Acid_Burn's : Dictionary

Contents

Exploits

Privacy

Texts

Products

Tutorial

Ethics

Windows NT

Linux

Programming

Dictionary

Hype

Chat

Phreaking

Links

Home

Search

Dictionary

The world of hacking and computer security is filled with terminology that is difficult for many beginners to understand. Here is a small lexicon of words relating to various fields of technology and computers. Please e-mail me any suggested additions.

| A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z |

ANI: Acronym for Automated Number Identification, a system used by the phone co. to identify a caller's phone number. * Codes do not block ANI requests. Calling a local ANI line will report the number of the phone being used.

Archie: A UNIX service for searching FTP sites.

BBS: Acronym for Bulletin Board System, a BBS is a computer service where users can chat, post messages, download files, etc. Most BBS's are dial-in. While very popular in the 1980s, the advent of the internet has led to their gradual extinction.

bot: Short for "robot", an automated program usually coded in C for use on IRC. Bots can do a number of functions such as channel protection, flooding, etc.

buffer: A segment of memory assigned by programs to store data.

buffer overflow: A common error that is frequently exploited. It occurs when more data is sent to the buffer than it can hold. For properly-coded programs that check for overflow character-by-character, this is not a problem. However, vulnerable programs frequently crash upon buffer overflows. Exploit code left on the memory stack is subsequently executed under the program's process ID.

CGI: Acronym for Common Gateway Interface, a protocol that allows for communication between a program and forms on the Web. CGIs are frequently written in C, Perl, or shell scripts, and are used for a variety of form-processing applications.

compiler: Program involved in the first step of converting source code writen in a high level language such as C to an executable program. Compilers translate the instructions into object code, which is passed on to a linker.

CRC: Cyclic Redundancy Check, a checksum that ensures a program's integrity when ran. An error will halt execution.

cron: A UNIX service used to automate tasks, such as daily backups. It is frequently exploited by hackers to execute other illicit commands.

daemon: Pronounced "demon." UNIX programs that extend the functionality of the operating system, running in the background and working when needed. SMTP, print spoolers, telnetd, are all examples. Also called a service.

DNS: Acronym for Domain Name Service, the system that translates human-readable addresses (such as www.yahoo.com) to IP addresses, and vice-versa.

DOS: 1. Acronym for Disk Operating System, the software which provides an interface to hardware devices such as hard drives, memory, etc.
2. Acronym for Denial of Service, a reference to any program, script, etc., which slows or halts some aspect of a system's function. Flooding and/or nuking are examples of DoS attacks.

eggdrop: A bot of recent popularity that performs a variety of functions, including a party-line.

exploit: Coding or a program publicly released to demonstrate a bug in system security.

finger: A UNIX service that provides information about a system's users. Fingering user@host often displays the individual's .plan file. Some hosts will display the users currently logged in upon receiving a finger request in the form of @host. (no username specified)

firewall: A software-based filter that controls access to internal networks by restricting/allowing certain packets from an external host.

flooding: 1. A common Denial of Service attack, in which a large amount of data is continually streamed to a single port of a system. The victim computer may slow down or even crash due to the excessive processing overhead.
2. Repeatedly posting the same message over and over again in an IRC channel- stupid and very annoying.

ICMP: Acronym for Internet Control Message Protocol, a TCP/IP protocol used for sending error and control messages. Ping sents out ICMP echo requests.

IRC: Acronym for Internet Relay Chat, a popular service that allows users to talk with one another in individual rooms called channels.

kerberos: A network authentication system which provides users or services with tickets and keys used to prove identity and encrypt data streams (to prevent sniffing.)

kernel: The core of an operating system, which always stays in memory and is loaded first. It is responsible for allocating memory, process and disk management, and other functions.

LAN: Acronym for Local Area Network, a set of computers physically linked together to share data or devices.

linker: Program that takes compiled object code, combines source modules, and thereby produces machine code.

Linux: A freely distributable implementation of UNIX that runs on many platforms, from PCs to Macs to Amigas.

mail bomb: A massive amount of e-mail sent to a single person, in an attempt to overload their system. A form of Denial of Service, as networks can become extremely clogged due to the flood of data.

NUA: Acronym for Network User Address, address for reaching a particular system via telenet.

OOB: Acronym for Out Of Bound data, the method of "nuking" a windows system popularized in the past year. It involves sending random data to 139, the

perl: Acronym for Practical Extraction and Report Language, a powerful interpretive language used primarily for text processing on UNIX systems. Perl is the most popular language for writing CGI scripts.

PGP: Acronym for Pretty Good Privacy, a public key cryptography system developed by Philip Zimmerman. It is free, and frequently used to encrypt e-mail.

ping: UNIX service used to test if a server is functional, and/or the network latency between two hosts. Ping sends out ICMP packets.

public-key cryptography: Method of encryption used in PGP, it involves the use of two keys: a public one that you distribute to anyone planning on emailing you, and a private one used to decrypt messages encrypted with your public key.

root: User in UNIX systems with superuser power, typically the owner of the machine.

sendmail: A mail-transport program based on SMTP, it is the agent that stores and forwards messages.

service: See daemon.

shell: The outermost layer of a program that provides an interface for users to issue commands. UNIX has multiple shells, including Bash, C shell, and Korn.

SMTP: Acronym for Simple Mail Transfer Protocol, a TCP/IP protocol for sending e-mail. See sendmail.

sniffer: A program which collects/displays all packets passing through an ethernet device on a LAN. Sniffing is accomplished by setting the device to promiscuous mode, which enables it to listen to all data packets, not just the ones destined for it. Kerberos is a security measure used to prevent sniffing.

spoofing: The process of forging data packets so they appear to come from another host, commonly used to gain access through packet-filtering firewalls.

SUID: Acronym for SetUID, a designation for UNIX programs that need the privleges of root when executing. Because they have superuser power, SUID programs are the most common targets of exploits.

telenet: An old packet-switching network that was one of the first to allow communication between terminals and servers. It was established by Sprint in 1975, and is now a part of the larger SprintNet.

telnet: Protocol for connecting to other systems via terminal- like access.

traceroute: Program that shows the pathway packets travel to a destination host with ICMP echo requests.

Trojan Horse: A program that seems to be legitimate but actually performs illicit actions when executed. Note that a trojan horse does not replicate like a virus does.

trunk: High-bandwidth telephone channels that run between major switching centers.

UDP: User Datagram Protocol, a connectionless TCP service

UID: Acronym for User Identifier, a 16-bit integer that is mapped to a username on UNIX systems. UNIX identifies a user by this number, not the username itself.

UNIX: Acronym for Uniplexed Information and Computing System, a multiuser, multitasking operating system primarily used on workstations and servers. Most internet servers run some variant of UNIX.

UUCP: Acronym for UNIX to UNIX CoPy, an old service used to directly transfer files from one computer to another. It was mostly utilized for mail transport.

VMS: Acronym for Virtual Memory System, an operating system designed for Digital's 32-bit VAX (Virtual Address eXtension) computers. Like UNIX, it is frequently used in server and workstation applications.

virus: A program which illicitly copies itself into memory and other programs, replicating and possibly deleting files or causing some other harms. Infected programs transferred from one system to another spread the virus further.

wardialer: Program which dials a series of numbers within a phone exchange (for example, 555-55XX) to locate modem-connected systems.

warez: Pirated software, illegally downloaded and distributed.

whois: Internet utility used to query a host to find out what users are registered on that system.

worm: A program which illicitly copies itself over and over again ceaselessly, consuming memory and disk space.

wrapper: A program used to control access to a second program on UNIX systems, enabled for security reasons. Sendmail is frequently wrapped due to its many bugs.