Safeguards - The protective measures and controls that are prescribed to meet the security requirements specified for a system. Those safeguards may include but are not limited to: hardware and software security features, operating procedures, accountability procedures, access and distribution areas, and devices.

Salami Technique - The process of secretly and repetitively slicing away tiny amounts of money in a way that is unlikely to be noticed.

Samurai - A hacker who hires out for legal cracking jobs, snooping for factions in corporate political fights, lawyers pursuing privacy-rights and First Amendment cases, and other parties with legitimate reasons to need an electronic locksmith.

SATAN (Security Administrator Tool for Analyzing Networks) - A tool for remotely probing and identifying the vulnerabilities of systems on Internet Protocol networks. A powerful freeware program which helps to identify system security weaknesses.

Scanning - Running a program, often called a war dialer or a demon dialer, that tries a set of sequentially changing numbers (telephone numbers or passwords), to determine which ones respond positively; for example, with telephone numbers, the program would report those that successfully connect to modems. Synonymous with war dialing.

Scavenging - Searching through object residue (discarded disks, tapes, or paper) to acquire sensitive data without authorization. Synonymous with trashing and dumpster diving.

Screened subunit - A subunit behind a screening router. The degree to which the subunit may be accessed depends on the screening rules in the router.

SCSI (small computer systems interface) - A PC bus interface standard that defines standard physical and electrical connections for devices.

SCSI device driver - A program that enables a computer to communicate with SCSI peripheral devices. Each kind of device requires a different driver.

Search-And-Destroy Mode - Hackerism for a noninteractive search-and-replace facility in an editor, so called because an incautiously chosen match pattern can cause infinite damage.

Secrecy - See Confidentiality

Secure Network Server - A device that acts as a gateway between a protected enclave and the outside world.

Secure Operating System - An operating system that effectively controls hardware and software functions in order to provide the level of protection appropriate to the value of the data and resources managed by the operating system.

Secure Shell - An completely encrypted shell connection between two machines protected by a super long passphrase.

Secure System Operations - Resident software that controls hardware and other software functions in an AIS to provide a level of protection or security appropriate to the classification, sensitivity, and/or criticality of the data and resources it manages.

Security Audit - A search through a computer system for security problems and vulnerabilities.

Security Breach - A violation of controls of a particular information system such that information assets or system components are unduly exposed.

Security Countermeasures - Countermeasures that are aimed at specific threats and vulnerabilities or involve more active techniques as well as activities traditionally perceived as security.

Security Flaw - An error of commission or omission in a system that may allow protection mechanisms to be bypassed.

Security Incident - Any act or circumstance that involves classified information that deviates from the requirements of governing security publications, for example, compromise, possible compromise, inadvertent disclosure, and deviation. An event involving classified information in which there is a deviation from the requirements of the governing security regulations.

Security Policy - The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information.

Security Safeguards - The protective measures and controls that are prescribed to meet the security requirements specified for a system. Those safeguards may include but are not limited to: hardware and software security features, operating procedures, accountability procedures, access and distribution areas, and devices.

Security Threat - The technical and operational capability of an adversary to detect and exploit vulnerabilities.

Security Violation - An instance in which a user or other person circumvents or defeats the controls of a system to obtain unauthorized access to information contained therein or to system resources.

sed - Another Unix editor. This editor can edit one or more files automatically; simplifies edits with great pattern matching, input/ouput processing, and branching commands.

segment - The unit of transfer sent from TCP on one machine to TCP on another. Each segment contains part of a stream of bytes being sent between the machines as well as additonal fields that identify the current position in the stream and contain a checksum to ensure validity of received data.

Sendmail - The standard UNIX mail agent. A Unix mail program with lots of known vulnerabilities to hack into a computer system. It is very flexible, but has very difficult configuration syntax and has had numerous security bugs, because it's a large program which needs to run with root privileges.

Serial - Means of communication in which digital data is sent one bit at a time over a serial line.

Server - A system that provides network service such as disk storage and file transfer, or a program that provides such a service. A kind of daemon which performs a service for the requester, which often runs on a computer other than the one on which the server runs.

Session - An activity for a period of time; the activity is access to a computer/network resource by a user; a period of time from log on to termination log off.

Session Hijacking - Taking over an authorized user's terminal session, either physcially when teh user leaves his terminal unattended or electronically when the intruder carefully connects to a just-disconnected communications line.

S-HTTP - Secure Hyper Text Transport Protocol

Shareware - Software freely distributed with the understanding that users will voluntarily pay for it if they continue to use it after a short trial period. Synonymous with freeware.

Shielding - Buffering or putting a container of some kind around a piece of equpment (e.g. a computer, a disk drive or printer, a cable, or even an entire building) so emissions from the equipment cannot leak out and be decoded, leading to information compromise.
Shell - A computer command interpreter used to pass commands to an operating system. In Unix there are several programming shells, i.e. Korn shell, Bourne shell, CShell.

shutdown - A Unix command used to shutdown the system; has many options.

Signature - A standard sign-off used by people for e-mail and news group posts, often contained in a file and automatically appended to the mail or post.

Single Sign-On - A method by which a user must identify him/herself and present their credentials only once to a system.

Site - A group of computers under one administrative control.

SLIP - Single Line IP, a protocol used to connect a single host to an IP network over a serial line, such as a telephone line.

smart card - An access card containing encoded information and sometimes a microprocessor and a user interface. The information on or generated by the card is used to authenticate the user so he or she can gain access to a facility or a system.

SMB (Server Message Block) - A distributed file system network protocol that allows one computer to use the files and peripherals of another as if they were local. Developed by Microsoft and adopted by IBM and other vendors.

SMTP (Simple Mail Transfer Protocol) - A protocol that describes an email system with both host and user sections. The Internet standard protocol for e-mail transfer.

SNA (System Network Architecture) - The name applied to an architecture and a class of network products offered by IBM Corporation. SNA does not interoperate with TCP/IP.

Snarf - To grab a large document or file for the purpose of using it with or without the author's permission.

Sneaker - An individual hired to break into places in order to test their security; analogous to tiger team.

Sniffer - A program to capture data across a computer network. Used by hackers to capture user id names and passwords. Software tool that audits and identifies network traffic packets.

SNMP (Single Network Management Protocol) - A Structure for formatting messages and for transmitting information between reporting devices and data-collection programs; developed in part by DoD, Industry, and Academia as part of the TCP/IP protocol suite.

Social Engineering - An attack based on deceiving users or administrators at the target site. Social engineering attacks are typically carried out by telephoning users or operators and pretending to be an authorized user, to attempt to gain illicit access to the systems.

Socket - An endpoint for network communication between two processes that works much like a telephone. The most important thing about a socket is its address. Different kinds of sockets have different kinds of addresses - some look like filenames, others don't.

Software Piracy - Unauthorized copying of software, either commercial or otherwise controlled.

Source Quench - A congestion control technique in which a machine experiencing congestion sends a message back to the source of the packets causing the congestion requesting that the source stop transmitting. In a TCP/IP internet, gateways use ICMP source quench to stop or reduce the transmission of IP datagrams.

Source Route - A route that is determined by the source. TCP/IP implements source routing by using an option field in an IP datagram. The source fills in a sequence of machines that the datagram must visit along its trip to the destination. Each gateway along the path honors source routing by following the list of machines to visit instead of following the usual route to the destination.

Spam - To crash a program by overrunning a fixed-site buffer with excessively large input data. Also, to cause a person or newsgroup to be flooded with irrelevant or inappropriate messages.

SPI (Secure Profile Inspector) - A network monitoring tool for Unix, developed by the Department of Energy.

Spoofing - Pretending to be someone else. The deliberate inducement of a user or a resource to take an incorrect action. Attempt to gain access to an AIS by pretending to be an authorized user. Impersonating, masquerading, and mimicking are forms of spoofing.

Spooling - To send files to some device or program that queues them up and does something useful with them later. The use of auxiliary storage as buffer storage to reduce processing delays when transferring data between peripheral equipment and the processors of a computer. Spooling directory, spooling space.

ssh - A Unix command which allows logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network.

SSL - Secure Sockets Layer

String of Characters - A sequence of ASCII characters.

su - A Unix command requesting a change to superuser mode. see superuser

Subroutine - A named or labeled piece of programming code that can be invoked from elsewhere in the program. A subroutine is often parameterized to accomplish different but related things depending on its input arguments. If it returns a value, it is also called a function.

Subnet Address - An extension of the IP addressing scheme that allows a site to use a single IP network address for multiple physical networks. Outside of the site using subnet addressing, routing continues as usual by dividing the destination address into a network portion and local portion.

Substring - A portion of a String of Characters.

sunrcp - A Sun/Unix command to copy files to and from remote systems. see rpc

Superuser - The account with all privileges. Root account. System Administrator or System Administrator-level privileges. A user who is granted special privileges if the correct password is supplied when logging in as root or using the su command. This usage has spread to non-Unix environments; the superuser is any account with all wheel bits on. Special user with user name root and user identifier 0, who can perform in control of processes, devices, networks, and file systems.

Superzapping - Using a privileged system program, such as IBM's Superzap, to override ordinary security safeguards and controls.

Surf - To traverse the Internet in search of interesting stuff.

Swap Space - A disk space, partition, or file used to temporarily hold the contents of a memory area until it can be loaded back into memory.

Symbolic Link - An alternate filename that points to the real name. Whenever the operating system is trying to parse a pathname containing a symbolic link, it merely substitutes in the real name, and continues parsing.

SYN (SYNchronizing segment) - The first segment sent by the TCP protocol, it is used to synchronize the two ends of a connection in preparation for opening a connection.

SYN Flood - When the SYN queue is flooded, no new connections can be opened. see denial of service.

Synchronous - Refers to a transmission system in which characters are synchronized by the transmission of initial sync characters and a common clock signal. No stop or start bits are used.

Syntax - How things are put together with each other; (particularly strings of characters of executable commands.)

Sysadmin - Common contraction of system administrator.

Sysop - The SYStem Operator. In the BBS world, the operator of a bulletin-board system.

System - A computer with a keyboard and terminal. A system can have either local or remote disks, and may have additional peripheral devices.

System Administrator - A computer operations person whose primary function is to operate on all equipment associated with the computer system.

T1 - A 1.544 megabit per second communications circuit provided by long-distance communications carriers for voice or data transmission. T1 lines are typically divided into 24 separate 64 kilobit channels.

T3 - The equivalent of 28 T1 channels. A communications channel with a bandwidth of 44.736 megabits per second. This is equivalent to 672 voice channels, each of 64 kilobits per second.

TAC (Terminal Access Controller) - A program and a piece of hardware that connects terminals to the Internet, usually using dialup modem connections. In essesnce, a TAC is a host computer that accepts terminal connections from dialup lines and allows the user to invoke Internet remote login software (e.g. TELNET.)

Talk mode - A feature supported by Unix and some other operating systems that allows two or more logged-in users to set up a real-time on-line conversation. Automatically splits the user screens into windows per number of users.

Tampering - An unauthorized modification that alters the proper functioning of equipment or a system in a manner that degrades the security or functionality it provides.

tar - A Unix command to archive files, often on backup tapes. Follow-on tar commands can append files to existing "tar-ed" files.

TCP - Short for Transmission Control Protocol. A protocol wrapped around the Internet Protocol to make an unreliable packet transmission mechanism appear to the application program to be a reliable stream of bytes.

TCP/IP (Transmission Control Protocol/Internet Protocol) - This is the wide area networking protocol that makes the Internet work. A set of communications protocols that has evolved since the late 1970s, when it was first developed by the DoD. Because programs supporting these protocols are available on so many different computer system, they have become an excellent way to connect different types of computes over networks.

tcpwrapper - A software tool for security which provides additional network logging, and restricts service access to authorized hosts by service.

Technical Attack - An attack that can be perpetrated by circumventing or nullifying hardware and software protection mechanisms, rather than by subverting system personnelor other users.

Technical Vulnerability - A hardware, firmware, communication, or software flaw that leaves a computer processing system open for potential exploitation, either externally or internally, thereby resulting in risk for the owner, user, or manager of the system.

telnet - A terminal-emulation protocol. Software supporting TELNET usually comes as a utility in a TCP/IP package. Included as a standard feature of Unix. TELNET also supports an input mode, where one can enter commands directly on the remote system.

TEMPEST - The study and control of spurious electronic signals emitted by electrical equipment. (TEMPEST is not an acronym)

Tentacle - An artificial identity created in cyberspace for malicious and deceptive purposes. The implication is that a single person may have multiple tentacles.

Terminal Hi-jacking - Allows an attacker on a certain machine to control any terminal session that is in progress. A attack hacker can send and receive terminal i/o while a user is on the terminal.

TFTP (Trivial File Transfer Protocol) - A simplified version of FTP that transfers files but does not provide password protection or user-directory capability. It is associated with the TCP/IP family of protocols.

Threat - The means through which the ability or intent of a threat agent to adversely affect an automated system, facility, or operation can be manifest. A potential violation of security.

Threat Agent - Methods and things used to exploit a vulnerability in an information system, operation, or facility, fire natural disaster and so forth.

Threat Analysis - The examination of all actions and events that might adversely affect a system or operation.

Threat Assessment - Process of formally evaluating the degree of threat to an information system and describing the nature of the threat.

Threat Event - A specific type of threat event as often specified in a risk analysis procedure.

Threat Monitoring - The analysis, assessment, and review of audit trails and other data collected for the purpose of searching out system events that may constitute violations or attempted violations of system security.

Throughput - The number of bits, characters, or blocks that can pass through a data communication system when the system is working at saturation.

Tiger - A software tool which scans for system weaknesses.

Tiger team - Government and industry-sponsored teams of computer experts who attempt to break down the defenses of computer systems in an effort to uncover, and eventually patch, security holes. Time Bomb - A logic bomb that is triggered by reaching some preset time, either once or periodically. A variant of the Trojan horse in which malicious code is inserted to be triggered later.

Time-Out - A network parameter related to an enforced event designed to occur at the conclusion of a predetermined elapsed time.

Time-Sharing - A mode of operation that provides for the interleaving of two or more independent processes on one function unit.

Timing Attacks - Attacks that take advantageof the timing of computer proceses and operations to get access.

Tinkerbell Program - A monitoring program used to scan incoming network calls and generate alerts when calls are received from particular sites, or when logins are attempted using certain IDs.

Token Ring - When used in the generic sense, a type of network technology that controls media access by passing a distinguished packet, called a token, from machine to machine. A computer can only transmit a packet when holding the token. When used in a specific sense, it refers to the token ring network hardware produced by IBM.

Topology - The map or plan of the network. The physical topology describes how the wires or cables are laid out, and the logical or electrical topology describes how the messages flow.

touch - A Unix command to change a file's access time and modification time to the current date. If trying to change the date for a file that does not exist, touch will create a new file under that name. This is one quick way to determine if a directory structure can be written to.

Trace Packet - In a packet-switching network, a unique packet that causes a report of each stage of its progress to be sent to the network control center from each visited system element.

traceroute - An operation of sending trace packets for determining information; traces the route of UDP packets for the local host to a remote host. Normally traceroute displays the time and location of the route taken to reach its destination computer.

Traffic - The information moved over a communication channel.

Traffic Analysis - Collection and analysis of information. Analysis of message characteristics (e.g. length, frequency, destination) can sometimes provide information to an eavesdropper.

Transceiver - A communicating device capable of transmitting and receiving. A device that connects a host interface to a local area network (e.g. Ethernet.) Ethernet transceivers contain analog electronics that apply signals to the cable and sense collisions.

Trap and Trace Device - A generic term that may encompass pen registers, which record the telephone numbers received by a particular phone, and dialed number recorders which record the telephone numbers dialed by a particular phone. Technically, a trap is placed on a telephone number in advance, while a trace is conducted while the call is in progress.

Trap Door - A hidden software or hardware mechanism used to circumvent security control. aka Back door. See Maintenance Hook

Trashing - See dumpster diving. Tripwire - A software tool for security. Basically, it works with a database that maintains information about the byte count of files. If the byte count has changed, it will identify it to the system security manager.

Trojan Horse - An apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data.

Troll - An online message whose purpose is to attract responses and make the responders look stupid. People who troll want to make you waste your time responding to their pointless statements.

True-Hacker - One who exemplifies the primary values of hacker culture, especially in competence and helpfulness to other hackers.

Trust/Trusted - Confidence that an entity, to which trust is applied, will perform in a way that will not prejudice the security of the user of the system of which that entity is a part. e.g. agent, a computer, a network, a database, etc.

TTL (Time To Live) - A technique used in best-effort delivery systems to avoid endlessly looping packets.

TTY Watcher - A hacker tool that allows hackers with even a small amount of skill to hi-jack terminals. It has a GUI interface and reported to be loads of fun. see terminal hi-jacking

Tunneling - Use of one data transfer method to carry data for another method.

Twisted Pair Wiring - Cable comprised of two wires twisted together at six turns per inch to provide electrical self-shielding.

Type 1 - Cryptographic systems, products/algorithms approved for the protection of classified US Government information.

Type 2 - Cryptographic systems/products/algorithms approved for the protection of sensitive unclassified US Government information

UART (Universal Asynchronous Receiver and Transmitter) - An electronic device consisting of a single chip that can send or receive characters on asynchronous serial communication lines that use RS232. UARTs are flexible because they have control lines that allow the designer to select parameters like transmission speed, parity, number of stop bits, and modem control. UARTs appear in terminals, modems, and on the I/O boards in computers that connect the computer to terminal(s.)

ufs - Unix file system.

UDP (User Datagram Protocol) - A TCP/IP protocol describing how messages reach application programs within a destination computer. This protocol is normally bundled with IP-layer software.

UID number - The user identification number assigned to each login name. UID numbers are used by the system to identify, by number, the owners of files and directories.

umask - A Unix command to create or return the current value of the file-creation mask, which determines default values for new files.

Unapproved Software - All software that has not been formally identified, evaluated, and examined by competent personnel to ensure that the software performs to exact specifications.

Unauthorized/unprivileged User - Any person who interacts without authorization directly with a computer system.

uncompress - A Unix command to uncompress a compressed file, usually with a name ending in .Z.

Universal Time - The international standard time reference that was formerly called Greenwich Mean Time. It is also called universal coordinated time.

Unix - Not an acronym. A computer operating system. Unix has become the most widely used multitasking, multiuser, time-sharing, general purpose operating system. Developed by AT&T and has enjoyed popularity among engineering and technical professionals. Unix is finding new uses as the basis of the file-server operating systems for networks of PCs. Re-implemented in the C programming language made it the first source-portable operating system.

Unprotected - A computer system that isn't regulated with concern to the control of access between subjects and objects. See copy protected.

Upload - To transfer programs or data over a digital communications link from a smaller or peripheral client system to a larger or central host.

unzip - command to return a "zip" compressed file back to its original uncompressed state.

URL - Uniform Resource Locator

USENET - A worldwide news conferencing system. It is the largest BBS-like system in existence. Discussion lists in the USENET range from the highly technical, used in research and business, to the frivolous and nonsensical.

user - A person or a process that accesses a computer system.
br> user account - An account set up for an individual user, (in Unix) in the Passwd database that specifies the user's login name, UID, GID, login directory, and login shell.

user ID - A unique code or string of characters with which a particular user identifies himself or herself to a computer system.

User Profile - Patterns of a user's activity which can detect changes in normal routines.

UUCP (Unix-to-Unix Copy Program) - A standard Unix utility used for information exchange between two Unix nodes. The store and forward network consisting of all the world's connected UNIX machines and others running some clone of the Unix-to-Unix-CoPy software.

uudecode - A Unix command that reads a file converted by uuencode and restores it to original form.

uuencode - A Unix command that converts a binary file to an encoded form that can be sent with the mailx command. This encoded file is in ASCII form.

Vaccines - Program that injects itself into an executable program to perform a signature check and warns if there have been any changes. See Anti-Virus Program.

Validation - The test activities associated with a product to ensure compliance of that product with its specified requirements. The checkingof data for correctness, or compliance with applicable standards, rules, and conventions.

Variable - A named storage location that can hold any of various values, as one's program sees fit.

Veronica - A Gopher based resource that you can use to search gopherspace for all the menu items that contain specified words. see Jughead, Archie, Gopher

vi - A text editor considered the de facto standard UNIX editor and a nearly undisputed hacker favorite until the rise of EMACS (about 1984.) Considered powerful but has a rudimentary interface and tends to frustrate new users to no end.

virtual memory - A memory management technique that is used by the operating system for programs that require more space in memory than can be allotted to them. The Unix kernel moves only pages of the program currently needed into memory; not needed pages remain on the disk.

virtual network perimeter - A network that appears to be single protected network behind firewalls, which actually encompasses encrypted virtual links over untrusted networks.

Virtual Password - A password computed from a passphrase that meets the requirements of password storage, e.g. 64 bits for DES.

Virus - A variation of Trojan Horse. It is propagating with a triggering mechanism (event time) with a mission (delete files, corrupt data, send data.) Often self replicating, malicious program segment that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence.

Virus scanner - A software program which can search out, locate, and possibly remove a virus.

Vulnerability - Hardware, firmware, or software flow that leaves a computer processing system open for potential exploitation. A weakness in automated system security procedures, administrative controls, physical layout, internal controls, and so forth, that could be exploited by a threat to gain unauthorized access to information or disrupt critical processing.

Wabbit - A legendary early hack (circa 1978.) The program makes two copies of itself every time it is run, eventually crashing the system.

WAIS (Wide Area Information Service) - An Internet service that allows you to search a large number of specially indexed database.

wall - A Unix command to write a message to everyone's display screen of the immediate host LAN.

Wallpaper - A file containing a listing (e.g., assembly listing) or transcript, esp. a file containing a transcript of all or part of a login session. Also used to name the background picture of windowing software.

WAN (Wide Area Network) - A type of network that connects computers over areas potentially as wide as the entire world.

Wannabee - A would-be hacker.

War Dialer - A cracking tool, a program that calls a given list or range of numbers and records those which answer with handshake tones (and so might be entry points to computer or telecommunications systems.)

War Dialing - Synonymous with scanning.

Warez - Widely used in cracker subcultures to denote cracked version of commercial software, that is versions from which copy-protection has been stripped. Hackers recognize this term but don't use it themselves.

Web Browser - A software application which allows access to websites on the World Wide Web. Examples are Netscape, Mosaic, Microsoft Explorer, Apache.

Webmaster - The person at a site providing World Wide Web information who is responsible for maintaining their web site.

Web Server - A computer which feeds documents and media to the browsers that request them.

Web site - A computer running a web server with a valid URL, which is accessible by a web browser.

Wedged - To be stuck, incapable of proceeding without help. The system or software is trying to do something but cannot make progress; it may be capable of doing a few things, but not be fully operational.

Well-known Port - Any of a set of protocol port numbers preassigned for specific uses by transport level protocols (i.e. TCP and UDP.) Servers follow the well-known port assignments so clients can locate them. Examples of well-known port numbers include ports assigned to echo servers, time servers, remote login (telnet) servers, and file transfers (ftp) servers.

Wheel - A person who has an active wheel bit. The traditional name of security group zero, to which the major system-internal users like "root" belong. Only the big wheels have access to the wheel group.

Wheel bit - A privilege bit that allows the possessor to perform some restricted operation on a timesharing system, such as read or write any file on the system regardless of protections, change or look at any address in the running monitor, crash or reload the system, and kill or create jobs and user accounts.

who - A Unix command to find out who is on the local machine. see rwho

whois - A service that lets you look up information about Internet hosts and users.

Wide Area Network (WAN) - a physical or logical network that provides capabilities for a number of independent devices to communicate with each other over a common transmission-interconnected topology in geographic areas larger than those served by local area networks. A network which ranges from a few kilometers to thousands of kilometers and handles transmission speeds from a few kilobits/second to megabits/second.

Wideband - Refers to a channel or transmission medium capable of passing more frequencies than a standard 3kHz voice channel.

Window - A portion of a display surface in which display images pertaining to a particular application can be presented. Different applications can be displayed simultaneously in different windows.

Wiretapping - Interception of communications signals with the intent to gain access to information transmitted over communications circuits.

Wiring Hub - A cabinet, usually mounted in a wiring closet, that holds connection modules for various kinds of cabling. The hub contains electronic circuits that re-time and repeat the signals on the cable. The hub may also contain a microprocessor board that monitors and reports on network activity. See Concentrator.

Wizard - A person who knows how a complex piece of software or hardware works; esp. someone who can find and fix bugs quickly in an emergency.

World Wide Web - A hypertext based tool that allows one to retrieve and display data based on keyword searches. The power of the web lies with the idea of hypertext: data that contains links to other data. see hypertext

Work Station - For automated systems, a configuration of input, output, display and processing equipment that provides an operator interface to a system, such as a central computer, communication, or control system.

Worm - A program or executable code module which resides in distributed systems or networks. It will replicate itself, if necessary, in order to exercise as much of the systems's resources as possible for its own processing. Such resources may take the form of CPU time, I/O channels, or system memory. It will replicate itself from machine to machine across network connections, often clogging networks and computer systems as it spreads.

Wrapper - A program that runs another program, modifying some of its input or output for better suited purposes.

X - A windowing software application and widely used on UNIX system.

X Window - A network-based windowing system that provides a programmatic interface for graphic window displays. X Window permits graphics produces on one networked workstation to be displayed on another.

X.25 - The CCITT standard protocol for transport level network service. Orginally designed to connect terminals to computers, X.25 provides a reliable, stream transmission service that can support remote login. X.25 is most popular in Europe.

X.400 - The CCITT protocol for electronic mail that is expected to become widely accepted. Work is underway to make TCP/IP mail systems interoperate with X.400.

XDR (eXternal Data Representation) - The standard for a machine independent data structure representation developed by SUN Microsystems, Incorporated.

Yellow Pages - A network information service which has been renamed to Yellow Pages. see NIS.

Zero, Zero-fill, Zero-out - To fill unused storage locations in an IS with zeros. Normally done to erase or remove information on magnetic media.

Zip - To create a compressed archive from a file or group of files; originally from using PKWare's PKZIP program.