SECURITY TERMINOLOGY
Anti-virus: Software that scans your pc for viruses, worms, and Trojans using up-to-date virus signatures. Once found, the program can remove, or quarantine the virus and (ideally) keep it from performing whatever malicious duties is was sent to do.
Attack: An attempt by an unauthorized individual or program to gain control over aspects of your pc for various purposes.
Backdoor: This is sometimes referred to as a trapdoor, and is a feature in programs that the original programmer puts into the code in order to fix bugs or make other changes that need to be made. However, if this information becomes known to anyone else it poses a potential security risk.
Firewall: A firewall refers to either a software or hardware device that basically protects your internal network from any outside threat or any unauthorized Internet access from the inside.
Hijacking: An attack whereby an active, established, session is intercepted and used by the attacker. Hijacking can occur locally if, for example, a legitimate user leaves a computer unprotected. Remote hijacking can occur via the Internet.
Hole: A known flaw in code that can compromise the security of your system by allowing unauthorized access.
HTTPS (Hypertext Transfer Protocol Secure): This is a version of http that is far more secure and is used (or should be used) in areas of the web where sensitive information is being used or exchanged.
Key: These are the names of Windows Registry components that are responsible for keeping the settings in Windows. Every time a program gets added to or uninstalled from a pc the Registry gets changed. If a virus gets into your system and makes changes to your registry keys it can cause serious performance changes.
Key loggers: These are used in legitimate programs but have been a favorite of hackers for years. Basically, what a key logger does is log your keystrokes for however long it is configured for. Hackers use these types of programs to find important information like usernames and passwords for sensitive accounts or highly secure areas.
@mm: This is usually seen at the end of a virus name i.e. W32netsky@mm and signifies that this virus is a mass mailer. A mass mailer is the term for a virus that upon infection can mail itself out to email addresses that it harvests from various areas of your hard drive—especially your address book. Sometimes you will see the designation with only one "m" at
the end of the virus name this stands for mailer and this kind of virus can only ride along with email messages you send.
Here are some more security terms that you should become familiar with.
Macro virus: Code written to take advantage of Hotkey" abilities to deliver its payload or replicate. Macros are hotkeys—key combinations that you can record and link to a single or fewer keystrokes.
Payload: This is the portion of the virus that is released into your system; it isn t always destructive but is always unwanted.
Port: The protocol stacks TCP/IP which is the protocol of the Internet (for the most part). There are several small parts to an Internet address, or IP address. While the IP address is your logical location on the web, the port number is an identifier for the service you would like to use on the system you re connecting to.
*A port has always been a tough concept to grab but is a very important component in fighting off hackers, Firewalls are so important because they deny any accesses to or from ports that you haven t granted access to. A firewall is an absolute necessity for broadband users.
Protocol: A set of rules and standards to govern the exchange of data between computers and related devices. There are protocols in almost every aspect of computers from web design to programming to network administration.
Replication: After a virus successfully infects a PC it usually starts to copy itself. Then it tries to infect either different parts of your system, or other systems, usually through address books or shared network files. This is usually one of the chief missions of a virus and by means of replication viruses can grow and infect new systems at an exponential rate.
Security response: The process of research, creation, delivery, and notification of responses to viral and malicious code threats, as well as operating system, application, and network infrastructure vulnerabilities.
SMTP: Simple Mail Transport Protocol. This is an email protocol that is responsible for moving mail from mail server to mail server.
Variant: A modification to the original virus code in an attempt to either throw antivirus software companies off, or create a different effect from the virus.
Virus definitions file: These are data files used by antivirus programs to help them identify and deal with viral attempts to infect your system.