P


[P]

Packet

A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and messages.

Packet Filter

Inspects each packet for user-defined content, such as an IP address, but does not track the state of sessions. This is one of the least secure types of firewall.

Packet Filtering

A feature incorporated into routers and bridges to limit the flow of information based on predetermined communications, such as source, destination, or type of service being provided by the network. Packet filters let the administrator limit protocol-specific traffic to one network segment, isolate e-mail domains, and perform many other traffic-control functions.

Packet Sniffer

A device or program that monitors the data traveling between computers on a network.

Passive Attack

An attack that does not result in an unauthorized state change, such as an attack that only monitors or records data.

Passive Threat

The threat of unauthorized disclosure of information without changing the state of the system. A type of threat that involves the interception, not the alteration, of information.

PEM

Privacy Enhanced Mail—An IETF standard for secure mail exchange.

Penetration

The successful unauthorized access to an automated system.

Penetration Signature

The description of a situation or set of conditions in which a penetration could occur or of system events that in conjunction can indicate the occurrence of a penetration in progress.

Penetration Testing

The portion of security testing in which the evaluators attempt to circumvent the security features of a system. The evaluators may be assumed to use all system design and implementation documentation, which may include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints applied to ordinary users.

Perimeter-Based Security

The technique of securing a network by controlling access to all entry and exit points of the network; usually associated with firewalls or filters.

Perpetrator

The entity from the external environment that is taken to be the cause of a risk. An entity in the external environment that performs an attack (i.e., a hacker).

Personnel Security

The procedures established to ensure that all personnel who have access to any classified information have the required authorizations, as well as the appropriate clearances.

PGP

Pretty Good Privacy—A freeware program primarily for secure e-mail.

Phage

A program that modifies other programs or databases in unauthorized ways, especially one that propagates a virus or Trojan horse.

PHF

Phone book file demonstration program that hackers use to gain access to a computer system and potentially read and capture password files.

PHF Hack

A well-known and vulnerable CGI script that does not filter out special characters (such as a new line) input by a user.

Phracker

An individual who combines phone phreaking with computer hacking.

Phreak(er)

An individual fascinated by the telephone system. Commonly, an individual who uses his knowledge of the telephone system to make calls at the expense of another.

Phreaking

The art and science of cracking the phone network.

Physical Security

The measures used to provide physical protection of resources against deliberate and accidental threats.

Piggy-Back

The gaining of unauthorized access to a system via another user's legitimate connection.

Ping of Death

The use of ping with a packet size higher than 65,507. This will cause a denial of service.

Plain Text

Unencrypted data.

Private Key Cryptography

An encryption methodology in which the encryptor and decryptor use the same key, which must be kept secret. This methodology is usually used only by a small group.

Probe

Any effort to gather information about a machine or its users for the apparent purpose of gaining unauthorized access to the system at a later date.

Procedural Security

See Administrative Security.

Profile

Patterns of a user's activity that can detect changes in normal routines.

Promiscuous Mode

Normally an Ethernet interface reads all address information and accepts follow-on packets only destined for itself, but when the interface is in promiscuous mode, it reads all information (sniffer), regardless of its destination.

Protocol

Agreed-upon methods of communications used by computers. A specification that describes the rules and procedures that products should follow to perform activities on a network, such as transmitting data. If they use the same protocols, products from different vendors should be able to communicate on the same network.

Prowler

A daemon that is run periodically to seek out and erase core files, truncate administrative logfiles, nuke lost+found directories, and otherwise clean up.

Proxy

A firewall mechanism that replaces the JP address of a host on the internal (protected) network with its own IP address for all traffic passing through it. A software agent that acts on behalf of a user. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.

Psychological Operations (PSYOP)

Planned operations to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior of foreign governments, organizations, groups, and individuals. The purpose of psychological operations is to induce or reinforce foreign attitudes and behavior favorable to the originator's objectives (JP 1-02).

Public Key Cryptography

A type of cryptography in which the encryption process is publicly available and unprotected, but in which a part of the decryption key is protected so that only a party with knowledge of both parts of the decryption process can decrypt the cipher text.




Investigative Data Mining for Security and Criminal Detection
Investigative Data Mining for Security and Criminal Detection
ISBN: 0750676132
EAN: 2147483647
Year: 2005
Pages: 232
Authors: Jesus Mena

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net