Glossary of Internet security terms
Internet hacks and attacks are part of an ever-changing, ever-expanding industry that hopes to fool or exploit PC users.
The best defense against such threats is education. We've created a glossary of the most common terms relating to Internet security to help CNET.com.au users navigate the dangers from A to Z.
ActiveX Controls
These controls link to any object -- traditionally dynamic content such
as tables and buttons that react to mouse clicks -- embedded within a
Web page. Although ActiveX controls help Web pages spring to life,
malicious programmers can easily use them as vehicles for downloading
spyware. Install a sturdy browser and firewall that screens your
ActiveX Controls, and download them with care, accepting ActiveX only
from trusted Web sites.
Adware
Typically, adware components install alongside a shareware or freeware
application. These advertisements create revenue for the software
developer and are provided with initial consent from the user. Adware
displays Web-based advertisements through pop-up windows or through an
advertising banner that appears within a program's interface.
Antispyware software
This is a broad term for programs designed to protect a computer from
adware and spyware. Almost all antispyware applications feature a
scanning engine, which detects suspicious items and removes them from
the infected machine. Some antispyware applications also include a
real-time-protection module, a shield that alerts users when suspicious
programs attempt to install themselves and allows users to deny them.
Backdoor programs
This refers to any software program that allows other users to control
machines remotely while hiding any evidence of the fact. Software
developers are the most common authors and users of backdoor programs,
adding them to make testing easier. Backdoor Trojan horses are spyware
programs that sabotage your PC. These specific Trojan horses force a
backdoor program onto your machine and infiltrate your system to
collect information or install spyware.
Bot
An Internet robot, shortened to "bot," is an automated program that
performs a specific timesaving function in lieu of a human operator,
such as a spider that trolls Web sites collecting data for market
research. Spyware bots secretly install through worms, Trojan horses,
and drive-by downloads. They are mostly used to carry out remote
attacks, such as denial-of-service (DoS) attacks.
Botnet
A botnet is a network of bots installed on multiple computers, each
running identical malware. A botnet can be controlled remotely via an
IRC (Internet Relay Chat) server or a peer-to-peer application.
Browser-helper object (BHO)
BHOs are files -- most frequently DLLs -- that add additional
functionality to Internet Explorer. Although many useful programs such
as Adobe Acrobat employ BHOs, these files also can be used for unsavory
purposes. BHOs associated with adware or spyware can monitor your
browsing activities, hijack your home page, or replace certain
advertisements with others.
Cracker
Cracker is a shortened name for a criminal hacker. Read more at hacker.
Denial-of-service (DoS) attack
Denial of service is an attack designed to block user access to a Web
site or network by flooding it with bogus information (such as a
surplus of requests). The information overload maxes out the Web site
or network's processing capabilities, resulting in the user's inability
to access Internet services and making it appear inaccessible. These
DoS attacks damage productivity and can be highly frustrating, though
the hacker's primary purpose of such attacks is generally disruption
and not identity theft.
Distributed denial-of-service (DDoS) attack
This variety of DoS attack enlists multiple compromised computers to
flood a single target with bogus information. A criminal hacker can
hijack your computer and force it and others to perform a DoS attack
against other computers, users, or networks.
Dialer
Traditional modems use a program called a dialer to connect a computer
to the Internet, but dialers are perhaps most well-known for their
illegitimate purposes. Bad dialers cause your PC to call long-distance
or for-pay numbers, rather than your ISP. This most often results in a
large telephone bill for the user and a tidy profit for the dialer's
creator.
Drive-by
This term is loosely used for a stealth software installation the user
does not initiate. In some cases, simply visiting a Web page can
download malicious programs to a PC without a user's knowledge or
consent. In other cases, a pop-up ad might be used to initiate a
drive-by installation.
Evil twin
A spoofed doppelganger of a legitimate wireless access point is known
as an evil twin. Often home constructed, the evil twin hotspot offers
wireless access for the purpose of collecting the user's data, which
can then be exploited or sold.
False positive
False positives can fall into several categories. In an effort to sell
software, unscrupulous antispyware programs often will mislead a user
into believing his or her machine is infected with spyware when no
problems actually exist. The term false positive also can be used when
legitimate antispyware applications mistakenly label a benign program
as a threat.
Firewall
A firewall is a crucial component in a computer's line of defense, as
firewalls prevent unauthorised services or programs from accessing a
computer or network resources. Although virtually every corporate
network has its own firewall, every personal computer should have one
as well. Personal firewalls can come as standalone products or as
components built-in to a larger security suite.
Hacker
"Hacker" is a term that often requires more qualification than is
given, as hackers can act with intentions and outcomes ranging from
beneficial to malicious. To hack a file or a program is simply to
deconstruct it or tweak its performance. Therefore the term hacker has
neutral connotations, encompassing those who tinker with computer
programs with no malicious intent, such as computer programmers or
security researchers, as well as criminal hackers (also called
crackers) who seek to damage your system, gain from stored data, or
control your PC remotely. Hacking taxonomy is associated by color --
black hat hackers are malicious, white hat hackers are benign, and gray
hat hackers are characterised by varying motivations.
Hijackers
Often installing as a helpful browser toolbar, hijackers may alter
browser settings or change the default home page to point to some other
site.
Keylogger
Keyloggers are just what they sound like -- programs that record every
keystroke made on a PC. Though some parental-control applications
include keyloggers for monitoring purposes, the ones that come bundled
with spyware are far more insidious. These types of keyloggers send
sensitive information to a remote computer, where thieves can access
data such as credit-card and bank-account numbers, as well as passwords
and social-security numbers.
Like this article? Click below to send it to your mobile for free!
Ed Pulliam
29/10/2006 03:36 PM
The description for "adware" says "Typically, adware components install alongside a shareware or freeware application". The Association of Shareware Professionals [ASP] has fought for years to disentangle the erroneous association of properly obtained software, that happens to be marketed as shareware, with harmful computer code such as viruses and spy ware. In general, software marketed via shareware channels and other commercial software is normally virus-free. Indeed, the basis of shareware marketing is TBYB [try-before-you-buy]. Some of the world's largest software companies, such as Symantec and Microsoft, have adopted the try before you buy concept for the distribution of some of their products, even if they do not choose to use the word "shareware" in their product promotion. Companies that integrate the shareware marketing method in their core business model [over 10,000 of them!] would no more want to distribute a virus or Trojan than companies distributing by other channels. The try-before-you-buy nature of software marketed as shareware means that our members work very hard at closing a sale with each user by impressing them with how good the product that they're trying is. Distributing software problems and malware invaders doesn't result in a good relationship with our best potential customers. The ASP is a not-for-profit association of over 1,300 independent software developers, marketers and vendors, most of whom use the try-before-you-buy method of software distribution. For more information on the ASP, visit our consumer information web site at http://asp-shareware.com/ .
Report offensive content