| Packet |
| A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and content. |
| Packet Filter |
| Inspects each packet for user defined content, such as an IP address but does not track the state of sessions. This is one of the least secure types of firewall. |
| Packet Filtering |
| Controlling access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP addresses of the source and destination. Packet filters let the administrator limit protocol specific traffic to one network segment, isolate email domains, and perform many other traffic control functions. Packet filtering is also one technique, among many, for implementing security firewalls. |
| Packet Sniffer |
| A device or program that monitors the data traveling between computers on a network. |
| Packet switching |
| IP Switching technology |
| Parasitic Virus |
| A parasitic virus requires a host to help it spread. |
| Passive Attack |
| An attack which does not result in an unauthorized state change, as does an active attack, but instead only passively monitors and/or records data. |
| Passive Threat |
| The threat of unauthorized disclosure of information without changing the state of the system. A type of threat that involves the interception, not the alteration, of information. |
| Passports |
| Passports are software controls that allow people to govern what information can be gathered about their surfing habits, as well as how the information can be used. As a general rule, any technology that restricts profiling will also restrict customization. Passports, however, aim to promote anonymous profiling, which in theory offers the best of both world -- anonymous customization. Passport technologies are emerging to insure online privacy, including the P3P (Platform for Privacy Preferences), the ICE (Internet Content and Exchange) standard, and the OPS (Open Profiling Standard). |
| Password |
| A series of characters, usually without spaces, that is unique to a single username. A password is leveraged to determine the authenticity of a user. |
| Password Encryption |
| A method used to prevent sniffers from obtaining a password. Because packet sniffers can "see" anything in plaintext, pubic key cryptography is often used to protect passwords while in transit. |
| Payload |
| The code within a virus that can cause damage, such as corruption or erasure of data. |
| PDC |
| PDC or primary domain controller is the domain server that contains a master copy of the security system, user accounts and computer databases that are used for authenticating users in a Windows NT network. Each domain has only one PDC, although several backup domain controllers may stand ready to take over if the PDC fails. |
| PEM |
| (Privacy Enhanced Mail) An IETF standard for secure electronic mail exchange. |
| Penetration |
| The successful unauthorized access to an automated system. |
| Penetration Signature |
| The description of a situation or set of conditions in which a penetration could occur or of system events which in conjunction can indicate the occurrence of a penetration in progress. |
| Penetration Testing |
| The portion of security testing in which the evaluators attempt to circumvent the security features of a system. |
| Performance |
| In the context of computing, performance generally refers to the speed of a specific process. |
| Perimeter Based Security |
| The technique of securing a network by controlling access to all entry and exit points of the network. Usually associated with firewalls and/or filters. |
| PERL |
| Practical Extraction and Report Language - A programming language used for writing Web server applications. Perl is a popular and widely used free-licensed language. |
| PGP |
| (See Pretty Good Privacy) A personal public key cryptography program, primarily for encrypting email messages. It is popular because of its effectiveness and usability. |
| Phage |
| A program that modifies other programs or databases in unauthorized ways; especially one that propagates a virus or Trojan horse. |
| PHF |
| A phone book file demonstration program that hackers use to gain access to a computer system and potentially read and capture password files. |
| PHF Hack |
| A well-known and vulnerable CGI script which does not filter out special characters (such as a new line) input by a user. |
| Phracker |
| An individual who combines phone phreaking with computer hacking. |
| Phreaker |
| Also Phreak - An individual fascinated by the telephone system. Commonly, an individual who uses his knowledge of the telephone system to make calls at the expense of another. |
| Phreaking |
| The art and science of cracking the phone network using a computer or other device. Closely related to hacking. Typically, phreaking is used to make free calls or to have calls charged to a different account. |
| Physical Security |
| The measures used to provide physical protection of resources against deliberate and accidental threats. |
| Piggy Back |
| The gaining of unauthorized access to a system via another user's legitimate connection. |
| Ping |
| Short for Packet Internet Groper, a utility to determine whether a specific IP address is accessible. It works by sending a packet to the specified address and waiting for a reply. PING is used primarily to troubleshoot Internet connections. There are many freeware and shareware PING utilities available for personal computers. |
| PKI |
| Short for public key infrastructure, a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. PKIs are currently evolving and there is no single PKI nor even a single agreed-upon standard for setting up a PKI. However, nearly everyone agrees that reliable PKIs are necessary before electronic commerce can become widespread. A PKI is also called a trust hierarchy. |
| Plaintext |
| Unencrypted data. |
| Plug-in |
| A software program that extends the functionality of a program. Plug-ins can be downloaded from the Internet onto the user's computer. For example, there are programs that allow you to listen to the radio vis the World Wide Web. |
| Polymorphic Virus |
| A virus that changes its internal structure or encryption methods. |
| POP |
| Post Office Protocol - A protocol used for accessing electronic mailboxes, the most common of which is POP3. It allows users to receive messages only. The outgoing protocol is called SMTP. |
| POP3 |
| POP protocol, post office protocol (Internet) (POP). The POP protocol, version POP3, is used for the transfer of emails between the workstation computer (PC) and the central email server of the relevant service provider. The workstation computer uses POP3 to establish a connection with the POP server and collects the mail. POP3 is a protocol specified in RFC1725 for the transfer of emails from the central server system to a users’ workstation system. Today POP3 is the de facto standard for email systems. In future the POP3 protocol is to be replaced by IMAP. POP3 does not yet give security a high priority. For authentication, fro example the user name is written out in clear text and a password is added. The APOP protocol, a POP add-on, offers better security in that it encrypts the authentication to protect it from unauthorized access. |
| Port |
| As a network term, port refers to a specific position in device memory that is remotely accessible, and through which network data is routed. Generally speaking, it is a specific spot that enables a physical connection to another device, usually involving a socket and a plug. Personal computer are traditionally equipped with multiple serial ports and at least one parallel port. |
| Portal |
| This is a gateway into the Internet, and may be a search engine or a directory of Internet pages. A portal provides a starting point when searching on the Internet for specific interest groups. Most portals have links to a range of interesting pages and specific search engines or Internet directories. The portal can also be used to combine various e-business solutions, as with the Siemens Procurement Portal (EL). Well-known portals include Infoseek, Excite, Yahoo, Lycos, and AOL. |
| POS |
| Packet over SONET (Synchronous optical networking) |
| POTS |
| Plain Old Telephone Service. The basic service supplying standard single line telephones, telephone lines and access to the public switched network. Nothing fancy. No added features. Just receive and place calls. Nothing like Call Waiting or Call Forwarding. They are not POTS services. All POTS lines work on loop start signaling. |
| PPP |
| Point-to-Point Protocol - Governs the way a modem connection exchanges data packets with an Internet Service Provider. |
| PPTP |
| Point-to-Point Tunneling Protocol - Allows secure transmission of TCP/IP packets. |
| Pretty Good Privacy |
| A technique for encrypting messages developed by Philip Zimmerman. PGP is one of the most common ways to protect messages on the Internet because it is effective, easy to use, and free. PGP is based on the public-key method, which uses two keys -- one is a public key that you disseminate to anyone from whom you want to receive a message. The other is a private key that you use to decrypt messages that you receive. To encrypt a message using PGP, you need the PGP encryption package, which is available for free from a number of sources. The official repository is at the Massachusetts Institute of Technology. PGP is such an effective encryption tool that the U.S. government actually brought a lawsuit against Zimmerman for putting it in the public domain and hence making it available to enemies of the U.S. After a public outcry, the U.S. lawsuit was dropped, but it is still illegal to use PGP in many other countries. |
| Primary Domain Controller |
| The primary domain controller (PDC) is the domain server that contains a master copy of the security system, user accounts and computer databases that are used for authenticating users in a Windows NT network. Each domain has only one PDC, although several backup domain controllers may stand ready to take over if the PDC fails. |
| Private Key Cryptography |
| An encryption methodology in which the encryptor and decryptor use the same key, which must be kept secret. This methodology is usually only used by a small group. |
| Probe |
| Any effort to gather information about a machine or its users for the apparent purpose of gaining unauthorized access to the system at a later date. |
| Promiscuous Mode |
| Normally an Ethernet interface reads all address information and accepts follow-on packets only destined for itself, but when the interface is in promiscuous mode, it reads all information (sniffer), regardless of its destination. |
| Protocol |
| Agreed-upon methods of communications used by computers. A specification that describes the rules and procedures that products should follow to perform activities on a network, such as transmitting data. If they use the same protocols, products from different vendors should be able to communicate on the same network. |
| Prowler |
| A daemon that is run periodically to seek out and erase core files, truncate administrative logfiles, nuke lost & found directories, and otherwise clean up. |
| Proxy |
| A device or program that replaces the IP address of a host on the internal (protected) network with its own IP address for all traffic passing through it. |
| Proxy Server |
| A server that sits between a client application, such as a Web browser, and a real server. It intercepts all requests to the real server to see if it can fulfill the requests itself. If not, it forwards the request to the real server. Proxy servers have two main purposes: Improve Performance: Proxy servers can dramatically improve performance for groups of users. This is because it saves the results of all requests for a certain amount of time. Consider the case where both user X and user Y access the World Wide Web through a proxy server. First user X requests a certain Web page, which we'll call Page 1. Sometime later, user Y requests the same page. Instead of forwarding the request to the Web server where Page 1 resides, which can be a time-consuming operation, the proxy server simply returns the Page 1 that it already fetched for user X. Since the proxy server is often on the same network as the user, this is a much faster operation. Real proxy servers support hundreds or thousands of users. The major online services such as Compuserve and America Online, for example, employ an array of proxy servers. Filter Requests: Proxy servers can also be used to filter requests. For example, a company might use a proxy server to prevent its employees from accessing a specific set of Web sites. |
| PSTN |
| Public Switched Telephone Network. PSTN is an abbreviation used by the ITU-T. PSTN simply refers to the local, long distance and international phone system which we use every day. In some countries it's only one phone company. In countries with competition, e.g. the United States, PSTN refers to the entire interconnected collection of local, long distance and international phone companies, which could be thousands. |
| Public Key Cryptography |
| Type of cryptography in which the encryption process is publicly available and unprotected, but in which a part of the decryption key is protected so that only a party with knowledge of both parts of the decryption process can decrypt the cipher text. |
| Public Key Encryption |
| A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it. An important element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key. Public-key systems, such as Pretty Good Privacy (PGP), are becoming popular for transmitting information via the Internet. They are extremely secure and relatively simple to use. The only difficulty with public-key systems is that you need to know the recipient's public key to encrypt a message for him or her. What's needed, therefore, is a global registry of public keys, which is one of the promises of the new LDAP technology. Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometime called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption). |
| Public-key method |
| This is an encryption technique which h can also be used for identification and verification. It works using a secret code, which is only known to the authorized user, and a public code, which can be distributed via the Internet. Together, both codes (or keys) produce a universal key-pair. They are required to encrypt and decrypt data (cryptography). |
