___________________________
 
     Não se lamente pelos dados que foram roubados ou
     perdidos sem antes se lamentar por não ter contratado 
     um profissional especializado em segurança!
_______________________________
                                                          by Claudio Rocha 

Menu
Principal
Introdução

Glossário
Destaques

Mensagem 1

Informa

BR

O caminho certo da Informação

 

Mensagem 2

SEJAM
BEM-VINDOS !

 

 
Introdução:
 
O glossario abaixo não foi traduzido para o português.

Estes são os termos mais usados em salas de aula, livros, revistas, jornais, internet entre outros meios de comunicações para descrever crimes eletrônicos/segurança da Informação. A maioria dos termos são conhecidos por nos brasileiros pelos nomes originais escrito na língua inglesa. Há uma tendência por parte dos profissionais de TI manter tais nomes na língua inglesa visto que grande parte do material disponível como fonte de informações estão escrito na língua inglesa. Mantendo-se o formato original dos nomes na língua inglesa evita-se confusões nos momentos em que temos que trocar informações com pessoas de outros paises.

Concluindo, os nomes abaixo estão escritos no formato mais conhecido pelos profissionais de TI. A tradução dos termos abaixo para o português existem em alguns casos (livros e outros materiais encontrados na internet ), porem eu aconselharia aprender o equivalente na língua inglesa também.


Top of Page[Back to Top]

     
 
Glossário:
 
Descrições

Alert
A formatted message describing a circumstance relevant to network security. Alerts are often derived from critical audit events.

Anti-virus
A software program designed to identify and remove a known or potential computer virus.

Attack
An attempt to bypass security controls on a computer. The attack may alter, release, or deny data. Whether an attack will succeed depends on the vulnerability of the computer system and the effectiveness of existing countermeasures.

Back Door
A hole in the security of a computer system deliberately left in place by designers or maintainers. Synonymous with trap door; a hidden software or hardware mechanism used to circumvent security controls.

Bandwidth
Generally speaking, bandwidth is directly proportional to the amount of data transmitted or received per unit time. In digital systems, bandwidth is proportional to the data speed in bits per second (bps). Thus, a modem that works at 57,600 bps has twice the bandwidth of a modem that works at 28,800 bps.

Black hat
Black hat is used to describe a hacker (or, if you prefer, cracker) who breaks into a computer system or network with malicious intent

Bomb
A general synonym for crash, normally of software or operating system failures.

Buffer Overflow
This happens when more data is put into a buffer or holding area than the buffer can handle. This is due to a mismatch in processing rates between the producing and consuming processes. This can result in system crashes or the creation of a back door leading to system access.

Bug
An unwanted and unintended property of a program or piece of hardware, especially one that causes it to malfunction.

CGI
Common Gateway Interface - CGI is the method that Web servers use to allow interaction between servers and programs.

CGI exploit

When a denial of service attack is aimed at the CGI (common gateway interface), it is referred to as a CGI exploit. The CGI is a standard way for a Web server to pass a Web user's request to an application program and to receive data back to forward to the user.  It is part of the Web's HTTP protocol.

CGI Scripts
Allows for the creation of dynamic and interactive web pages. They also tend to be the most vulnerable part of a web server (besides the underlying host security).

Cookie
A message given to a Web browser by a Web server. The browser stores the message in a text file called cookie.txt. The message is then sent back to the server each time the browser requests a page from the server.

Crack
A popular hacking tool used to decode encrypted passwords. System administrators also use Crack to assess weak passwords by novice users in order to enhance the security.

Cracker
A person who breaks into a site through a computer's security. While basically the same thing as a "Hacker", a Cracker is sometimes considered to be more malicious and destructive.

Cracking
The act of breaking into a computer system.

Crash - A sudden, usually drastic failure of a computer system.

Cryptography
The art of science concerning the principles, means, and methods for rendering plain text unintelligible and for converting encrypted messages into intelligible form.

Daemon
A program that runs continuously and exists for the purpose of handling periodic service requests that a computer system expects to receive. The daemon program forwards the requests to other programs (or processes) as appropriate. Each server of pages on the Web has an HTTPD or Hypertext Transfer Protocol daemon that continually waits for requests to come in from Web clients and their users.

Dark-side Hacker
A criminal or malicious hacker.

DARPA
Defense Advanced Research Projects Agency.

Denial of Service (DoS)
Denial of service would refer to illegal act to bring a particular system down or to malfunction a system. There are various types of DoS attacks, ie ping flood attack, smurf attack, syn attack

DMZ (de-militarized zone)
A network added between a protected network and an external network in order to provide an additional layer of security. Sometimes called a perimeter network.

DNS Spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

DSS (Digital Signature Standard
The Digital Signature Standard (DSS) is a cryptographic standard promulgated by the National Institute of Standards and Technology (NIST) in 1994. It has been adopted as the federal standard for authenticating electronic documents, much as a written signature verifies the authenticity of a paper document.

Dump - An undigested and large amount of information routed to an output device. Usually it is a backup of computer files and data.

False Negative
Occurs when an actual intrusive action has occurred but the system allows it to pass as non-intrusive behavior.

False Positive
Occurs when the system classifies an action as anomalous (a possible intrusion) when it is a legitimate action.

Fault Tolerance
The ability of a system or component to continue normal operation despite the presence of hardware or software faults.

Firewall
A system or combination of systems that enforces a boundary between two or more networks. Gateway that limits access between networks in accordance with local security policy. The typical firewall is an inexpensive micro-based Unix box kept clean of critical data, with many modems and public network ports on it, but just one carefully watched connection back to the rest of the cluster.

Flooding - Sending lots of text to the screen at once.

Gray Hat
Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.

Hacker
A person who enjoys exploring the details of computers and how to stretch their capabilities. A malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their capabilities, as opposed to most users who prefer to learn on the minimum necessary.

Hacking
Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.

Host
A single computer or workstation; it can be connected to a network

Internet Worm
A worm program (see: Worm) that was unleashed on the Internet in 1988. It was written by Robert T. Morris as an experiment that got out of hand.

Intrusion
Any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource.

IP spoofing
An attack where the attacker impersonates a trusted system by using its IP network address.

IP Hijacking

An attack where an active, established session is intercepted and taken over by the attacker. May take place after authentication has occurred which allows the attacker to assume the role of an already authorized user.

LAN
Local Area Network - A computer communications system limited to no more than a few miles and using high-speed connections (2 to 100 megabits per second). A short-haul communications system that connects ADP devices in a building or group of buildings within a few square kilometers, including workstations, front-end processors, controllers, switches, and gateways.

LetterBomb
A piece of email containing live data intended to do malicious things to the recipient's machine or terminal. Under UNIX, a letterbomb can also try to get part of its contents interpreted as a shell command to the mailer. The results of this could range from silly to denial of service.

Macro Virus
Macro viruses are small programs written using the internal programming language of a specific application program that replicate within documents created by the application program. Common examples of application programs that use macros include word processors such as Word and spreadsheets such as Excel.

Mailbomb
The mail sent to urge others to send massive amounts of email to a single system or person, with the intent to crash the recipient's system. Mailbombing is widely regarded as a serious offense.

Malicious Code
Hardware, software, of firmware that is intentionally included in a system for an unauthorized purpose; e.g. a Trojan horse

OSI
Open Systems Interconnection. A set of internationally accepted and openly developed standards that meet the needs of network resource administration and integrated network utility.

Packet
A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and message.

Packet Filter
Inspects each packet for user defined content, such as an IP address but does not track the state of sessions. This is one of the least secure types of firewall.

Penetration
The successful unauthorized access to an automated system.

Penetration Signature
The description of a situation or set of conditions in which a penetration could occur or of system events which in conjunction can indicate the occurrence of a penetration in progress.

Penetration Testing
The portion of security testing in which the evaluators attempt to circumvent the security features of a system. The evaluators may be assumed to use all system design and implementation documentation, that may include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints applied to ordinary users.

PGP (Pretty Good Privacy)
A freeware program primarily for secure electronic mail.

Phracker
An individual who combines phone phreaking with computer hacking.

Phreak(er)
An individual fascinated by the telephone system. Commonly, an individual who uses his knowledge of the telephone system to make calls at the expense of another.

Phreaking
The art and science of cracking the phone network.

Ping of Death
The use of Ping with a packet size higher than 65,507. This will cause a denial of service.

Plaintext
Unencrypted data.

Private Key Cryptography
An encryption methodology in which the encryptor and decryptor use the same key, which must be kept secret. This methodology is usually only used by a small group.

Probe
Any effort to gather information about a machine or its users for the apparent purpose of gaining unauthorized access to the system at a later date.

Promiscuous Mode
Normally an Ethernet interface reads all address information and accepts follow-on packets only destined for itself, but when the interface is in promiscuous mode, it reads all information (sniffer), regardless of its destination.

Protocol
Agreed-upon methods of communications used by computers. A specification that describes the rules and procedures that products should follow to perform activities on a network, such as transmitting data. If they use the same protocols, products from different vendors should be able to communicate on the same network.

Proxy
A firewall mechanism that replaces the IP address of a host on the internal (protected) network with its own IP address for all traffic passing through it. A software agent that acts on behalf of a user, typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.

Public Key Cryptography
Type of cryptography in which the encryption process is publicly available and unprotected, but in which a part of the decryption key is protected so that only a party with knowledge of both parts of the decryption process can decrypt the cipher text.

Risk Assessment
A study of vulnerabilities, threats, likelihood, loss or impact, and theoretical effectiveness of security measures. The process of evaluating threats and vulnerabilities, known and postulated, to determine expected loss and establish the degree of acceptability to system operations.

Router
An interconnection device that is similar to a bridge but serves packets or frames containing certain protocols. Routers link LANs at the network layer.

Rules Based Detection
The intrusion detection system detects intrusions by looking for activity that corresponds to known intrusion techniques (signatures) or system vulnerabilities. Also known as Misuse Detection.

Script bunnies
Aspiring hackers who download files that automate attacks.

Script Kiddies
The lowest form of cracker; script kiddies do mischief with scripts and programs written by others, often without understanding the exploit. 2. People who cannot program, but who create tacky HTML pages by copying JavaScript routines from other tacky HTML pages. More generally, a script kiddie writes (or more likely cuts and pastes) code without either having or desiring to have a mental model of what the code does; someone who thinks of code as magical incantations and asks only "what do I need to type to make this happen?"

Secure Shell

A completely encrypted shell connection between two machines protected by a super long pass-phrase.

Security Incident
Any act or circumstance that involves classified information that deviates from the requirements of governing security publications. For example, compromise, possible compromise, inadvertent disclosure, and deviation.

Security Policies
The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information.

Security Policy Model
A formal presentation of the security policy enforced by the system. It must identify the set of rules and practices that regulate how a system manages, protects, and distributes sensitive information.

Smurfing
A denial of service attack in which an attacker spoofs the source address of an echo-request ICMP (ping) packet to the broadcast address for a network, causing the machines in the network to respond en masse to the victim thereby clogging its network.

Sneaker - An individual hired to break into computer systems to test their security.

Sniffer
A program to capture data across a computer network. Used by hackers to capture user id names and passwords. Software tool that audits and identifies network traffic packets. Is also used legitimately by network operations and maintenance personnel to troubleshoot network problems.

Spam
To crash a program by overrunning a fixed-site buffer with excessively large input data. Also, to cause a person or newsgroup to be flooded with irrelevant or inappropriate messages.

Spoofing
Pretending to be someone else. The deliberate inducement of a user or a resource to take an incorrect action. Attempt to gain access to an system by pretending to be an authorized user. Impersonating, masquerading, and mimicking are forms of spoofing.

SSL (Secure Sockets Layer)
A session layer protocol that provides authentication and confidentiality to applications.

SYN Flood
When the SYN queue is flooded, no new connection can be opened.

TCP/IP
Transmission Control Protocol/Internetwork Protocol. The suite of protocols the Internet is based on.

TCPwrapper
A software tool for security which provides additional network logging, and restricts service access to authorized hosts by service.

Terminal Hijacking
Allows an attacker, on a certain machine, to control any terminal session that is in progress. An attack hacker can send and receive terminal I/O while a user is on the terminal.

Threat
The means through which the ability or intent of a threat agent to adversely affect an automated system, facility, or operation can be manifest. A potential violation of security.

Threat Agent
Methods and things used to exploit a vulnerability in an information system, operation, or facility; fire, natural disaster and so forth.

Trace Packet
In a packet-switching network, a unique packet that causes a report of each stage of its progress to be sent to the network control center from each visited system element.

Traceroute
An operation of sending trace packets for determining information; traces the route of UDP packets for the local host to a remote host. Normally traceroute displays the time and location of the route taken to reach its destination computer.

Tripwire
A software tool for security. Basically, it works with a database that maintains information about the byte count of files. If the byte count has changed, it will identify it to the system security manager.

Trojan Horse
An apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data.

Troll - An online message whose purpose is to attract responses and make the responders look stupid. People who troll want to make you waste your time responding to their pointless statements.

Virus
A program that can "infect" other programs by modifying them to include a, possibly evolved, copy of itself.

Vulnerability
Hardware, firmware, or software flow that leaves an AIS open for potential exploitation. A weakness in automated system security procedures, administrative controls, physical layout, internal controls, and so forth, that could be exploited by a threat to gain unauthorized access to information or disrupt critical processing.

WAN
Wide Area Network. A physical or logical network that provides capabilities for a number of independent devices to communicate with each other over a common transmission-interconnected topology in geographic areas larger than those served by local area networks.

War Dialer - A cracking tool that calls a given list or range of phone numbers and records those which answer to identify computer systems.

War driving
War driving is a relatively recent phenomenon, since wireless networks started getting popular. Since most people that install a wireless LAN don't bother to (or can't) dampen the signal enough that you can't access it outside their building, it's easy to steal bandwidth. All you have to do is get a laptop with a wireless card, install Aerosniff (like a packet sniffer, but for wireless rather than for Ethernet), and literally drive around town looking for areas with wireless traffic. Once you find one, it's generally trivial to steal their bandwidth. Hence, war driving.

Warez - Cracked versions of commercial software with their copy-protection stipped off. Warez sites usually contain illegal, pirated software or games.

White hat
White hat describes a hacker (or, if you prefer, cracker) who identifies a security weakness in a computer system or network but, instead of taking malicious advantage of it, exposes the weakness in a way that will allow the system's owners to fix the breach before it is can be taken advantage by others (such as black hat hackers.) Methods of telling the owners about it range from a simple phone call through sending an e-mail note to a Webmaster or administrator all the way to leaving an electronic "calling card" in the system that makes it obvious that security has been breached.

Worm
Independent program that replicates from machine to machine across network connections often clogging networks and information systems as it spreads.



Top of Page[Back to Top]

     
 
Destaques:
 
Alguns dos termos que realmente aparecem no dia dia. Esses são os mesmos que aparecem na lista acima (Glossário).

Back Door
A hole in the security of a computer system deliberately left in place by designers or maintainers. Synonymous with trap door; a hidden software or hardware mechanism used to circumvent security controls.

Buffer Overflow
This happens when more data is put into a buffer or holding area than the buffer can handle. This is due to a mismatch in processing rates between the producing and consuming processes. This can result in system crashes or the creation of a back door leading to system access.

CGI exploit
When a denial of service attack is aimed at the CGI (common gateway interface), it is referred to as a CGI exploit. The CGI is a standard way for a Web server to pass a Web user's request to an application program and to receive data back to forward to the user.  It is part of the Web's HTTP protocol.

Denial of Service (DoS)
Denial of service would refer to illegal act to bring a particular system down or to malfunction a system. There are various types of DoS attacks, ie ping flood attack, smurf attack, syn attack

DNS Spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

IP Hijacking
An attack where an active, established session is intercepted and taken over by the attacker. May take place after authentication has occurred which allows the attacker to assume the role of an already authorized user.

Ping of Death
The use of Ping with a packet size higher than 65,507. This will cause a denial of service.

Script Kiddies
The lowest form of cracker; script kiddies do mischief with scripts and programs written by others, often without understanding the exploit. 2. People who cannot program, but who create tacky HTML pages by copying JavaScript routines from other tacky HTML pages. More generally, a script kiddie writes (or more likely cuts and pastes) code without either having or desiring to have a mental model of what the code does; someone who thinks of code as magical incantations and asks only "what do I need to type to make this happen?"

Slashdot Effect or just "/."
The Slashdot Effect is the sudden, relatively temporary surge in traffic to a Web site that occurs when a high-traffic Web site or other source posts a story that refers visitors to another Web site. The effect gets its name from the Slashdot Web site, which provides content about Linux and related software, and sometimes features news about other related but less-traveled sites. However, the effect can be perceived when any large Web site posts a high-interest, widely-publicized story, about another site. The effect is obviously much more noticeable on smaller sites and the surge in traffic sometimes will slow a site down or make it impossible to reach.

Smurfing
A denial of service attack in which an attacker spoofs the source address of an echo-request ICMP (ping) packet to the broadcast address for a network, causing the machines in the network to respond en masse to the victim thereby clogging its network.

Sneaker - An individual hired to break into computer systems to test their security.

Sniffer
A program to capture data across a computer network. Used by hackers to capture user id names and passwords. Software tool that audits and identifies network traffic packets. Is also used legitimately by network operations and maintenance personnel to troubleshoot network problems.

Spoofing
Pretending to be someone else. The deliberate inducement of a user or a resource to take an incorrect action. Attempt to gain access to an system by pretending to be an authorized user. Impersonating, masquerading, and mimicking are forms of spoofing.


Top of Page[Back to Top]


Retornar