Brute force – An automated method of cracking a password by trying every possible combination until the correct one is discovered, typically run on a copied encrypted password file, not an operational system.
Buffer overflow attack – A classic, sophisticated attack requiring intimate knowledge of the targeted application, exploiting one of the most common programming errors. It involves sending more data to a particular field than the programmer has allowed for, and including malicious code in that data. The data ‘overflows’ into related program areas and the malicious code executes.
Cracker – A malicious hacker.
Cryptanalysis – The discipline of trying to break encryption algorithms.
Data driven attack – An attack that bypasses firewall and other security devices as it involves inserting data in web forms that can form the basis of a malicious attack on the back-end system or database.
Distributed denial of service – A simple attack that involves flooding a particular router or network with more traffic than it is capable of handling. The proliferation of viruses armed with a Trojan horse, combined with the increase in broadband-connected PCs – particularly PCs running Windows XP – has greatly increased the menace of such attacks.
Exploit – A tool that automates a hack, typically taking advantage of a vulnerability in the targeted system. The first exploit was arguably ‘Crack’, an application for discovering the encrypted passwords of a Unix system.
False positive – An alert sent by an intrusion detection system when it mistakenly identifies a legitimate event as malicious activity. Hackers often turn this to their advantage by provoking a flood of false positives in targeted systems in a bid to cover up their aims.
Keystroke logger – A Trojan horse application that, on entering a host, unobstrusively logs all the user’s keystrokes. Sequences such as 16-digit credit card numbers are particular easy to detect in keystroke logs.
Logic bomb – Malicious code left behind in an application that is programmed to ‘go off’ at a particular time, for example, by deleting valuable files.
Port scan – An automated scan to find open ports on a network connected PC or server.
Malware – Malicious software, such as viruses, worms and Trojan horses.
Open relay – Misconfigured mail server that enables anyone, but normally spammers, to anonymously route email.
Phreaking – Hacking the phone system.
Remote access Trojan – A Trojan horse specifically designed to enable the attacker to take over the target machine.
Script-kiddie – An unsophisticated hacker who typically uses the attack tools of other hackers, such as point-and-click virus writers and DDoS attack coordination software, such as Trinoo or Tribe Flood Network.
Sniffer – An application running in the background that analyses network traffic.
Social engineering – The hacker’s art of persuading unsuspecting users to part with crucial information, such as passwords.
SQL injection attack – An increasingly popular mode of attack that involves inputting SQL code into web site login and password fields. The code can trick an SQL database into granting access to the hacker.
Trojan horse – An application nefariously loaded on a target system with the intent of executing the malicious code.
Virus – A malicious program that attaches itself to legitimate applications, normally with harmful side effects.
Worm – A self-replicating virus that automatically duplicates and sends copies of itself either to email addresses of IP addresses.
Zero-day attack – An attack that exploits a newly discovered bug, catching application vendors, security experts and users unawares.