Home » RESOURCES » Glossary » D-H

D-H

A-C | D-H | I-O | P-S | T-Z

D

  • Daemon - or Service Program not explictly launched by the user but launched as a background service by the computer operating system when starting. It runs only when specific conditions are met. Examples of services : the antivirus on Windows, the printing daemon on Linux, web servers, resource sharing
  • Data integrity Quality of data that were not altered or destroyed unexpectedly
  • DDoS - Distributed Denial of Service A Denial of Service is an attack aiming to overflow a machine with false traffic in order to make it out of use. When many machines are used to achieve this attack, it becomes a Distributed DoS which aims to disable important networks, infrastructures or servers. Botnet -cf. botnet- may be used to achieve these DDoS attacks
  • Dedicated hosting The server is rented by a unique customer and hosted at a professional web hosting company. This customer has administrator rights on the machine
  • Defaced - defacement When a web site and especially its home page has been modified by crackers to show they could intrude into the web server or to cause a reputation prejudice
  • Default deny A security principle for input validation in an application, a template, etc. The purpose is to eliminate unexpected traffic by accepting ONLY expressly allowed requests and reject all other traffic. BinarySEC for Apache uses this fundamental principle
  • Denial of Service - DoS Denial of Service is an attack aiming to overflow a machine with false traffic in order to make it out of use. The purpose of a network is to transport traffic but its capacity is not infinite, thus it is possible to send more traffic than it can transport
  • DHCP - Dynamic Host Configuration Protocol DHCP enables a connecting computer to automatically receive its basic configuration, including its network configuration
  • Dictionary attack Method to identify a password or a key. An automat tests a huge amount of potential passwords, one after the other, hoping that the password in use will be included in the dictionary
  • Dmz -Demilitarized Zone Intermediary -or neutral- zone, between the internal and confidential computer network which has to be secured and an external network such as the internet. The DMZ is a transit point for flows exchanged between the networks in order to guarantee traffic is harmless. A DMZ is usually materialized by a perimeter firewall
  • DNS - Domain Name Service This system enables to associate mnemonic -easy to remember- names, for instance binarysec.com, with numeric addresses -such as 193.123.456.789- of machines connected on the internet. Correlation between the IP address and domain name is called 'domain name resolution' or 'address resolution'
  • Domain One of the elements that constitute a DNS address. Different levels exist for domain names, such as : .com, .net, .org, .edu, .fr, .uk, etc. For instance, binarysec.com and binarysec.fr are domain names
  • DoS - Denial of Service see Denial of Service above

E

  • Evasion Techniques used by hackers to bypass existing security tools, namely antivirus, network firewalls and intrusion detection systems. These techniques include 'pollution', signature modification, low-level -IP, TCP- and high level -HTTP, HTTPS- protocol attacks, attack origin masquerading
  • Exploit Program enabling a user to exploit a flaw in the operating system or in an application

F

  • False negative Lack of detection of a vulnerability or of an intrusion alert. A vulnerability detection tool should never be subject to false negatives. In case of doubt, it is more secure to generate a false positive that will require further investigation, even if it happened to be unnecessary. BinarySEC is not subject to false negatives as all intrusion attempts correspond to abnormal traffic and are thus reported
  • False positive Intrusion alert or vulnerability detection which happened not to be a real one. False positives have to be as exceptional as possible, they are a performance indicator of protection quality. BinarySEC can generate a few false positives during the learning period and does not generate any more after this phase
  • Fault tolerance Conception of a system in such a way that it can keep on running, potentially in a degraded mode, instead of completely breaking down when one of its components is not running correctly
  • Firewal or network firewall or perimeter firewall System dedicated to traffic control between distinct networks. A firewall may have various operating modes such as packet filter or application relay -proxy-
  • Flaw Software vulnerability usually due to bad programming. It may cause an intrusion and confidential data theft or come to loss of control of the vulnerable machine
  • Fuzzing Fuzzing is a technique to test software. The purpose is to send a source of random data (ie fuzz) as inputs to test a program. If the program fails, then defects have to be corrected. It is especially useful in web aplication testing as lack of input validation is the most common method to exploit vulnerabilities

G

  • Gateway Device dedicated to link two distinct computer networks, for instance a Local Area Network and the internet. Very often, it is also used as a network firewall
  • Get - method Request of the resource located at the specified URL
  • Google hacking Use of power and knowledge of Google to discover sensitive or confidential information such as passwords, credit card numbers, ... It is achieved through mathematical operator manipulation offered on Google search engine
  • Gramm Leach Bliley Act (GLBA) Also known as the Financial Services Modernization Act, GLBA aims to protect consumer's privacy, confidentiality and information security. It requires financial institutions to provide clear notice of privacy practices and opt out opportunity

H

  • Hacker - hacking Hacking represents a set of computer techniques aiming at attacking a network, a web site, a computer, a router, etc. Attacks might be local or remote. There are various motivations : data theft, economic fraud, illegal hosting, system security checking, blackmail, terrorism, challenge, better underdansting of computers, ...
  • Head - method Request of the header -and only the header- of the resource located at the specified URL
  • Heuristics Learning method which takes into account what was previously done, learnt as well as experience to solve problems. This approach is now used by various antivirus because signature detection is no longer enough. BinarySEC uses advanced heuristics techniques on its artificial intelligence engine
  • HIDS - Host Intrusion Detection System Devices or software dedicated to detect intrusions. IDS enable to log abnormal events, to detect suspicious actions in real time and even to adopt counter-measures based on signatures or behaviour analysis. There are 2 major types of IDS : NIDS -Network Intrusion Detection Systems- for networks and HIDS -Host-based Intrusion Detection Systems- for servers
  • Health Insurance Portability and Accountability Act (HIPAA) This federal legislation specifies physical security, technical and administrative procedures to assure the confidentiality of electronic protected health information
  • Hoax False, out of date or uncheckable information that was propagated spontaneously by users
  • Honeypot Computer or program that was left vulnerable on purpose in order to attract and entrap crackers
  • Host Usually the server which hosts a web site
  • Hosting Installation and on-line operations of a web site made available on the internet
  • HTTP - Hypertext Transfer Protocol Client-server communication protocol developed for the World Wide Web. It is also used to exchange various data between the client and the HTTP server. This protocol uses standard port 80 on server side. BinarySEC for Apache normalizes this traffic
  • HTTPS - Secure Hypertext Transfer Protocol HTTPS is a secured version of HTTP protocol and achieves these security services: authentication, mutual or not, confidentiality through encryption of exchanged data, integrity of data during their transit on the network. HTTPS uses SSL (Secured Socket Layer) protocol. HTTPS uses standard port 443 on server side. BinarySEC for Apache normalizes this traffic
  • Hyperlink Electronic link which refers to an external document and enables to reach it. This browsing principle is now very frequent in traditional computer programs (not necessarily on the web). Hyperlinks are sometimes considered as the 'blood' of the internet !
  • Hypertext Transfer Protocol - HTTP cf. HTTP