Online Security Terms


Online Security Terms


by Marc Liron - Microsoft MVP (Windows Desktop Experience)




There are many terms used when talking about the important topic of Online Security.

Every Internet user should at least have a basic understanding of the terms used and so I have collected a few of the more popular ones and put them in this article with a brief explanation of each.



Here Is A List Of Common Online Security Terms:

Adware means "Advertising Supported Software". It refers to placing adverts in software or distributing them along side a software download. Distributing a program that has adverts for third parties such as a finance company is Adware. Whilst generally harmless they are non the less annoying.

Bots are software applications that run automated tasks over the internet. Bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human editor alone. Bots are used in a malicious way by criminal gangs to coordinate attacks on networked computers for financial gain. (Thousands of infected PC's around the world can all be used at the same time for an unlawful act.)

Botnet This is the name given to a collection of these bots.

Cross-site scripting This is a method of placing malicious scripts on websites that are then "executed" inside the web browser of the person viewing the website. These scripts can be dangerous at times. These scripting vulnerabilities can be used by attackers to bypass the access controls, however as soon a new vulnerability becomes known both the Internet Explorer and FireFox browsers are "patched" quickly. This is why it is essential to be using the latest browser version. Since 2005 there have been multiple instances of the cross-site scripting, most notable sites affected have been MySpace and Yahoo.

DDos stands for Distributed Denial of Service. A DDos attack attempts to consume the target resources so that it can not provide the service. The resources consumed are either an internal host resource on the target system or data transmission capacity in the local network to which the target is attacked. In plain English this means a website can be brought down by aiming 1,000's of page requests a minute until the website can no longer cope and fails! Criminal gangs will use this kind of attack to threaten website owners into paying "protection" money.

A drive-by download is a program that is involuntarily downloaded to your computer, without your permission or even your awareness. A drive-by download can be commenced by simply visiting a Web site or viewing an HTML e-mail message.

Exploit This is name given to any process that seeks to take advantage of a code vulnerability, usually in a web browser such as Internet Explorer or FireFox.

Firewall In its simplest form it is a software security mechanism that prevents unwanted/unauthorised internet traffic from entering your computer. A firewall can also block software on your computer from sending out data as well. Having a software firewall on your computer is ESSENTIAL if you are connected to the Internet.

Honeypots are decoy systems that are designed to lure a potential attacker away from critical systems. Honeypots are designed to divert an attacker from accessing critical systems, collect information about the attacker's activity and encourage the attacker to stay on the system long enough for systems administrator to respond.

A keylogger is a hardware tool or small program that monitors each keystroke a client types on a specific computer's keyboard. As a hardware device, a keylogger is a tiny battery-sized plug that sits between the between the user's keyboard and computer. Keyloggers can steal valuable information that can allow a thief access to your online banking account etc.

Malware is software that is designed to damage a computer system without the owner's informed permission. It is a combination of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Phishing is the act of deception by giving someone secret information or tricking them into doing somewhat that they normally wouldn't do or shouldn't do. For example: distributing e-mails to a number of users falsely claiming to be your bank etc.. in an endeavour to cheat the users into yielding private information like passwords. The latest versions of Internet Explorer 8 and FireFox 3 have built in phishing filters to help spot this kind of activity.

Root Kit is a set of tools that hackers embed in a victim's computer. They can act as a "back door" entrance onto your computer and provide information for the person who put them there. These tools have been especially designed to allow malicious processes/applications to run on your computer but evade detection.

Spyware is any technology that assists in collection of information about a computer user without their knowledge. Spyware is software that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a virus or as the result of installing a new program. If you have some annoying advertising that appears on your computer all the time you are likely infected with a spyware application.

Trojan is a software application that installs malicious software while under the guise of doing something else. These are nasty things to get infected by and are used to steal data from you as you use your computer!

Virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable medium such as a CD, USB drive or by the Internet and eMail. Not all viruses are harmful BUT they all cause problems on the infected PC.

Worm is similar to a virus but with a different implementation. It is a self-replicating computer program. It uses a network to send copies of itself to other PC's and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms can bring a PC down to the point where it is impossible to use it because it it too slow. Worms can also harm a company network by consuming most of the available network bandwidth, so that the connected PC's can not speak with each other.

A zero-day exploit is the one that takes advantage of security vulnerability on the same day that the vulnerability becomes generally known. Ordinarily, after someone detects that a software program contains a potential exposure to exploitation by a hacker that person or company can notify the software company and sometimes the world at large so that action can be taken to repair the exposure or defend against its exploitation.

Zombie is a program that secretly takes over another Internet attached computer and then uses that computer to launch attacks that are difficult to trace. Zombies are typically used in denial of service attacks (DOS), typically against targeted Websites. 10,000 zombie PC's can be used in a single attack! What usual happens is a criminal gang will approach the "owner" of the zombie PC's and pay them to perform an "attack."

If you have just read all of the above it is easy to become nervous of using the Internet and email ever again!!!

However you can generally remain safe if you:

Use an up to date professional AntiVirus and AntiSpyware package, make sure your Windows Firewall is on and have Windows Updates set to automatically receive any updates from Microsoft as they become available.

In addition if you have not yet moved to Internet Explorer 8 or FireFox 3, from an older version, do so now!


TuneUp Utilities 2009

TuneUp Utilities 2009 - Free trial version Click here!


>>> My FREE Windows Newsletter! >>>



Claim YOUR Fortnightly copy of my FREE Windows Newsletter covering:

Windows XP, Windows Vista, Windows 7 , Microsoft Office and Windows Live Services - Sign-up TODAY!!!


Your Details are secure - we never pass them on to anyone else!

Privacy Policy


Kind Regards

Marc Liron

Marc Liron - Microsoft MVP


Site Build It


My FREE Windows Newsletter


Subscribe TODAY!

Free Windows Newsletter

The Marc Talks Tech Newsletter

An unrivalled selection of articles, tips, videos and news related to Windows XP / 7/ Vista / Office & Windows Live services...

A popular choice - and for a good reason!!

Get YOUR Copy NOW!




Affordable online backup for your small business