L0phtcrack
L0phtCrack is the de facto standard NT password auditing tool for U.S. industry, government and military. L0phtcrack recovers passwords from Windows NT registries or network sniffer logs in a variety of fashions, including exhaustive keyspace attacks.
L2F:Layer 2 Forward Protocol
Layer 2 Forwarding (L2F), a protocol originally developed by Cisco, uses tunneling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user. L2F is used to establish a secure tunnel across a public infrastructure (such as the Internet) that connects an ISP POP to an enterprise home gateway. This tunnel creates a virtual point-to-point connection between the user and the enterprise customer's network.
L2TP: Layer 2 Tunneling Protocol
Layer 2 Tunneling Protocol (L2TP), a protocol defined by IETF based on the Microsoft Point-to-Point Tunneling Protocol (PPTP) and Cisco Layer 2 Forward Protocol (L2F), is used by an Internet service provider and corporations to enable the operation of a virtual private network over the Internet.
Lamb
In biometric verification, a lamb refers to a system end-user and speaker who were exceptionally vulnerable to impersonation. The term comes from a research paper on speech recognition by George L. Doddington, "Sheep, Goats, Lambs and Wolves - An Analysis of Individual Differences in Speaker Recognition Performance" used a menagerie analogy to explain the differences in speech recognition."
Land Attack
A Land Attack consists of a stream of TCP SYN packets that have the source IP address and TCP port number set to the same value as the destination address and port number (i.e., that of the attacked host). Some implementations of TCP/IP cannot handle this theoretically impossible condition, causing the operating system to go into a loop as it tries to resolve repeated connections to itself. Service providers can block LAND attacks that originate behind aggregation points by installing filters on the ingress ports of their edge routers to check the source IP addresses of all incoming packets.
LANMAN: LAN Manager authentication
LAN Manager (LANMAN) authentication is the authentication protocol used by legacy versions of the Microsoft Windows platform.
Lattice Techniques
Lattice Techniques use security designations to determine access to information.
Layered Defense
See Layered Security.
Layered Security
Layered security, also called layered defense, is the principle of using multiple security applications to provide greater security in depth. For example, combing the use of a firewall, an IDS, anti-virus software and content security.
LDAP Attack
LDAP attack is a buffer overflow exploit against Microsoft Exchange server version 5.5 using LDAP (Lightweight Directory Access Protocol). This buffer overflow consists of a malformed bind request that overflows the buffer and can execute arbitrary code. This attack can also cause the Exchange LDAP service to crash.
LEAP: Lightweight Extensible Authentication Protocol
Lightweight Extensible Authentication Protocol(LEAP) is a proprietary protocol developed by Cisco for wireless LAN authentication. Cisco is phasing out LEAP in favor of Protected Extensible Authentication Protocol (PEAP).
LDAP: Lightweight Directory Access Protocol
Lightweight Directory Access Protocol (LDAP) is designed to provide access to the X.500 Directory while not incurring the resource requirements of the Directory Access Protocol (DAP). LDAP is specifically targeted at simple management applications and browser applications that provide simple read/write interactive access to the X.500 Directory, and is intended to be a complement to the DAP itself.
Leapfrog Attack
Leapfrog attack refers to use user ID and password information obtained illicitly from one host to compromise another host. The act of TELNETing through one or more hosts in order to prevent the source of the attack being traced (which is a standard cracker procedure).
Least Privilege
Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.
Legion
Legion is a computer software system variously classified as a distributed operating system, a peer-to-peer system, metacomputing software, or middleware. It is an object-based system designed to provide secure, transparent access to large numbers of machines. The project was funded by the National Science Foundation and other funding agencies, and was mostly done at the University of Virginia.
Letterbomb
Letterbomb is a piece of email containing live data intended to do malicious things to the recipient's machine or terminal. Under UNIX , a letterbomb can also try to get part of its content interpreted as a shell command to the mailer. The results of this could range from amusing to denial of service.
Lexical Analysis
Lexical Analysis is a content security method which analyses data streams for pre-defined key words and phrases, enabling organisations to eliminate threats such as leakage of confidential information via email, the spread of libellous comments, harassment and discrimination, or to prevent access to Websites deemed unsuitable in an organisation's security policy.
LFM: Log file monitor
Log file monitor is a tool that monitors log files looking for signs of intrusion.
Lifestyle Polygraph
A lifestyle polygraph is a lie-detector (polygraph) test that is administered as a requirement for employment in certain fields. Such tests are common as part of the screening process for any job requiring a security clearance. This includes many government jobs, as well as an increasing number of technical jobs in which employees handle, process, or can obtain access to classified data.
Link Encryption
Link encryption, also called link level or link layer encryption, is the data security process of encrypting information at the data link level as it is transmitted between two points within a network.
Link-by-link Encryption
Link-by-link Encryption is a stepwise protection of data that flows between two points in a network, provided by encrypting data separately on each network link, that is, by encrypting data when it leaves a host or subnetwork relay and decrypting when it arrives at the next host or relay. Each link can use a different key or even a different algorithm.
Linsniff
Linsniff is a free open source password-sniffing tool for the Linux platform.
List Based Access Control
List Based Access Control associates a list of users and their privileges with each object.
Listening port
Listening port refers to a port on a server that is waiting for a client connection.
Live Capture
Live capture is the act or method of gathering biometric data from an individual while the individual is physically present. The term is used in conjunction with security systems that identify people based on a previous recording of one or more of their body characteristics.
LKM: Loadable Kernel Modules
Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.
LM authentication
LM authentication, also known as LAN Manager (LANMAN) authentication, is the authentication protocol used by legacy versions of the Microsoft Windows platform.
Local exploit
Local exploit, also known as local attack, is an attack performed at the local console of a system.
Local security policy
Local security policy refers to a collection of settings relating to the security of computers running Microsoft Windows OS.
Location Poisoning
Location poisoning, also known as URL poisoning, is a method of tracking Web user behavior by adding an identification (ID) number to the page address (URL) line of the Web browser when a user visits a particular site. This ID number can then be used to determine which pages on the site the user visits thereafter.
Lock-and-key
Lock-and-key is a traffic filtering security feature that dynamically filters IP protocol traffic.
Log Clipping
Log clipping is the selective removal of log entries from a system log to hide a compromise.
Log analysis software
Log analysis software refers to the software for generating reports from log files.
Log cleaning
Log cleaning refers to the process of removal of evidence from log files after a successful intrusion.
Logic Bomb
In a computer program, a logic bomb, also called slag code, is programming code, inserted surreptitiously or intentionally, that is designed to execute (or "explode") under circumstances such as the lapse of a certain amount of time or the failure of a program user to respond to a program command.
Loginlog
Loginlog is a UNIX tool for logging failed logons.
Logon
Logon is a set of authenticating credentials such as username and password submitted by an entity seeking access to a system or network.
Logon identifier
Logon identifier is a locally unique identifier (LUID) that identifies a logon session. A logon ID is valid until the user logs off. A logon ID is unique while the computer is running; no other logon session will have the same logon ID. However, the set of possible logon IDs is reset when the computer starts up.
Logon session
Logon session refers to a session that is started when a user logs onto a computer running on the Microsoft Windows platform. All processes in a logon session have the same primary access token. The access token contains information about the security context of the logon session, including the user's SID, the logon identifier, and the logon SID.
Logon SID
Logon SID is a security identifier (SID) that identifies a logon session. A logon SID is valid until the user logs off. A logon SID is unique while the computer is running; no other logon session will have the same logon SID. However, the set of possible logon SIDs is reset when the computer starts up.
Loki
Loki is a tool used to test or circumvent firewalls.
Long ICMP
Long ICMP, also called Ping of death, causes denial of service of systems. Variations of the attack include jolt, sPING, ICMP bug, and IceNewk.
LoveLetter
LoveLetter, also known as ILOVEYOU, is a malicious Visual Basic Script (VBScript) program that spreads using the Microsoft Outlook address book.
LRA: Local registration authority
Local registration authority(LRA) is an intermediate registration authority (RA) in a Public Key Infrastructure (PKI).
LSA Secrets
LSA Secrets are portion of the Microsoft Windows NT/2000/2003 registry where the Local Security Authority (LSA) stores security information on behalf of applications.
LSA: Local Security Authority
Local Security Authority (LSA) is a protected subsystem of computers running on the Microsoft Windows platform that performs authentication.
Lsadump2
Lsadump2 is a cracking tool that displays the contents of LSA Secrets on computers running Microsoft Windows NT.
Lsof: Listing open files
Lsof is a tool for listing open files on a system.
LT: LaGrande Technology
LaGrande Technology(LT) is a technology from Intel that integrates security features into processors and chipsets.
Loopback Address
The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.
Lucifer Algorithm
Lucifer algorithm is a block cipher developed by IBM originally based on a 128-bit key. NSA developed the DES algorithm based on the Lucifer with many notable changes--the most notable being the reduction in key size to 56 bits.
Luhn Check Digit Algorithm
Luhn Check Digit Algorithm is the algorithm used to check the validity of bank/credit card numbers. Double every odd number and reduce to a single digit by subtracting 9 if necessary. Add these values to every even number. The result must be a multiple of 10 for the card to be valid.
LUHN Formula
The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card. It works on cards issued by all the major credit card companies, including American Express, Visa, MasterCard, Discover, and Diner's Club. Originally created by a group of mathematicians in the 1960s, the LUHN formula is in the public domain, and anyone can use it.
LUID: Locally unique identifier
Locally unique identifier(LUID) is a 64-bit value unique to a computer running on the Microsoft Windows platform.
Lunchtime Attack
Lunchtime attack, a type of internal attacks initiated by employees of an organization, often happens when the legitemate users were out for lunch without their computers locked. It may result in private and sensitive information stolen.
Luring attack
Luring attack is a type of attack that exploits trusted code to elevate privileges for untrusted code.