself into another program when executed.

Worm A program which copies itself from system to system via the network.

previous next Title Contents