Threat And Attack Terminology

 

 

Address Resolution Protocol (ARP) :

Protocol Used to map known IP Address to unknown physical address. 

ARP Poisoning :

An attack that convince the network that the address's MAC address is the one associated with an allowed address so that traffic is wrongly sent to attacker's address.

Adware:

Software that gather information to pass on marketers or that intercepts personal data such as credit card numbers and makes it available to third parties.

Armored virus:

The virus that protected in a way that  makes disassembling it difficult. Antivirus program that have trouble getting to,and understanding , its code.

Attack Surface:

The area of an application that is available to the user, those are authenticated and , more imortantly, those who are not.

Attack surface reduction (ASR):

Minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage.

Buffer Overflow:

A type of DOS attack that when occur when more data is put into the a buffer than it can hold.

Clickjacking:

Using multiple transparent or opaque layers to trick a user into clicking button or link of another page which he/she did not intend to.

Companion Virus:

A virus that create a new program that runs in the place of an expected program of the same name.

Cross-site request forgery (XSRF):

A form of web based attack in which unautorized commands are sent from a user that a website trust.

Cross site scripting (XSS):

Running a script routine on a user's machine from a website without their pemission.

DNS Poisoning:

AN attack method in which a deamon caches DNS replay packets, Which sometimes contain other information.The extra data can be scanned for information useful in a break-in or MITM attack..

DNS Spoofing:

The DNS server is given information about a name server that is thinks is legitimate when it isn't.

Lest Privilege: 

A permission method in which users are granted only the privileges necessary to perform their job function.

Macro virus:

A software expoitation virus thata works by using the macro feature included in many applications, such as MS Office.

Multipartile Virus:

A virus that attacks a system more than one way.

Phage Virus:

A virus that modifies and alter other programs and database.

Ping of death:

A large internet control message protocol (ICMP) packet sent to overflow the remote host's buffer. A ping of death usually causes the remote host to reboot or hang.

Polymorphic:

An attribute of some viruses that allows them to mutate and appear differently each time they crop up. The mutation make it harder for the virus scanner to detect and react on it.

 Retrovirus:

A virus that attack or bypass the antivirus installed on the computer.

Rogueware:

A form of virus that convince the user to pay for fake threat.

Scareware :

A softer that trying to convince unsuspecting users that a threat is exist.

Shim:

A small library that is created to intercept API calls transparently.

URL Hijacking:

Registring domains that are similer to those for a known entitiy but based on a misspelling or typographical error.

XMAS Attack:

AN advanced attack that tries to get around detection and send a packet with every single option enable.