- Distributed Denial of Service (DDoS)
- Drive-by attack
- Internet Service Provider (Internet Service Provider)
- Social Engineering
- Social Network
- Zero-Day Exploit
Bot is an abbreviation of „robot“, and depicts a program that acts independently of a human user. Malicious bots can for example send spam mails or participate in a denial of service attack. Often the term bot is used for for a malware infected computer system.
Distributed Denial of Service (DDoS)
DoS stands for the generic Denial of Service attack. Such an attack tries to bring down the victims system or service. Common types are a) E-Mail-Bombing; The sending of large numbers of e-mails to one recipient with the goal to impact the mail service of the victim b) E-Mail-List Bombing; Subscrib a large number of (fake) addresses to a list. c) Distributed DoS (DDoS); Attacking of a victim from many systems at the same time, typically to overload the targeted network or service.
In a Drive-By attack the victim visits a malicious website that exploits a vulnerability in the webbrowser to install malware. Drive-By sites are often hacked legitimate websites and thus difficult to recognize.
A firewall restricts external traffic to your computer. If enabled, ilicit accesss to your computer from the internet becomes much harder. Most routers and operating systems today have a firewall integrated. It should always be active.
Internetzugangsanbieter (Internet Service Provider)
An internet service providers enables you to connect to the internet. The largest Swiss ISPs Swisscom, Sunrise and UPC are also founding members of the SISA.
An IP address is a unique number that indenifies your computer on the internet. It is needed to reach another system when communicating over the internet.
A patch is a peice of software that fixes problems, in particular security problems, in existing programs. Typically patches are distributed periodically and ar installed automatically, if automatic update feature is enabled. Many User programs though require a manual installation.
Phishing is the act of trying to steal personal data bey tricking the victim into visiting fake websites or reply to fake mails .
Ports identify a service on an internet server. Valid port numbers are 1-65535.
Social engineering is the act of deceiving a person to achieve an illicit goal, e.g. get access to a system or confidential data. It always targets a human and typically appeals at the victims sens of goodness. Social engineering can use fake phone calls, e-mails or even in person meetings. A phishing mail is also a form of social engineering.
A social network is an internet platform to maintain connection and exchange (social) information in a private or professional context. Examples are Facebook, myspace, studiVZ, Xing, LinkedIn usw.
A Trojan Horse or short „Trojaner“ is a useful software that has a malicious component operating in the background. A Trojan is malware.
A computer virus (Latin from virus ‚poison, slime‘) which rplicates itself by infection other computers. The term refers to the way the software distributes itself.
Once loose it typically continues spreading uncontrolled. A virus is Malware.
Often the term is used as a synonym for malware . VoIP
Voice over IP or short VoIP is a technology to transport voice messages over the internet. It is an alternative to the traditional land line phone system. Given a functioning internet infrastructure VoIP is muc cheaper than traditional telephony. However geolocation VoIP endpoints is not easy which make it unsuitable for certain usages, such as emergency calls.
Wireless Local Area Network (WLAN) is a term for wireless radio networks. Sender and receiver must use a pre defined standard to communicate. Many internet home routers have a wireless base station build in.
A worm is a software that copies itself from one system to the other, similar to a virus.
- Unknown phase
- Detected but not yet fixed.
- Patch available (only 60 % – 80 % of the known vulnerabilities are actually fixed)
- Patch installed
Once a patch is available hackers quickly create exploits to use them before the security patch is installed.