MAC Address

A physical address; a Hexadecimal value that uniquely identifies that network device from every other device on the planet.

Malicious Code

Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.

Malware

A generic term for a number of different types of malicious code.

Multi-Cast

Broadcasting from one host to a given set of hosts.

Multiplexing

To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.

NAT

Network Address Translation. It is used to share one or a small number of publically routable IP addresses among a larger number of hosts. The hosts are assigned private IP addresses, which are then "translated" into one of the publicaly routed IP addresses. Typically home or small business networks use NAT to share a single DLS or Cable modem IP address. However, in some cases NAT is used for servers as an additional layer of protection.

OSI

OSI (Open Systems Interconnection) is a standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network. Its purpose is to guide product implementers so that their products will consistently work with other products. The reference model defines seven layers of functions that take place at each end of a communication. Although OSI is not always strictly adhered to in terms of keeping related functions together in a well-defined layer, many if not most products involved in telecommunication make an attempt to describe themselves in relation to the OSI model. It is also valuable as a single reference view of communication that furnishes everyone a common ground for education and discussion.

OSI layers

The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. Each communicating user or program is at a computer equipped with these seven layers of function. So, in a given message between users, there will be a flow of data through each layer at one end down through the layers in that computer and, at the other end, when the message arrives, another flow of data up through the layers in the receiving computer and ultimately to the end user or program. The actual programming and hardware that furnishes these seven layers of function is usually a combination of the computer operating system, applications (such as your Web browser), TCP/IP or alternative transport and network protocols, and the software and hardware that enable you to put a signal on one of the lines attached to your computer. OSI divides telecommunication into seven layers. The layers are in two groups. The upper four layers are used whenever a message passes from or to a user. The lower three layers (up to the network layer) are used when any message passes through the host computer or router. Messages intended for this computer pass to the upper layers. Messages destined for some other host are not passed up to the upper layers but are forwarded to another host. The seven layers are: Layer 7: The application layer...This is the layer at which communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. (This layer is not the application itself, although some applications may perform application layer functions.) Layer 6: The presentation layer...This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another (for example, from a text stream into a popup window with the newly arrived text). Sometimes called the syntax layer. Layer 5: The session layer...This layer sets up, coordinates, and terminates conversations, exchanges, and dialogs between the applications at each end. It deals with session and connection coordination. Layer 4: The transport layer...This layer manages the end-to-end control (for example, determining whether all packets have arrived) and error-checking. It ensures complete data transfer. Layer 3: The network layer...This layer handles the routing of the data (sending it in the right direction to the right destination on outgoing transmissions and receiving incoming transmissions at the packet level). The network layer does routing and forwarding. Layer 2: The data-link layer...This layer provides synchronization for the physical level and does bit-stuffing for strings of 1's in excess of 5. It furnishes transmission protocol knowledge and management. Layer 1: The physical layer...This layer conveys the bit stream through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier.

Password Cracking

Password cracking is the process of attempting to guess passwords, given the password file information.

Password Sniffing

Passive wiretapping, usually on a local area network, to gain knowledge of passwords.

Payment Card Industry (PCI)

The Payment Card Industry (PCI) Data Security Standard was jointly developed by Visa and MasterCard in December 2004, to simplify compliance for merchants and payment processors. The PCI standard has 6 core areas and 12 requirements, covering a broad scope of best practices for perimeter security, data privacy, and layered security.

Any business that deals with credit card data -- whether they're processing, transmitting, or storing it -- needs to abide by the PCI standard or risk having their credit card transaction privileges revoked.

Penetration

Gaining unauthorised logical access to sensitive data by circumventing a system's protections.

Penetration Testing

Penetration testing is used to test the external perimeter security of a network or facility.

Pharming

This is a more sophisticated form of MITM attack. A user’s session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading website’s IP. Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website. Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website. At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website.

Phishing

The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site looks like they are part of a bank the user is doing business with.

Ping of Death

An attack that sends an improperly large ICMP echo request packet (a "ping") with the intent of overflowing the input buffers of the destination machine and causing it to crash.

Ping Scan

A ping scan looks for machines that are responding to ICMP Echo Requests.

Ping Sweep

An attack that sends ICMP echo requests ("pings") to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities.

Quality of Service (QoS)

Quality of Service (QoS) measures the consistency with which certain standards of IP packet and data services are met. Dependable, high-quality service is a key concern of network administrators for critical applications and protocols. As applications and devices use more and more bandwidth, QoS becomes more important as a tool to guarantee a known level of application availability.

One of the key concerns in maintaining QoS is ensuring that critical or time-sensitive applications receive priority over other traffic. For instance, Voice-over-IP (VoIP) packets should receive higher priority than typical data transfers so that users do not experience dropped phrases or delays

Reverse Proxy

A reverse proxy is a device or server placed in front of a Web server. Incoming requests are handled by the proxy sever, which retrieves information from the Web server and then forwards it to the user. A reverse proxy can also be deployed to handle SSL acceleration, load balancing, intelligent compression, and caching.