Cybersecurity Definitions P 0 0

Packet switched network psn

A packet switched network (psn) is a computer communications network that groups and sends data in the form of small packets. It enables sending of data packets between a source and destination node over a channel that is shared between multiple users and/or applications. A packet switch is also known as a connectionless network, as it does not create a permanent connection between a source and destination node.

Packet

A packet is a unit of data that is routed between an origin and a destination on the internet or any other packet-switched network. When any file (such as e-mail message, html file, graphics interchange format file, uniform resource locator request) is sent from one place to another, the transmission control protocol (tcp) layer of tcp/ip divides the file into smaller chunks ideal for routing.

Partitions

Partitioning is the division of a computer hard disk or other secondary storage into one or more regions. Many computers have hard disk drives with only a single partition but others have multiple partitions so that an os can manage information in each region separately. Each partition then appears in the os as a distinct logical disk that uses part of the actual disk.

Password authentication protocol pap

Password authentication protocol (pap) is the most basic form of authentication in which a user’s name and password are transmitted over a network and compared to a table of name-password pairs. The basic authentication feature built into the http protocol uses pap.

Password cracking

Password cracking is the process of trying to guess or crack passwords to gain access to a computer system or network. Crackers generally use a variety of tools, scripts, or software to crack a system password. Password cracks work by comparing every encrypted dictionary word against the entries in the system password file until a match is found.

Password sniffing

Password sniffing is a technique used to gain knowledge of passwords that involves monitoring traffic on a network to pull out information. There are several softwares available for automatic password sniffing.

Patch

A patch is a piece of software designed and created to update a computer program or its supporting data, to fix or improve it. This includes fixing security vulnerabilities and other bugs, usually called bug fixes. Each patch is created to improve the usability and/or performance of the system or application.

Patching

Patching is the process of updating software to a different version. It is also referred to as updating the software to the latest version available and is key in removing bugs of the previous version.

Payload

A payload is the actual application data a packet contains. It is part of the transmitted data which is the fundamental purpose of the transmission. In summary, payload refers to the actual intended message in a transmission.

Penetration testing

Penetration testing is also called pen testing. It is the practice of testing a computer system, network or web application to find vulnerabilities that an attacker or attacker could exploit.

Penetration

Penetration is defined as gaining unauthorized logical access to sensitive data by evading a system’s protections.

Permutation

Permutation is a technique that keeps the same letters but changes the position within a text to scramble the message.

Personal firewall

Personal firewalls are those firewalls that are installed and run on individual computers. A personal firewall is an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy. Typically it works as an application layer firewall.

Pharming

Pharming is defined as a cyber attack that is intended to redirect a website’s traffic to a masquerading website, which may be a fake one. Pharming is achieved by corrupting a dns server on the internet and steering a url to the masked website’s ip. Generally all users use a url like www.worldbank.com instead of the real ip (192.86.99.140) of the website. The url can be redirected to send traffic to the ip of the pseudo website by substituting the pointers on a dns server. The transactions can be imitated and information like login credentials can be gathered at the pseudo site. Using the information gathered, the attacker can access the real site and conduct transactions using the credentials of a valid user.

Phishing

Phishing is an attempt to acquire sensitive information such as usernames, passwords, and credit card details by impersonating as a trustworthy entity. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Ping of death

A ping of death is an attack that involves sending a distorted or otherwise malicious ping to a computer with the intent of overflowing the input buffers of the destination machine and causing it to crash. A ping of death is fragmented into groups of 8 octets before transmission.

Ping scan

A ping scan looks for machines that are responding to icmp echo requests.

Ping sweep

A ping sweep is a technique that is used to establish a range of ip addresses mapping to live hosts. Well-known tools with ping sweep capability include nmap for unix systems, and the pinger software from rhino9 for windows nt. There are many other tools with this capability, including: hping, simple nomad’s icmpenum, solarwinds ping sweep, and foundstone’s superscan. Pings can be detected by protocol loggers like ippl.

Plaintext

Plaintext is the most portable format and is supported by almost every application. In cryptography, plaintext refers to any message that is not encrypted.

Point to point protocol ppp

Point-to-point protocol (ppp) is a communication protocol between two computers that uses a serial interface, typically a personal computer connected by a phone line to a server. Ppp uses the internet protocol (ip) and is sometimes considered a member of the tcp/ip suite of protocols.

Point to point tunneling protocol pptp

The point-to-point tunneling protocol (pptp) is an approach used to implement virtual private networks (vpn). Pptp uses a control channel over tcp and a gre tunnel operating to encapsulate ppp packets.

Poison reverse

Poison reverse is a method where the gateway node communicates to its neighbor gateways that one of the gateways is no longer connected. The notifying gateway sets the number of hops to the unconnected gateway to a number that indicates “infinite”. In effect, advertising the fact that their routes are not reachable.

Polyinstantiation

Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks. It may also indicate, such as in the case of database polyinstantiation, that two different instances have the same name (identifier, primary key).

Polymorphism

Polymorphism is the process where malicious software changes its underlying code to avoid detection. A polymorphic type is one whose operations can also be applied to values of some other type, or types.

Port scan

A port scan is a sequence of messages sent by an attacker attempting to break into a computer. Port scanning provides the attacker an idea where to probe for weaknesses. A port scan consists of sending a message to each port, one at a time.

Port

A port is an end point of communication in an operating system. It is identified for each address and protocol by a 16-bit number, commonly known as the port number.

Possession

Possession is the holding, control, and ability to use information.

Post office protocol version 3 pop3

Post office protocol, version 3 (pop3) is an internet standard protocol through which a client workstation can access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.

Practical extraction and reporting language perl

Perl is a family of high-level, general-purpose, dynamic programming languages. These languages include perl 5 and perl 6. Perl was originally developed by Larry Wall in 1987 as a general-purpose unix scripting language.

Preamble

A preamble is a signal used in communications to synchronize the transmission timing between two or more systems. A preamble defines a specific series of transmission pulses that is understood by communicating systems. This ensures that systems receiving the information correctly interpret when the data transmission starts. The actual pulses used as a preamble vary depending on the network communication technology in use.

Pretty good privacy pgp tm

Pretty good privacy (pgp) tm is a trademark data encryption and decryption program. This program provides cryptographic privacy and authentication for data communication. It was created by phil zimmermann in 1991. Pgp is generally used for encrypting and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.

Private addressing

Iana has set aside three address ranges for use by private or non-internet connected networks. This is referred to as private address space and is defined in rfc 1918. The reserved address blocks are: 10.0.0.0 to 10.255.255.255 (10/8 prefix) 172.16.0.0 to 172.31.255.255 (172.16/12 prefix) 192.168.0.0 to 192.168.255.255 (192.168/16 prefix).

Program Infector

A program infector is a piece of malware (or virus) that attaches itself to existing program files. Once the original infected program is run the virus transfers to the computer memory and may replicate itself further, spreading the infection. This type of virus can be spread beyond one’s system as soon as the infected file or program is passed to another computer.

Program policy

A program policy is a high-level policy that sets the overall tone of an organization’s security approach.

Promiscuous mode

Promiscuous mode allows a network device to intercept and read each network packet that reaches in its entirety. This is used by network administrators to diagnose network problems, but also by unsavory characters who are trying to eavesdrop on network traffic (which might contain passwords or other information).

Proprietary information

Proprietary information is that information unique to a company and its ability to compete, such as customer lists, technical data, product costs, and trade secrets.

Protocol stacks osi

Protocol stacks are a set of network protocol layers that work together.

Protocol

A protocol is a special set of rules that end points in a telecommunication connection when they communicate. Protocols specify interactions between the communicating entities. Protocols exist at several levels in a telecommunication connection.

Proxy server

A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion. Most proxies are web proxies, facilitating access to content on the world wide web and providing anonymity.

Public key encryption

Public key encryption is also known as asymmetric cryptography. Public key encryption is a cryptographic system that uses two keys, a public key known to everyone and a private or secret key known only to the recipient of the message.

Public key forward secrecy pfs

Public-key forward secrecy (pfs) is a key agreement protocol based on asymmetric cryptography. It ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the private keys is compromised in the future.

Public key infrastructure pki

A public key infrastructure (pki) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. It enables users of an unsecured network to securely exchange data and money through the use of a public and a private cryptographic key pair that is obtained through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.

Public key

A public key is the publicly-disclosed component of a pair of cryptographic keys used for asymmetric cryptography.

** The time is base on America/Chicago timezone