Next: Overview of study
Up: Introduction
Previous: Rationale of study
  Contents
Definition of terms
- Attack
- Any attempt to either obtain higher than normal access or to intentionally
deny other users proper use of a computer facility
- Buffer overflow
- When a program recieves more data than what it expected and
is not programmed to cope with such situations, the extra data will be put in
memory, probably overwriting other internal structures of a program. A well-crafted
buffer overflow can lead the attacked program to execute arbitrary code, possibly
giving the attacker complete control over the computer.
- DoS
- (Denial of Service) An attack or situation where the victim host is presented
with a much larger amount of request than what it can process, effectively blocking
the service to any user who legitimately needs to use it.
- Firewall
- A computer that sits at the perimeter of an internal, trusted network,
connected to a larger, less-trusted network (such as Internt), filtering and
recording undesirable packets from/to the outside world in order to enhance
security for the internal network.
- IETF RFC
- Internet Engineering Task Force's Request For Comments are a set of
documents discussing and defining network protocols and other standards required
for the correct inter-network operation needed for today's Internet to function.
- Line-oriented
- A protocol that sets the boundary for any client or server command
to be the new line character.
- Protocol
- A set of rules defining how a specific task should be handled by the
computer. All computer network communications are carried out through several
layers of protocols, ranging from the physical, concrete layer (electric signals
and their immediate meanings) to much more abstract layers.
- RFC
- see IETF RFC
- root
- The privileged super-user account, used for administration purposes. Attackers
often are looking for a way to forcibly get access to the root account, as there
is practically no limit to what it can do in a Unix system.
- TCP/IP
- Transmission Control Protocol/Internet Protocol, a protocol for Internet
applications which require session handling or delivery acknowledgement, such
as FTP, Telnet, SMTP, SSH and many others. This work is centered on line-oriented
TCP/IP-based protocols.
- UDP/IP
- User Datagram Protocol/Internet Protocol, a stateless protocol for Internet
applications which do not require session handling nor delivery acknowledgement,
such as DNS, BootP, TFTP, RPC and many others.
- UID
- User ID, a number identifying each user in a Unix system. UID 0 is reserved
for the root user.
- Unix
- The prevalent server operating system in use in Internet; a multi-tasking,
multi-user operating system designed in 1969 by Bell Labs
Next: Overview of study
Up: Introduction
Previous: Rationale of study
  Contents
Gunnar Wolf
2001-03-12