Back Orifice
Back Orifice is a rootkit program designed for the purpose of exposing the security deficiencies of Microsoft's Windows operating systems. The program's name is inspired by the name of Microsoft's BackOffice product.

Backdoor
Backdoor, also called a trapdoor, is an undocumented way of gaining access to a program, online service or an entire computer system. The backdoor, usually written by the author of the software for some special purpose, is a potential security risk for whoever known or found its way to use this backdoor to gain an unauthorized access.

Backup authority
Backup authority is a trusted application running on a secure computer that provides secondary storage for session keys of clients.

Backup plan
Backup plan refers to a plan for backing up important data, program and other business information according to certain schedule or algorithm.

Backward secrecy
Backward secrecy means that a compromise should not compromise any earlier key. While forward secrecy implies that a compromise of the current key should not compromise any future key.

Badtrans.B
Badtrans.B is a worm that targets Microsoft Windows–based messaging platforms.

Bandwidth consumption attack
Bandwidth consumption attack is a type of denial of service (DoS) attack in which an attacker consumes all available bandwidth on the target network.

Bandwidth
Bandwidth in network communication means the capacity of a communication channel to pass data through the channel in a given amount of time. The unit of measure of bandwidth is bits per second (bps) or bytes per second (Bps).

Banner
A banner in the context of security, is the information that is displayed to a remote user trying to connect to a service. This may include version information, system information, or a warning about authorized use.

Banner grabbing
Banner grabbing is an attack designed to deduce the brand and/or version of an operating system or application.

Base cryptographic functions
Base cryptographic functions refers to the lowest level of functions in the CryptoAPI architecture. They are used by applications and other high-level CryptoAPI functions to provide access to CSP-provided cryptographic algorithms, secure key generation, and secure storage of secrets.

Base content type
Base content type is a type of data contained in a Public Key Cryptography Standards (PKCS) #7 message.

Basic Authentication
Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.

Bastille
Bastille is a script used to harden the Linux operating system against attacks.

Bastion Host
A bastion host is a gateway between an inside network and an outside network, which is designed to defend against attacks aimed at the inside network. The system is on the public side of the demilitarized zone (DMZ), unprotected by a firewall or filtering router, and it is fully exposed to attacks. A bastion host must be hardened to anticipate attacks from the public. Typically, a bastion host will be configured with a firewall and provide services like web servers, DNS servers and mail servers.

Bayesian Analysis
Bayesian analysis, based on the mathematic theory of Thomas Bayes, is a statistical procedure to estimate probability of future events based on the observed data. Bayesian analysis is used in the design of software filters to automatically detect and delete junk emails (i.e., "spam").

Bayesian Filter
A Bayesian filter, often used in the anti-spam software, is a program that uses Bayesian logic, also called Bayesian analysis, to evaluate the header and content of an incoming e-mail message and determine the probability that it constitutes spam.

Bayesian Logic
Bayesian logic is a statistical algorithm that uses the knowledge of prior events to predict the likelihood of future events. Bayesian logic is an extension of the work of the 18th-century English mathematician Thomas Bayes. Bayes' theorem provided, for the first time, a mathematical method that could be used to calculate, given occurrences in prior trials, the likelihood (probability) of a target occurrence in future trials. Bayesian logic is used in anti-spam systems.

BCP: Business Continuity Plan
A Business Continuity Plan (BCP), also known as business process contingency plan (BPCP) or a disaster recovery plan (DRP), is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation. The plan also consists of the precautions taken so that the effects of a disaster will be minimized, and the organization will be able to either maintain or quickly resume mission-critical functions.

BBBOnLine
BBBOnLine is a reliability program developed by the Better Business Bureau (BBB) to help protect the privacy of consumers in online transactions.

Behavior Blocking
Also known as 'sandboxing', behavior blocking software monitors the executable actions of potentially malicious software and stops dangerous operations from taking place (such as deleting files, modifying system settings and so on).

Behavior-blocking software
Behavior-blocking software refers to a type of software that detects and prevents suspicious behavior from being executed on a system.

Bell-LaPadula Security Model
Bell-LaPadula Security Model is security policy model that describes a set of access control rules. By conforming to a set of rules, the model inductively proves that the system is secure. In this model, the entities in a computer system are divided into abstract sets of subjects and objects. The notion of a secure state is defined, and it is proven that each state transition preserves security by moving from secure state to secure state, thereby inductively proving that the system is secure.

BER: Basic Encoding Rules
Basic Encoding Rules (BER), defined in the ITU-T X.209, refer to the rules for data encoding/decoding described in the ASN.1 standard (defined in ITU-T X.208). Basic Encoding Rules may be used to derive the specification of a transfer syntax for values of types defined using the ASN.1 specified in Recommendation X.208. A single ASN.1 object may have several equivalent BER encodes. BER is one of the two encoding methods currently used by CryptoAPI.

Bess
Bess is a brand of censorware made by Secure Computing Corporation, which aquired maker N2H2 in 2003; it is usually used in libraries and schools. The main purpose of the system is as an internet filter, blocking minors using the public computers from accessing web content deemed inappropriate by the Bess manufacturers or local administration. The system is not installed locally (on each individual computer workstation), but installs on the server between the users and the open internet.

BGP/MPLS VPN
The border gateway protocol/multiprotocol label switching (BGP/MPLS) VPN standards, defined by IETF, are to provide Layer 3 VPN solutions using BGP to carry route information over a MPLS core. This Layer 3 MPLS-VPN solution achieves all of the security of the Layer 2 approach, while adding enhanced scalability inherent in the use of Layer 3 routing technology.

BIA: Business Impact Analysis
A Business Impact Analysis (BIA) determines what levels of impact to a system are tolerable for business operations. It is often required to understand the impact of network and information security disaster to business operations.

Biba Model
The Biba Model is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure that data is not contaminated. A lattice of integrity levels is used to express integrity policies that refer to the corruption of clean higher level entities by dirty lower level entities. Information may only flow downwards.

BiDiBlah
BiDiBLAH is a network security accessment tool by SensePost which automates 80% of the network security accessment process including Intelligence gathering, Footprinting, Targeting, Fingerprinting, Vulnerability discovery and Penetration.

Bifurcation
In the biometric process of fingerscanning, a bifurcation is a point in a finger image at which two ridges meet. Bifurcations have the appearance of branch points between curved lines.

BIND: Berkeley Internet Name Domain
Berkeley Internet Name Domain (BIND) is an implementation of Domain Name System (DNS) developed and distributed by the University of California at Berkeley. BIND is used to resolve names of systems into IP addresses and vice versa. The BIND DNS Server is available at no charge under the BSD License, and it is used on the vast majority of name serving machines on the Internet.

BinHex
Binary Hexadecimal(BinHex) is a method for converting binary files into ASCII for transmission by applications, such as e-mail, that can handle only ASCII. BinHex conversion allows you to send word processing, spreadsheet, and application files via email or SFTP. BinHex files were typically given the file extension of .hex or .hqx. The contents of a BinHex file has a message on the first line identifying it as BinHexed, followed by many 64-character lines made up of seemingly random letters, numbers, and punctuation marks. Most applications automatically invoke a decoder such as StuffIt Expander to decode BinHexed files.

Biometric Verification
Biometric verification, also known as Biometric identification, is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits. Unique identifiers include fingerprints, hand geometry, earlobe geometry, retina and iris patterns, voice waves, DNA, and signatures. The oldest form of biometric verification is fingerprinting.

Biometric identification
Biometric identification, also known as Biometric verification, refers to the process of using a person’s physical characteristics such as fingerprints, hand geometry, earlobe geometry, retina and iris patterns, voice waves, DNA, and signatures, for identification purposes.

Biometrics
Biometrics is the technology of measuring and analyzing biological data. In information technology, biometrics usually refers to the technologies of using human body characteristics such as fingerprints, eye retinas and irises, voice patterns, facial patterns, and hand measurements, for authentication purposes.

BIOS cracking
BIOS cracking refers to compromising or resetting the password protecting a computer’s basic input/output system (BIOS).

Birthday Attack
A birthday attack refers to a class of brute-force attacks, which gets its name from the surprising result that the probability that two or more people in a group of 23 share the same birthday is greater than 1/2; such a result is called a birthday paradox. Mathematically, if some function, when supplied with a random input, returns one of k equally-likely values, then by repeatedly evaluating the function for different inputs, we expect to obtain the same output after about 1.2 sqrt(k). For the above birthday paradox, replace k with 365. Birthday attacks are often used to find collisions of hash functions. To avoid this attack, the output length of the hash function used for a signature scheme can be chosen large enough so that the birthday attack becomes computationally infeasible.

Birthday Paradox
Birthday paradox states that the probability that two or more people in a group of 23 share the same birthday is greater than 1/2. For 60 or more people, the probability is greater than 99%. This is called a paradox because that contradicts common intuition, though mathematically true. Calculating this probability (and related ones) is the birthday problem. The mathematics behind it has been used to devise a well-known cryptographical attack named the birthday attack.

Black Hat
Black hat is used to describe a hacker (or cracker) who breaks into a computer system or network with malicious intent. Unlike a white hat hacker, the black hat hacker takes advantage of the break-in, perhaps destroying files or stealing data for some purpose.

Black Hat Briefings
Black Hat Briefings are annual information security conferences held at various locations around the world. The conferences present awareness of the newest vulnerabilities, defense mechanisms, and industry trends. The participants of the conference include corporate information security staff, networking vendors, related government organizations as well as hackers.

Blackholing
Blackholing refers to the process of automated monitoring of entire networks for detecting threats such as worms or scans.

Blacklist
In information security, blacklist is a list in many spam, spyware and IP filtering systems compiled by the user or administrator (or the vendor) that access is disallowed. For example, an anti-spam blacklist will be a list of IP addresses from which mail will be blocked; a web filtering blacklist is a list of websites that the user cannot access due to its contents or high risk of spyware activities.

Blended Attack
A blended attack is a type of attack that seeks to maximize the severity of damage and speed of contagion by combining mutiple attacking methods. For example, an attacker using a blended approach might send a virus via an e-mail attachment, along with a Trojan horse embedded in a HTML file.

Blended Exploit
Blended exploit, also called blended threat or blended attack, is a type of attack that seeks to maximize the severity of damage and speed of contagion by combining methods. For example, an attacker using a blended approach might send a virus via an e-mail attachment, along with a Trojan horse embedded in a HTML file.

Blended Threat
A blended threat, also called as blended attack or blended exploit, is a type of attack that seeks to maximize the severity of damage and speed of contagion by combining methods, for example using characteristics of both viruses and worms, while also taking advantage of vulnerabilities in computers, networks, or other systems.

Blind Spoofing Attack
Blind Spoofing Attack is a type of attack using IP spoofing. This attack may take place from outside where sequence and acknowledgement numbers are unreachable. Attackers usually send several packets to the target machine in order to figure out sequence numbers, which is easy to do in older days. Since most OSs implement random sequence number generation today, it becomes more difficult to predict the sequence number accurately. If, however, the sequence number was compromised, data could be sent to the target.

BLOB
BLOB refers to a generic sequence of bits that contain one or more fixed-length header structures plus context specific data. There are different types of BLOBs such as key BLOBs, certificate BLOBs, certificate name BLOBs, and attribute BLOBs, etc.

Block Cipher
A block cipher is a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length. This transformation takes place under the action of a user-provided secret key. Decryption is performed by applying the reverse transformation to the ciphertext block using the same secret key. The fixed length is called the block size, and for many block ciphers, the block size is 64 bits or 128 bits.

Blowfish
Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms. It is a symmetric (that is, a secret or private key) block cipher that uses a variable-length key, from 32 bits to 448 bits, making it useful for both domestic and exportable use.

Blue Bomb
A "blue bomb", also known as "WinNuke", is a technique for causing the Windows operating system of someone you're communicating with to crash or suddenly terminate. The "blue bomb" is actually an out-of-band network packet containing information that the operating system can't process.

Bluejacking
Bluejacking is the term used to describe the process of sending a message from one Bluetooth enabled mobile phone to another local Bluetooth enabled phone.

Bluesnarf(Bluesnarfing)
Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.

Bluetooth
Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices.

BO2K: Back Orifice 2000
Back Orifice 2000 (BO2K) is a open source remote administration tool for Windows systems. Back Orifice is a rootkit program designed for the purpose of exposing the security deficiencies of Microsoft's Windows operating systems. It comes with a client and a server. The server is lightweight and inobtrusive. A dynamic plugin architechture allows for easy system extensions.

Boink attack
Boink attack, a modified version of the bonk attack, is a type of denial of service(DoS) attack. Boink attack allows UDP port ranges. The Boink attack manipulates a field in TCP/IP packets, called a fragment offset. This field tells a computer how to reconstruct a packet that was broken up (fragmented) because it was too big to transmit in a whole piece. By manipulating this number, the Boink attack causes the target machine to reassemble a packet that is much too big to be reassembled. This causes the target computer to crash. This attack has not been shown to cause any significant damage to systems, and a simple reboot is the preferred remedy. The primary problem with this is a loss of data if there is unsaved data in open applications at the time that the machine is attacked.

Bonk attack
Bonk attack , a variant of the teardrop attack, is a type of denial of service(DoS) attack. The Bonk attack manipulates a field in TCP/IP packets, called a fragment offset. This field tells a computer how to reconstruct a packet that was broken up (fragmented), because it was too big to transmit in a whole piece. By manipulating this number, the Bonk attack causes the target machine to reassemble a packet that is much too big to be reassembled. This causes the target computer to crash. A simple reboot is usually sufficient to recover from this attack. It is possible that unsaved data in applications open at the time of attack will be lost.

Boot Record Infector
A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.

BOOTP (Bootstrap)
The Bootstrap Protocol (BOOTP) is an UDP/IP-based protocol which allows a booting host to configure itself dynamically and without user supervision. BOOTP provides a means to notify a host of its assigned IP address, the IP address of a boot server host, and the name of a file to be loaded into memory and executed. Other configuration information such as the local subnet mask, the local time offset, the addresses of default routers, and the addresses of various Internet servers can also be communicated to a host using BOOTP.

Botnet
A botnet, also known as a zombie army, is a computer connected to the Internet that has been set up to forward transmissions (including spam or viruses) to other computers on the Internet, without the knowledge of the computer owner.

Bounce Attack
Bounce attack, also known as FTP bounce attack, is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine as a middle man for the request. This technique can be used to port scan hosts discreetly, and to access specific ports that the attacker cannot access through a direct connection. nmap is a port scanner that utilizes an FTP bounce attack to scan other servers.

BPCP: Business Process Contingency Plan
A business process contingency plan (BPCP), also known as a disaster recovery plan (DRP) or a business continuity plan (BCP), describes how an organization is to deal with potential disasters. The plan also consists of the precautions taken so that the effects of a disaster will be minimized, and the organization will be able to either maintain or quickly resume mission-critical functions.

Brain Fingerprinting
Brain fingerprinting, also known as brain detecting or brain scanning, is a technique that uses an electroencephalograph (EEG) to measure a person’s brain activity when they look at objects or pictures of evidence. The brainprint is based on the P300 complex, a series of well-known brainwave components that can be measured. The technique is said to be more effective than a lie detector test.

Brain Scanning
Brain scanning, also known as brain detecting or brain fingerprinting, is a technique that uses an electroencephalograph (EEG) to measure a person’s brain activity when they look at objects or pictures of evidence. The brainprint is based on the P300 complex, a series of well-known brainwave components that can be measured. The technique is said to be more effective than a lie detector test.

Brainwave Detector
Brainwave detector, based on brain-scanning or brain fingerprinting technologies, could be used for lie detecting. This technique uses an electroencephalograph (EEG) to measure a person’s brain activity when they look at objects or pictures of evidence. If they recognize something their brainwaves change. An investigator can use this method if he had a piece of evidence that only the perpetrator of a crime would recognize. Simply showing the evidence to the suspect would produce brainwaves that would betray his guilt or innocence.

Brand Spoofor Brand Spoofing
On the Internet, brand spoofing, also called phishing or carding, is a scam where the perpetrator sends out legitimate-looking e-mails appearing to come from some of the Web's biggest sites, including eBay, PayPal, MSN, Yahoo, BestBuy, and America Online, in an effort to gather (or phishing) for personal and financial information from the recipient.

British Standard 7799
British Standard 7799 is a standard code and practice guidelines, issued by British Standard in 1995, provides guidance on how to secure an information system. It includes the management framework, objectives, and control requirements for information security management systems.

Brown Orifice
Brown Orifice refers to a backdoor that exploited a vulnerability in Netscape’s version of the Java Virtual Machine. When the user enters a hostile web page with the Netscape browser, the applet starts. Basically the backdoor acts like a file server. When it is active, it allows access to the contents of the victim's hard drive using the http protocol. By default, it listens on the port 8080, but this can be configured.

Broadcast
Broadcast means to simultaneously send the same message from one host to all hosts on network or sub-network.

Broadcast Address
Broadcast Address is an IP address used to broadcast a datagram to all hosts on a given subnet. A special type of IP address is the limited broadcast address 255.255.255.255. A broadcast involves delivering a message from one sender to many recipients. This broadcast is 'limited' in that it does not reach every node on the Internet, only nodes on the LAN.

Browser Hijacker
A browser hijacker (sometimes called hijackware) is a type of malware program that alters your computer's browser settings so that you are redirected to Web sites that you had no intention of visiting. Most browser hijackers alter default home pages and search pages to those of their customers, who pay for that service because of the traffic it generates.

BRP: Business resumption plan
Business resumption plan (BRP), also called business continuity plan (BCP), is a detailed plan on how to resume normal business after a disaster.

Brute Force
Brute force, also known as brute force cracking/attacking in information security, is a trial and error method used by attackers to decode encrypted data such as passwords, through exhaustive effort one-by-one rather than employing intelligent strategies.

Brute force attacking
Brute force attacking (or cracking) is a trial and error method used by attackers to decode encrypted data such as passwords through exhaustive effort one-by-one rather than employing any intelligent strategies.

Brute Force Cracking
Brute force cracking or attacking is a trial and error method used by attackers to decode encrypted data such as passwords through exhaustive effort one-by-one rather than employing any intelligent strategies.

Bucket Brigade
A bucket brigade attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting their own public key for the requested one, so that the two original parties still appear to be communicating with each other directly.

Bucket Brigade Attack
A bucket brigade attack is a type of man-in-the-middle (MITM) attack in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting their own public key for the requested one, so that the two original parties still appear to be communicating with each other directly.

Buffer Overflow
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Buffer overrun
Buffer overrun, also called buffer overflow, a condition resulting from adding more information to a buffer than it was designed to contain.

Bugbear
Bugbear is a computer virus that has spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation.

BugTraq
BugTraq is an Internet mailing list operated by SecurityFocus, which is now owned by Symantec. BugTraq is famous, or infamous, for its policy of full disclosure.

Bulk encryption key
Bulk encryption key is a session key derived from a master key that is used in Schannel encryption.