Glossary for Newbies
Posted: 03 Apr 2006, 15:53
GLOSSARY OF TERMS
Which may be useful in Googling and understanding a little bit more about hacking/cracking etc. Keep in mind this list is by no means comprehensive nor exhaustive. It is merely a primer to assist you in understanding and learning.
1. Hacker: Someone technologically adept with computers such as programming, problem solving, electronic devices and software. A computer user who is able to gain entry into a computer or system to expose vulnerabilities or test security. A person called a hacker in proper jargon is mostly the person who finds the solution within minutes where a dozen graduate programmers fainted only by watching at the output code of the bug. (Stories and legends at M.I.T. still go round)
2. Bug: Windows Internet Explorer after six month of unpatched usage.
3. Cracker: Similar to but different than a hacker. A cracker is someone who breaks into computers, can bypass security or remove copy protection from software or exploits weaknesses in software. A cracker usually operates with malicious intent, blackmails the company for money or re-sells the obtained information to third parties.
4. Server: A computer that relays information to other computers and is connected by a network. The client (you) requests information by making a connection to the server on a specific protocol. Servers can also refer to the software that makes the act of serving possible. (Ex): WWW-servers, FTP-servers; SMTP (Mail) servers, POP (Post-Office-Protocol)-servers (allegedly named *Point of Presence*).
5. Web Server: A computer using software that delivers web pages on the HTTP protocol. A website is hosted on a web server and is called a web 'realm'.
6. HTTP: Hyper Text Transfer Protocol. The protocol which enables Web browsing.
7. Host: a computer on a network. Localhost (127.0.01): your computer as 'local-host'.
Remote-host : that other computer to which you receive and sent data to. Any computer that is not yours.
8. WWW: Robot-rules.
9. Port: Software on a socket communication represented and assigned (http://www.iana.org/assignments/port-numbers) numeric values as over UDP/TCP. A client machine would like access to something specific on a remote machine and connects to the standard/assigned ports on the server. Standard/assigned ports are (Ex): "80" for HTTP, "22" for FTP, etc.. Ports are either public, reserved or proprietary. When they are reserved like port 131 to 137 (NetBIOS), or blizwow 3724/tcp -> World of Warcraft, only tele-communication on that port will work with the specific software company that has a software patent over those ports. Security flaws begin here.
10. UDP: User Datagram Protocol. Transports data as a connectionless protocol using packet switching.
11. Packet Switching: Protocols in which messages are divided into packets before they are sent. Each packet is transmitted individually and can follow different routes to its destination. The packets are then reassembled at the destination.
12. Socket: Combination IP address and port number. A wrapper around software to make the hardware or other software do `things'. Note: many believe it is the socket that controls the software because the socket is closer to the hardware or similar mystical reasons. It is the opposite: software talks to the socket on how to use devices or to communicate with other software or processes. Your browser uses a socket to communicate to your ethernetcard and surf over Internet.
13. Ethernet: Common LAN wiring and can handle many Mb's per second.
14. Buffer: A temporary storage which handles data being sent or received. Normally, two different devices have different speeds and capabilities for handling data flow. The buffer mediates how much data is being sent and received at speeds the devices can handle. Think of 'buffer' as 'how much can this thing take in the stomach in one round'. (Ex): a webserver can handle for example, a maximum of 300 requests at a time. Each request is called a 'thread' and allocated (reserved a required amount) to the buffer. 'Threads' make 'child-threads' that have to be handled according to the buffer capacities. The webserver is configured to either reject or to accept the parent-thread and all its child-processes. When you see a 'web-connection' saying 'Connection: keep-alive' it means the buffer will do its best to handle all the threads from the same client.
15. Process(es): A running instance of a program.
16. Buffer Overflow: This happens when more data is put into the buffer area than the buffer can handle. This can result in system crashes, especially d0s (Denial Of Service: the server says `argh..f*ck off and it crashes).
On improperly configured or written software, an open backdoor is the result of a buffer-overflow. Since the service crashed, it now allows all other operations or transmits the exit-status of the last operation as 'regular' and 'Ok' to the system or parent-process just before fainting.
17. Exit-status: When a program terminates, crashes or is shutdown (closed), it sends a 'status' to its parent process. Programs do not just close and disappear, they send reports to logfiles. (Ex): the unreadeable thing you get on Windows "This program is not responding: Error 0x8e500..whatever...".
That's .. an 'exit-status'.
18. Log file: A file that lists actions that have occurred.
19. Backdoor: A type of remote controlled software that allows a third party to to covertly control system resources. Can allow access to a computer without the user's knowledge or the need for common security settings such as passwords, firewall settings and IP-routing (Intranet, LAN, VPN, etc..).
A Backdoor 'crack' is often the result of a tamed service by buffer-overflow.
20. Intranet: Inter-connected network within one organization which uses Web technology for sharing information internally and not world wide.
21. VPN: Virtual Private Network. Portions of a network are connected via the internet but any information sent is encrypted. Uses the internet as a medium for transporting data.
22. Packet: Generic term for a bundle of data organized in a specific way for transmission commonly called 'chunks'. Each packet has a `header' (system defined control information that precedes user information), a 'body' and a checksum (count of the number of bits in a transmission so the receiver can see if the same number that was sent is the number which arrives) to have a very well organized order and firm control in case they do not arrive at the destination in the exact sent order. (That happens !!). Contains the destination address. A packet is followed by a SYN-message (synchronize. A control bit occupying one sequence number to indicate where the sequencing starts) and an ACK-signal (acknowledgment. When a computer sends data the receiving computer sends an ackowledgement the data was received) by the remote machine(s) that respond to the proper SYN and ACK signals of the packages sent. When any file (email, URL request, image file etc) is sent over the internet, the Transmission Control Protocol (TCP) of the TCP/IP layer breaks the data into chunks to be reassembled at the destination.
23. Protocol: The "language" spoken between computers to help them exchange information.
24. TCP: A protocol used on the internet to handle transmission of data. TCP keeps track of the packets and ensures the data arrives in the same order in which it was sent. (That is why IP was not 'enough..')
Be sure to read ISO-layer and levels of interpolarity of importance between protocols, usually from indispensable to ephemeral:
-IP
-ARP
-TCP over IP
-NAT
-DNS
-NFS
-WWW & Plug & Play
25. IP: Internet Protocol which handles data transmission but while TCP keeps track of packets and their order, IP is involved with handling the delivery of the packets.
26. Packet Sniffer: A device or program that monitors data being sent between computers on a network. Usually puts itself into the device drivers of the network card to gain access to data, especially the SYN, ACKs and checksums of the packets trailing one after the other.
27. Drivers: Small programs that tell your computer what the hardware/peripheral is and how it is to work properly with your OS.
28. .exe: A file extension that denotes the file is an "executable". Usually programs. A Windows type of file when clicked launches or installs a program.
29. Hyperlink: Text or images that when clicked transport the user to another page or a different location on the same page.
30. LAN: Local Area Network. A local (home, office or group of computers in the same area) network for communication between computers. Has a fast data transmission rate. Also may connect devices such as printers, word processors and storage units.
31. MAC Address: Media Access Control address. A unique code for most forms of networking hardware. Allows the DHCP server to authenticate the user and allow access to the network severs and the Internet/Intranet network.
32. DHCP Server: Dynamic Host Configuration Protocol. A protocol that dynamically assigns IP addresses in an organization's network so each time a user logs into the network (TCP/IP) it is automatically allocated an IP address. The device retains the address for a specified period of time called a `lease' that goes from 1 to 32 hours.
33.Dynamic: an operation that occurs on an as-needed basis for a period of time.
34. DNS: Domain Name Service. A program running on a server which translates the domain names from (Ex): www.domainname.com to 60.529.69.69.
35. Firewall: Usually software that limits access between networks by set security parameters. Prevents unauthorized access from the outside and can be thought of as a gateway between a "trusted" source (your home PC) and an "unsafe" source, such as the Internet. Advanced firewalls like SmoothWall allow a Red zone, an Orange zone and a Green zone.
36. Steganography: The process of hiding data in other data (a message hidden in an image).
37. Encryption: A way of encoding sensitive material so if it is intercepted or viewed by a third party it is undecipherable. Uses an algorithmic process to transform data into material which has a low probablity of assigning meaning without some sort of key or confidential process.
38. Decryption: The process of "unscrambling" an encrypted or coded message.
39. Algorithm: A mathmatical step-by-step procedure to find the solution of a given problem and terminates in a finite time. The model of a program written in step-by-step instructions.
40. Proxy: A computer network service that allows people to connect to a remote machine (the proxy). The proxy server then allows the user to request information from other hosts they choose. The proxy hides the user's IP address, substituting it with its own or another spoofed IP.
41. Remailer: A server computer that receives messages and sends them to the next available remailer without revealing who or where they came from until the message is finally dropped into the appropriate recipient's email box. Not to be confused with anonymizers.
42.Anonymizers: An online service that encrypts (unreversably) all transmitted data and passes it to the next remailer or anonymizer. Mostly used for anonymous email or very-very private comunication: two persons sending encrypted mails, each encrypted again many times anonymizer by anonimizer until recipient is reached.
It is impossible to decode encrypted data found on anonymizers. Hence it is also strictly forbidden to use them. Note also: much of what you absolutely abhor uses anonymizers and remailers. That is: kiddie-pr0n.
So don't feed those things.
43. Phishing: The act of tricking someone into giving information or having them do something they normally wouldn't do. The common approach is to pretend to be a legitimate business, send a fake email to a person and request private and/or personal information. The information may be credit card information, passwords and account information and social security numbers.
44. Social Engineering: The art and science of getting people to comply with your wishes. Obtaining information from people by utilizing the trust most people have in another's word ("I have a friend who works in your company and it happens that he lost his password and.." or "I bought your software and during the hurricane my house was washed away"...)
45. Keylogger: A computer program that captures the keystrokes of users and stores them. Some keyloggers send the information to the third party who wanted the information in the first place. Can be used for passwords and encryption keys while bypassing other security measures.
46. Brute Force Attack: Systematically going through every possible answer until the correct one is found. Used for obtaining passwords. Exhausts every possible key for deciphering until something readable is formed.
47. Dictionary Attack: An attack that uses brute force technique of successively trying all words in an exhaustive list. (Usually the dictionary, hence the name).
48. Rootkit: Set of programs that captures passwords and message traffic to and from computers. Can create backdoors, alter log files, attack other machines on the network and alter detection tools to mask its presence.
49. Spoofing: An attempt to gain access to a system by masquerading as a user. Impersonating a server to gain access to personal information.
50.Forging: Imitating or impersonating someone else in emails, USENET, shopping websites et al by spoofing techniques.
51.Website Defacement: An intruder compromises a webserver and changes the content on the site.
52.Warez: Cracked or pirated versions of commercial software.
53. Crack: (or to crack) The process of removing encoded copy prevention from software usually by reverse engineering.
54.Reverse Engineering: Process of learning how something is made by taking it apart and examining it usually with the intention of constructing a new device or program similar to the original. If you know how something works, then you know how to alter or remove it.
55. Keygen: (Key Generator) A program that can automatically generate a key, serial number or registration number for software. Be warned, if you download one it may have a virus!!!!!!
56. Bot: Programs with artificial inteligence that carry out the work of the person who is using them. Can be used to crawl the web. Those are usually sent out by search engines to scan through web pages for content display in the search result's page. Also can be called a "spider" or 'crawler'.
57. Cloaking: Process by which a site can display different content under differnt circumstances. To show an optimized page to search engines and a "regular" page to people visitng the site. Server-side technology which determines if the visiting IP is a spider or a human. If a spider, the server feeds an optimized page. Also called IP spoofing, IP cloaking and IP delivery.
58. Server-side: An application or a component that runs on a server rather than a client.
59. Client-side: Operations performed by the client in a client-server relationship.[/b]
Authored by LaBlueGirl and Frankb
If anyone has anything to add or correct, please do so!!!! Thank you!!
Which may be useful in Googling and understanding a little bit more about hacking/cracking etc. Keep in mind this list is by no means comprehensive nor exhaustive. It is merely a primer to assist you in understanding and learning.
1. Hacker: Someone technologically adept with computers such as programming, problem solving, electronic devices and software. A computer user who is able to gain entry into a computer or system to expose vulnerabilities or test security. A person called a hacker in proper jargon is mostly the person who finds the solution within minutes where a dozen graduate programmers fainted only by watching at the output code of the bug. (Stories and legends at M.I.T. still go round)
2. Bug: Windows Internet Explorer after six month of unpatched usage.
3. Cracker: Similar to but different than a hacker. A cracker is someone who breaks into computers, can bypass security or remove copy protection from software or exploits weaknesses in software. A cracker usually operates with malicious intent, blackmails the company for money or re-sells the obtained information to third parties.
4. Server: A computer that relays information to other computers and is connected by a network. The client (you) requests information by making a connection to the server on a specific protocol. Servers can also refer to the software that makes the act of serving possible. (Ex): WWW-servers, FTP-servers; SMTP (Mail) servers, POP (Post-Office-Protocol)-servers (allegedly named *Point of Presence*).
5. Web Server: A computer using software that delivers web pages on the HTTP protocol. A website is hosted on a web server and is called a web 'realm'.
6. HTTP: Hyper Text Transfer Protocol. The protocol which enables Web browsing.
7. Host: a computer on a network. Localhost (127.0.01): your computer as 'local-host'.
Remote-host : that other computer to which you receive and sent data to. Any computer that is not yours.
8. WWW: Robot-rules.
9. Port: Software on a socket communication represented and assigned (http://www.iana.org/assignments/port-numbers) numeric values as over UDP/TCP. A client machine would like access to something specific on a remote machine and connects to the standard/assigned ports on the server. Standard/assigned ports are (Ex): "80" for HTTP, "22" for FTP, etc.. Ports are either public, reserved or proprietary. When they are reserved like port 131 to 137 (NetBIOS), or blizwow 3724/tcp -> World of Warcraft, only tele-communication on that port will work with the specific software company that has a software patent over those ports. Security flaws begin here.
10. UDP: User Datagram Protocol. Transports data as a connectionless protocol using packet switching.
11. Packet Switching: Protocols in which messages are divided into packets before they are sent. Each packet is transmitted individually and can follow different routes to its destination. The packets are then reassembled at the destination.
12. Socket: Combination IP address and port number. A wrapper around software to make the hardware or other software do `things'. Note: many believe it is the socket that controls the software because the socket is closer to the hardware or similar mystical reasons. It is the opposite: software talks to the socket on how to use devices or to communicate with other software or processes. Your browser uses a socket to communicate to your ethernetcard and surf over Internet.
13. Ethernet: Common LAN wiring and can handle many Mb's per second.
14. Buffer: A temporary storage which handles data being sent or received. Normally, two different devices have different speeds and capabilities for handling data flow. The buffer mediates how much data is being sent and received at speeds the devices can handle. Think of 'buffer' as 'how much can this thing take in the stomach in one round'. (Ex): a webserver can handle for example, a maximum of 300 requests at a time. Each request is called a 'thread' and allocated (reserved a required amount) to the buffer. 'Threads' make 'child-threads' that have to be handled according to the buffer capacities. The webserver is configured to either reject or to accept the parent-thread and all its child-processes. When you see a 'web-connection' saying 'Connection: keep-alive' it means the buffer will do its best to handle all the threads from the same client.
15. Process(es): A running instance of a program.
16. Buffer Overflow: This happens when more data is put into the buffer area than the buffer can handle. This can result in system crashes, especially d0s (Denial Of Service: the server says `argh..f*ck off and it crashes).
On improperly configured or written software, an open backdoor is the result of a buffer-overflow. Since the service crashed, it now allows all other operations or transmits the exit-status of the last operation as 'regular' and 'Ok' to the system or parent-process just before fainting.
17. Exit-status: When a program terminates, crashes or is shutdown (closed), it sends a 'status' to its parent process. Programs do not just close and disappear, they send reports to logfiles. (Ex): the unreadeable thing you get on Windows "This program is not responding: Error 0x8e500..whatever...".
That's .. an 'exit-status'.
18. Log file: A file that lists actions that have occurred.
19. Backdoor: A type of remote controlled software that allows a third party to to covertly control system resources. Can allow access to a computer without the user's knowledge or the need for common security settings such as passwords, firewall settings and IP-routing (Intranet, LAN, VPN, etc..).
A Backdoor 'crack' is often the result of a tamed service by buffer-overflow.
20. Intranet: Inter-connected network within one organization which uses Web technology for sharing information internally and not world wide.
21. VPN: Virtual Private Network. Portions of a network are connected via the internet but any information sent is encrypted. Uses the internet as a medium for transporting data.
22. Packet: Generic term for a bundle of data organized in a specific way for transmission commonly called 'chunks'. Each packet has a `header' (system defined control information that precedes user information), a 'body' and a checksum (count of the number of bits in a transmission so the receiver can see if the same number that was sent is the number which arrives) to have a very well organized order and firm control in case they do not arrive at the destination in the exact sent order. (That happens !!). Contains the destination address. A packet is followed by a SYN-message (synchronize. A control bit occupying one sequence number to indicate where the sequencing starts) and an ACK-signal (acknowledgment. When a computer sends data the receiving computer sends an ackowledgement the data was received) by the remote machine(s) that respond to the proper SYN and ACK signals of the packages sent. When any file (email, URL request, image file etc) is sent over the internet, the Transmission Control Protocol (TCP) of the TCP/IP layer breaks the data into chunks to be reassembled at the destination.
23. Protocol: The "language" spoken between computers to help them exchange information.
24. TCP: A protocol used on the internet to handle transmission of data. TCP keeps track of the packets and ensures the data arrives in the same order in which it was sent. (That is why IP was not 'enough..')
Be sure to read ISO-layer and levels of interpolarity of importance between protocols, usually from indispensable to ephemeral:
-IP
-ARP
-TCP over IP
-NAT
-DNS
-NFS
-WWW & Plug & Play
25. IP: Internet Protocol which handles data transmission but while TCP keeps track of packets and their order, IP is involved with handling the delivery of the packets.
26. Packet Sniffer: A device or program that monitors data being sent between computers on a network. Usually puts itself into the device drivers of the network card to gain access to data, especially the SYN, ACKs and checksums of the packets trailing one after the other.
27. Drivers: Small programs that tell your computer what the hardware/peripheral is and how it is to work properly with your OS.
28. .exe: A file extension that denotes the file is an "executable". Usually programs. A Windows type of file when clicked launches or installs a program.
29. Hyperlink: Text or images that when clicked transport the user to another page or a different location on the same page.
30. LAN: Local Area Network. A local (home, office or group of computers in the same area) network for communication between computers. Has a fast data transmission rate. Also may connect devices such as printers, word processors and storage units.
31. MAC Address: Media Access Control address. A unique code for most forms of networking hardware. Allows the DHCP server to authenticate the user and allow access to the network severs and the Internet/Intranet network.
32. DHCP Server: Dynamic Host Configuration Protocol. A protocol that dynamically assigns IP addresses in an organization's network so each time a user logs into the network (TCP/IP) it is automatically allocated an IP address. The device retains the address for a specified period of time called a `lease' that goes from 1 to 32 hours.
33.Dynamic: an operation that occurs on an as-needed basis for a period of time.
34. DNS: Domain Name Service. A program running on a server which translates the domain names from (Ex): www.domainname.com to 60.529.69.69.
35. Firewall: Usually software that limits access between networks by set security parameters. Prevents unauthorized access from the outside and can be thought of as a gateway between a "trusted" source (your home PC) and an "unsafe" source, such as the Internet. Advanced firewalls like SmoothWall allow a Red zone, an Orange zone and a Green zone.
36. Steganography: The process of hiding data in other data (a message hidden in an image).
37. Encryption: A way of encoding sensitive material so if it is intercepted or viewed by a third party it is undecipherable. Uses an algorithmic process to transform data into material which has a low probablity of assigning meaning without some sort of key or confidential process.
38. Decryption: The process of "unscrambling" an encrypted or coded message.
39. Algorithm: A mathmatical step-by-step procedure to find the solution of a given problem and terminates in a finite time. The model of a program written in step-by-step instructions.
40. Proxy: A computer network service that allows people to connect to a remote machine (the proxy). The proxy server then allows the user to request information from other hosts they choose. The proxy hides the user's IP address, substituting it with its own or another spoofed IP.
41. Remailer: A server computer that receives messages and sends them to the next available remailer without revealing who or where they came from until the message is finally dropped into the appropriate recipient's email box. Not to be confused with anonymizers.
42.Anonymizers: An online service that encrypts (unreversably) all transmitted data and passes it to the next remailer or anonymizer. Mostly used for anonymous email or very-very private comunication: two persons sending encrypted mails, each encrypted again many times anonymizer by anonimizer until recipient is reached.
It is impossible to decode encrypted data found on anonymizers. Hence it is also strictly forbidden to use them. Note also: much of what you absolutely abhor uses anonymizers and remailers. That is: kiddie-pr0n.
So don't feed those things.
43. Phishing: The act of tricking someone into giving information or having them do something they normally wouldn't do. The common approach is to pretend to be a legitimate business, send a fake email to a person and request private and/or personal information. The information may be credit card information, passwords and account information and social security numbers.
44. Social Engineering: The art and science of getting people to comply with your wishes. Obtaining information from people by utilizing the trust most people have in another's word ("I have a friend who works in your company and it happens that he lost his password and.." or "I bought your software and during the hurricane my house was washed away"...)
45. Keylogger: A computer program that captures the keystrokes of users and stores them. Some keyloggers send the information to the third party who wanted the information in the first place. Can be used for passwords and encryption keys while bypassing other security measures.
46. Brute Force Attack: Systematically going through every possible answer until the correct one is found. Used for obtaining passwords. Exhausts every possible key for deciphering until something readable is formed.
47. Dictionary Attack: An attack that uses brute force technique of successively trying all words in an exhaustive list. (Usually the dictionary, hence the name).
48. Rootkit: Set of programs that captures passwords and message traffic to and from computers. Can create backdoors, alter log files, attack other machines on the network and alter detection tools to mask its presence.
49. Spoofing: An attempt to gain access to a system by masquerading as a user. Impersonating a server to gain access to personal information.
50.Forging: Imitating or impersonating someone else in emails, USENET, shopping websites et al by spoofing techniques.
51.Website Defacement: An intruder compromises a webserver and changes the content on the site.
52.Warez: Cracked or pirated versions of commercial software.
53. Crack: (or to crack) The process of removing encoded copy prevention from software usually by reverse engineering.
54.Reverse Engineering: Process of learning how something is made by taking it apart and examining it usually with the intention of constructing a new device or program similar to the original. If you know how something works, then you know how to alter or remove it.
55. Keygen: (Key Generator) A program that can automatically generate a key, serial number or registration number for software. Be warned, if you download one it may have a virus!!!!!!
56. Bot: Programs with artificial inteligence that carry out the work of the person who is using them. Can be used to crawl the web. Those are usually sent out by search engines to scan through web pages for content display in the search result's page. Also can be called a "spider" or 'crawler'.
57. Cloaking: Process by which a site can display different content under differnt circumstances. To show an optimized page to search engines and a "regular" page to people visitng the site. Server-side technology which determines if the visiting IP is a spider or a human. If a spider, the server feeds an optimized page. Also called IP spoofing, IP cloaking and IP delivery.
58. Server-side: An application or a component that runs on a server rather than a client.
59. Client-side: Operations performed by the client in a client-server relationship.[/b]
Authored by LaBlueGirl and Frankb
If anyone has anything to add or correct, please do so!!!! Thank you!!