Echo - Usually, the action of a computer to repeat and display the keyboard input onto a computer screen; every key pressed is "echoed" onto the screen. During data communications, information can be repeatedly sent, or echoed to more than one output terminal screen.

ed - A standard Unix text editor. If the filename given doesn't exist, it creates it.

edit - A Unix line-oriented text editor that runs a simplified version of ex for novice users.

EGP (Exterior Gateway Protocol) - The protocol used by a gateway in one autonomous system to advertise the IP addresses of networks in that autonomous system to a gateway in another autonomous system. Every autonomous system must use EGP to advertise network reachability to the core gateway system.

Elevator Seeking - A method of optimizing the movement of the heads on the hard disk in a file server.

Elm - A mail reader for the UNIX operating system.

E-mail/Email/Electronic Mail - An electronic means for communicating information (primarily text) by a method of sending, storing, processing, and retrieving the information. Messages are held in storage until called for by the addressee.

Email Address - An ASCII representation of the actual location of a computer account that lets people access that account to send it electronic mail, or to connect to the account to transfer data. See Address.

emacs (EMACS) - Short for Editing MACroS. A Unix text editor complete with customizable programming. It includes program compilation subprocesses and send and receive mail features. There are many variants created mainly by hackers for most major operating systems. The most widely used UNIX version is called GNU EMACS. Approximately 80 percent of hackers online time is spent using EMACS. It is considered to be the ultra editor for hackers.

Emanations - Unintentional data-related or intelligence-bearing signals that, if intercepted and analyzed, disclose the information transmission received, handled, or otherwise processes by any information processing equipment. See TEMPEST.

Emulation - Simulation of a system , function, or program.

Encryption - The process of scrambling files or programs, changing one character string to another through an algorithm (such as the DES algorithm.)

End-to-End Encryption - The protection of information passed in a telecommunications system by cryptographic means, from point of origin to point of destination.

env - A Unix command to display the current environment or, if environment variables are specified, set them to a new value and display the contents.

Entrapment - The deliberate planting of apparent flaws in a system for the purpose of detecting attempted penetrations.

Erasure - A process by which a signal recorded on magnetic media is removed.Synonymous with Degaussing.

Ethernet - A type of local area network hardware. Many TCP/IP networks are EtherNet-based. A network cable and access protocol scheme originally developed by Xerox, now marketed mainly by DEC and 3Com.

Ethernet Meltdown - An event that causes saturation or near saturation on an Ethernet. It usually results from illegal or misrouted packets and typically lasts only a short time. As an example, consider an IP datagram directed to a nonexistent host and delivered via hardware broadcast to all machines on the network. Gateways receiving the broadcast will send out ARP packets in an attempt to find the host and deliver the datagram.

Ethernet sniffing - This is listening with software to the raw Ethernet device for packets that interest the user. When the software sees a packet that fits certain criteria, it logs it to a file. The most common criteria for an interesting packet is one that contains words like login or password.

Fial Safe - Pertaining to the automatic protection of programs and/or processing systems to maintain safety when a hardware or software failure is detected in a system.

FAQ (Frequently Asked Question) - A collection of common questions on a given topic.

Fault - A condition that causes a device or system component to fail to perform in a required manner.

Fault Tolerance - A method of ensuring continued operation through redundancy and diversity.

Feedback Loop - The automatic furnishing of data concerning the output of a computer machine to an automatic control device so that errors can be corrected. Most often used to check communications throughput, send and receive processing on a computer. See also Loopback.

FDDI - Fiber Distribution Data Interface. An emerging standard for a network technology based on fiber optics that has been established by the American National Standards Instititue (ANSI.) FDDI specifies a 100 mbps data rate using 1300 nanometer light wavelength and limits networks to approximately 200 km in length, with repeaters every 2 km or less. The access control mechanism uses token ring technology.

Fiber Optics - A data-transmission method that uses light pulses sent over glass cables. See FDDI

File Server - A type of server that holds files in private and shared directories for LAN users.

File System - A hierarchical arrangement of directories and files.

File Transfer Protocol (FTP) - Used for transmitting files between systems on a network. See FTP.

Filter - A program that processes an input data stream into an output data stream in some well-defined way.

Finger - A program that displays information about a particular user or all users logged on the system, or a remote system.

Firewall machine - Computer on a network used to isolate, filter, and protect local systems from external connectivity by controlling the amount and kinds of traffic that will pass between the two. Is a dedicated gateway machine with special security precautions on it, used to service outside network connections and dial-in lines. The idea is to protect a cluster of more loosely administered machines hidden behind it from crackers.

Firmware - A computer program that is considered to be a part of a computer and not modifiable by the computer operating system. Typically embedded into microchips onboard the computer system components.

Fishbowl - To contain, isolate and monitor an unauthorized user within a system in order to gain information about the user.

Fix - A patch or solution to a reported computer problem.

Flame - An online message intended to insult or provoke other users. Communicate in an abusive or absurd manner.

Flood - To dump large amounts of text onto an Internet Relay Chat. This is especially rude when the text is uninteresting and the other users are trying to carry on a serious conversation.

Flooding - Sending lots of text to the screen at once.

Fork - The process of creating a child process identical to the parent process, at least until it gets ideas of its own.

Fork Bomb (Logic Bomb) - Code that can be written in one line of code on any Unix system; used to recursively spawn copies of itself, "explodes" eventually eating all the process table entries and effectively locks up the system.

FORTEZZA - Converter for the PCMCIA card containing cryptographic algorithm, keys and related functions developed for MOSAIC and NETSCAPE.

FOUO (For Official Use Only) - Information that has not been given a security classification pursuant to the criteria of an Executive Order, but which may be withheld from public disclosure under the criteria of the Freedom of Information Act, Title 5, U>S>C>, Section 552.

Frame - Literally, a packet as it is transmitted across a serial line. The term derives from character oriented protocols that added special start-of-frame and end-of-frame characters when transmitting packets.

Freeware - Free software distributed by email or bulletin boards.

Fried - Non-working due to hardware failure; burnt out.

Front-End Security Filter - Security filter logically separated from the remainder of an IS to protect system integrity. Synonymous with firewall.

GGP (Gateway to Gateway Protocol) - The protocol core gateways use to exchange routing information, GGP implements a distributed shortest path routing computation. Under normal circumstances, all GGP participants will reach a steady state in which the routing information at all gateways agrees. GGP is now obsolete.

gated - A program that runs under 4BSD UNIX on a gateway to allow the gateway to collect information from within one autonomous system using RIP, HELLO, or other interior gateway protocols, and to advertise routes to another autonomous system using the exterior gateway protocol, EGP.

Gateway - An interface between two networks. A system that handles electronic mail traffic between different communications networks.

get - an FTP command to "get" or download a file from a remote machine.

GID number - The group identification number used by the system to control access to accounts owned by other users.

GIF - Graphical Image Format. An image file.

Gigabit - Very high speed (one billion bits per second) data communications.

Gigabyte - A unit of data storage approximately equal to 1 billion bytes (1,073,741,824.) One gigabyte equals to 1,000 megabytes.

Glitch - A sudden interruption in electric service, sanity, continuity, or program function.

GNU - A Unix-workalike development effort of the Free Software Foundation.

Good Times - A hoax virus.

Gopher - a type of Internet service, now almost obsolete due to the World-Wide Web. A menuing interface to a tree or graph of links to documents, executable programs or other menus across the net. see Veronica, Archie, Jughead

grep - to globally search for the regular expression or particular string or pattern in a file or set of files, and print the lines containing matches to it.

Guard - A processor that provides a filter between two systems operating at different security levels or between a user terminal and a database to filter our data that the user is not authorized to access.

Guess_Password - A hacking program used for cracking VMS passwords. see Check_Password

GUI - Graphical User Interface, a computer interface based on graphical symbols rather than text. PC-based window environments and Macintosh environments are GUIs.

Gun - To forcibly terminate a program or job. See Kill.

Hack - Short for hacker. A quick job that produces what is needed, but not well. To pull a prank on.

Hack Attack - Synonymous with hacking run, though more strongly implies an all-nighter.

Hack Mode - What one is in when hacking, of course.

Hacker - A person who enjoys exploring the details of computers and how to stretch their capabilities. A malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary.

Hacking - Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.

Hacking Run - A hack session extended long outside normal working times, especially one longer than 12 hours.

Half Duplex - Alternating transmissions; each station can either transmit or receive, not both simultaneously.

Handshaking - Hardware or software activity designed to start or keep two machines or programs in synchronization as they do protocol.

Hang/Hung - To wait for an event that will never occur. Equivalent to wedged.

Harassment - In terms of computer security, using computer methods (e.g. email) to slander or bother someone.

Hardcoded - Said of data inserted directly into a program, where it cannot be easily modified,

Hardware Address - The low-level addresses used by physical networks. Each type of network hardware has its own addressing scheme. For example, Ethernet uses 48-bit hardware addresses assigned by the vendor, while proNET-10 uses small integer hardware addresses assigned when a connection to the network is installed.

Hardwired - In software, it is synonymous for hardcoded. By extension, anything that is not modifiable, especially in the sense of customizable to one's particular needs or tastes.

Hashing - Interactive process that computes a value from a particular data unit in a manner that, when a hasword is protected, manipulation of the data is detectable.

Head Crash - Disk contamination which may occur as a consequence of the read/write heads colliding with the disk surface, resulting not only in lost data but also in damaged hardware.

Header(s) - Lines at the beginning of a mail message that contain information about the message: its source, destination, subject, and the route it took to get there, among other things.

Heartbeat - The signal emitted by an Ethernet transceiver at the end of every packet to show that the collision-detection circuit is still connected. A periodic synchronization signal used by software or hardware, such as a bus clock or a periodic interrupt.

Hog - Favored term to describe programs or hardware that seem to eat far more than their share of a system's resources, esp. those which noticeably degrade interactive response.

Home Box - A hacker's personal machine, especially one he or she owns.

Home directory - The part of the file system that is allocated to an individual user for private files.

Home Page - A World Wide Web (WWW) repository for information.

Hook - A software or hardware feature included in order to simplify later additions or changes by a user.

Hop Count - A measure of distance between two points in an internet. A hop count of n means that n gateways separate the source and destination.

Hose - To make a system or software non-functional or greatly degrade in performance.

Host - Computer providing processing power for attached terminals and peripheral devices. The controlling computer of a network.

HTML (Hyper Text Markup Language) - The standard programming language of the World Wide Web. Computer language and the tags used by web browsers.

HTTP (Hyper Text Transport Protocol) - Protocol that is used to request and receive documents from servers on the World Wide web.

Hypertext - Data that contains links to other data. An on-line document with words or graphics that contain links to other documents; usually, these links can be activated by clicking the link area.

ICMP (Internet Control Message Protocol) - The TCP/IP process that provides the set of functions used for network-layer management and control.

IDEA - International Data Encryption Algorithm

Identification - The way a user tells the system who he is, usually by entering an account name or number.

Identification and Authentication - Process of establishing the validity of a claimed identity. Generally accomplished by the use of unique machine-readable user names.

Identity Token - A smart card, a metal key, or some other physical token carried by a systems user that allows user identity validation.

IEEE - Institute of Electrical and Electronics Engineers.

Impersonation - Synonymous with spoofing, mimicking, and masquerading.

Incident - Event that has actual or potentially adverse effects on AIS. Any intrusion or attempted intrusion into a computer system. Incidents can include probes of multiple computer systems.

inetd - This is the Unix Internet services daemon. It is the server process for the Internet standard service. It is normally started up during boot time.

Infection - The act or result of affecting injuriously, an infective agent or material contaminated with an infective agent, usually malicious logic in the form of a worm, virus, Trojan horse, etc.

Inference - Legitimately viewing a number of small pieces of data, then putting them together to deduce some piece of nonobvious and unclassified data.

Information Systems Security Officer (ISSO) - The person responsible to the DAA for ensuring that security is provided for and implemented throughout the lifecycle of an AIS.

Information Security - The result of any system of policies and procedures for identifying, controlling, and protecting from unauthorized disclosure, information whose protection is authorized by executive order or statute.

Information Systems Security (INFOSEC) - Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit and against the denial of service to authorized users.

Information System Security Officer - The person responsible to the DAA for ensuring that security is provided for and implemented throughout the life cycle of an AIS.

Information Warfare - Actions taken to achieve information superiority by affecting adversary information, information based processes, and information systems, while defending our own information, information based processes, and information systems. Any action to deny, exploit, corrupt, or destroy the enemy's information and its functions, protect ourselves against those actions; and exploiting our own military information functions.

Integrated Services Digital Network - Standardized operating parameters and interfaces for a network that will allow mixed digital transmission services simultaneously.

Integrity - See Accuracy.

Intelligence - The product resulting from the collection, evaluation, analysis, integration, and interpretation of all available information which concerns one or more aspects of foreign nations or of areas of foreign operations, and which is immediately or potentially significant to military planning and operations.

Interdiction - See Denial of Service.

Internal Security Controls - Hardware, firmware, and software features within a system that restrict access to resources (hardware, software, and data) to authorized subjects only (persons, programs, or devices.)

Internet - A collection of worldwide computer networks. The term used to describe all the worldwide TCP/IP-based computer networks that are connected together.

Internet Address - Any network address reachable through Internet, an absolute network address of the form username@sitename.subdomain.domain. The domain can include periods itself.

Internet Outdial - An Internet outdial is a modem connected to the Internet and can be used to dial out. Normal outdials will only call local numbers. A GOD (Global OutDial) is capable of calling long distance. Outdials are an inexpensive method of calling long distance BBS's.

Internet Protocol (IP) - A standard describing software that keeps track of the Internet address for different nodes, routes outgoing messages, and recognizes incoming messages. A DoD standard protocol designed for use in interconnected systems of packet-switched computer communication networks.

Internet Service Provider (ISP) - ISPs sell Internet access to the mass market. While the big nationwide commercial services with Internet access (like America Online, CompuServe, GEnie, Netcom, etc.) are technically ISPs, the term is usually reserved for local or regional small providers (often run by hackers turned entrepreneurs) who resell Internet access cheaply without themselves being information providers or selling advertising.

Internet Worm - Independent program that replicates from machine to machine across network connections often clogging networks and computer systems as it spreads.

InterNIC - The NSFNET manager sites on the Internet that provide information about the Internet. The Internet Registry for host registration services containing Internet name services.

Intrusion - An unauthorized access or penetration of a computer system.

Intrusion Detection - Pertaining to techniques which attempt to detect intrusion into a computer or network by observation of security logs or audit data. Detection of break-ins or attempts either manually or via software expert systems that operate on logs or other information available on the network.

Investigation - Review and analysis of system security features to determine the security provided by the operating system.

I/O - input/output

IP address - A unique internet protocol number that identifies each system in a network.

IP datagram - The basic unit of information passed across a TCP/IP internet. An IP datagram is to an internet as a hardware packet is to a physical network. It contains a source and destination address along with data.

IP slicing/hijacking - An attack whereby an active, established, session is intercepted and co-opted by the attacker. IP splicing attacks may occur after an authentication has been made, permitting the attacker to assume the role of an already authorized user. Primary protections against IP splicing rely on encryption at the session or network layer.

IP spoofing - An attack whereby a system attempts to illicitly impersonate another system by using IP network address.

IRC (Internet Relay Chat) - A worldwide "party line" network that allows one to converse with others in real time. IRC is structured as a network of Internet servers, each of which accepts connections from client programs, one per user.

ISDN (Integrated Services Digital Networking) - A network that shares high-speed data communications along with voice communications on the same wires. It splits basic service into shared channels, each of which can be used for different calls.

Java - A computer language developed by Sun for web browsers.

Joe Password - A type of logging into a computer system where the password is the same as the user name.

JPEG - An image file.

Jughead - A software tool similar to Veronica, except that it searches only a confined area of gopherspace. see Veronica, Archie, Gopher

kbps - Kilo Bits Per Second. A measure of the rate of data transmission.

Kerberos - A "trusted third party" authentication system developed at MIT which allows clients and servers to authenticate and communicate securely over an untrusted network. It uses symmetric-key encryption technology (DES) to avoid passwords being sent over the network in the clear.

Kernel - The hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept. It must mediate all accesses, be protected from modification and be verifiable as correct.

Key - A symbol or sequence of symbols which control the operations of encryption and decryption.

Key Card - Paper card, containing a pattern of punched holes, which establishes the key for a specific cryptonet at specific time.

keylogin - The Unix command to decrypt and store unclassified key with keyserv. The command prompts for a password, and uses it to decrypt the user's unclassified key. These encryption keys are used for accessing secure network services such as secure NFS and NIS+.

keyserv - The Unix command for storing private encryption keys. It is a daemon that is used for storing the private encryption keys of each user logged into the system.

Keystroke Monitoring - A specialized form of audit trail software, or a specially designed device, that records every key struck by a user and every character of the response that the host computer returns to the user.

Kill - To forcibly terminate a program or job.