Security Terminology

Firewall: A firewall is a barrier between a network and the outside world. Sometimes a firewall is a stand-alone server, sometimes a router, and sometimes software running on a machine. Whatever it’s physical form, the purpose is the same: to filter traffic entering and exiting a network. Firewalls are related to, and often used in conjunction with, a proxy server.

Proxy Server: A proxy server hides your internal network IP addresses and presents a single IP address (its own) to the outside world.

Firewalls and proxy servers are added to networks to provide basic perimeter security. They filter incoming and outgoing network traffic but do not affect traffic on the network.

Intrusion Detection System (IDS): An IDS monitor’s traffic looking for suspicious activity that might indicate an attempted intrusion.

Access control is the aggregate of all measures taken to limit access to resources. This includes logon procedures, encryption, and any method that is designed to prevent unauthorised personnel from accessing a resource. Authentication is clearly a subset of access control, perhaps the most basic security activity.

Authentication is simply the process of determining whether the credentials given by a user or another system, such as a username and password, are authorised to access the network resource in question.

Non-repudiation is any technique that is used to ensure that someone performing an action on a computer cannot falsely deny that they performed that action. Various system logs provide one method for non-repudiation. Auditing is the process of reviewing logs, records, and procedures to determine whether they meet standards.

Least privilege: you only assign the minimum privileges required for that person to do his job, no more.

Confidentiality, Integrity, and Availability (CIA Triad): All security measures should affect one or more of these areas. For example, hard drive encryption and good passwords help protect confidentiality. Digital signatures help ensure integrity, and a good backup system, or network server redundancy, can support availability.

Hacking Terminology

• In the hacking community, a hacker is an expert on a particular system or systems who wants to learn more about the system. Hackers feel that looking at a system’s flaws is the best way to learn about it.

• White hat hackers, upon finding vulnerability in a system, will report the vulnerability to the vendor of that system.

• Black hat hackers are the people normally depicted in the media (e.g., movies and news). After they gain access to a system, their goal is to cause some type of harm. They might steal data, erase files, or deface websites. Black hat hackers are sometimes referred to as crackers.

• Grey hat hackers are typically law-abiding citizens, but in some cases will venture into illegal activities. They might do so for a wide variety of reasons. Commonly, grey hat hackers conduct illegal activities for reasons they feel are ethical, such as hacking into a system belonging to a corporation that the hacker feels is engaged in unethical activities.