Included below are several of the most frequently used terms in computer
security. A comprehensive dictionary of computer security terms is available in
the LinuxSecurity.com Dictionary
authentication: The process of knowing that the data received is
the same as the data that was sent, and that the claimed sender is in fact the
bastion Host: A computer system that must be highly secured
because it is vulnerable to attack, usually because it is exposed to the
Internet and is a main point of contact for users of internal networks. It
gets its name from the highly fortified projects on the outer walls of
medieval castles. Bastions overlook critical areas of defense, usually having
strong walls, room for extra troops, and the occasional useful tub of boiling
hot oil for discouraging attackers.
buffer overflow: Common coding style is to never allocate large
enough buffers, and to not check for overflows. When such buffers overflow,
the executing program (daemon or set-uid program) can be tricked in doing some
other things. Generally this works by overwriting a function's return address
on the stack to point to another location.
denial of service: An attack that consumes the resources on your
computer for things it was not intended to be doing, thus preventing normal
use of your network resources for legitimate purposes.
dual-homed Host: A general-purpose computer system that has at
least two network interfaces.
firewall: A component or set of components that restricts access
between a protected network and the Internet, or between other sets of
host: A computer system attached to a network.
IP spoofing: IP Spoofing is a complex technical attack that is
made up of several components. It is a security exploit that works by tricking
computers in a trust relationship into thinking that you are someone that you
really aren't. There is an extensive paper written by daemon9, route, and
infinity in the Volume Seven, Issue Forty-Eight issue of Phrack Magazine.
non-repudiation: The property of a receiver being able to prove
that the sender of some data did in fact send the data even though the sender
might later deny ever having sent it.
packet: The fundamental unit of communication on the Internet.
packet filtering: The action a device takes to selectively control
the flow of data to and from a network. Packet filters allow or block packets,
usually while routing them from one network to another (most often from the
Internet to an internal network, and vice-versa). To accomplish packet
filtering, you set up rules that specify what types of packets (those to or
from a particular IP address or port) are to be allowed and what types are to
perimeter network: A network added between a protected network and
an external network, in order to provide an additional layer of security. A
perimeter network is sometimes called a DMZ.
proxy server: A program that deals with external servers on behalf
of internal clients. Proxy clients talk to proxy servers, which relay approved
client requests to real servers, and relay answers back to clients.
superuser: An informal name for root.