Glossary

Apache - is the world's most widely used web server software. Originally based on the NCSA HTTPd server, development of Apache began in early 1995 after work on the NCSA code stalled. Apache played a key role in the initial growth of the World Wide Web,[4] quickly overtaking NCSA HTTPd as the dominant HTTP server, and has remained the most popular HTTP server since April 1996. In 2009, it became the first web server software to serve more than 100 million websites. Apache is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation. Most commonly used on a Unix-like system (usually Linux),[6] the software is available for a wide variety of operating systems, including Windows, OS X, Linux, Unix, FreeBSD, Solaris, NetWare, OS/2, TPF, OpenVMS and eComStation. Released under the Apache License, Apache is free and open-source software.

Backdoor - in a computer system is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The access might be provided via: GNU/Linux shell — Bash, Microsoft Windows NT shell — cmd).

Botnets - are groups of computers connected to the Internet that have been taken over by a hacker. The hacker controls all the computers and they behave like a “robot network” (a.k.a. "botnet"). Bonets contain anywhere from hundreds to thousand of computers. The botmaster (the hacker who controls the botnet) then uses these computers to send spam email, spread viruses, attack other networks or any other variety of malicious activity.

Computer virus - is a type of software with the feature of self-replication. Besides, it is able to damage or completely delete the data controlled by the user from whose profile the infected software was launched.

DDoS - distributed denial-of-service attack is an attempt to make a machine or network resource unavailable to its intended users. A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. As clarification, distributed denial-of-service attacks are sent by two or more people, or bots, and denial-of-service attacks are sent by one person or system.

FTP - is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server.[1] FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). SSH File Transfer Protocol (SFTP) is sometimes also used instead, but is technologically different. The first FTP client applications were command-line applications developed before operating systems had graphical user interfaces, and are still shipped with most Windows, Unix, and Linux operating systems.[2][3] Many FTP clients and automation utilities have since been developed for desktops, servers, mobile devices, and hardware, and FTP has been incorporated into productivity applications, such as Web page editors.

HTTP - (HyperText Transfer Protocol) — the application level data transfer protocol (initially — hypertext documents in HTML format, now used to transfer of arbitrary data). HTTP based on client-server technology, i.e. we assume existence of consumers (clients) initiating connection and sending request and producers (servers) waiting for connection to get request and execute necessary actions and return back the message with result.

HTTP-server - server receiving HTTP-requests from clients, usually from web-browsers and sending them HTTP-responses, as a rule, together with HTML-page, image, file, media stream or other data. The software having the functions of web-server as well as computer itself on which such software operates dubbed as web-server.

IRC - (Internet Relay Chat) is an application layer protocol that facilitates the transfer of messages in the form of text. The chat process works on a client/server networking model. IRC clients are computer programs that a user can install on their system. These clients communicate with chat servers to transfer messages to other clients. IRC is mainly designed for group communication in discussion forums, called channels, but also allows one-on-one communication via private messages as well as chat and data transfer, including file sharing.

Jailbreak - iPhone/iPod Touch/iPad/ — officially not supported by Apple operation, which allows to get access to file system of iPhone, iPod or iPad devices. By doing this you can remove the limitations implemented by Apple and so you can then install third-party apps, tweaks or modifications, and even themes to change the appearance of your device; all of which are not available in Apple’s App Store. Jailbreaking allows access to the entire filesystem on the iPhone, iPod or iPad. At that, by jailbreaking you will void your warranty with Apple and so if you take your jailbroken device into an Apple store for help they’ll void your warranty.

Malware - is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems: computer viruses, Trojans and so on.

Messenger - short for instant message, a type of communications service that enables you to create a kind of private chat room with another individual in order to communicate in real time over the Internet, analagous to a telephone conversation but using text-based, not voice-based, communication. Typically, the instant messaging system alerts you whenever somebody on your private list is online. You can then initiate a chat session with that particular individual.

MITM - Man in the middle attack — is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other

Network worm - is a type of self-replication computer software propagated within local and global computer networks. Unlike viruses, worm is independent software. Trackware is new variation of malware, which track and register operations performed on computer.

OpenSSL - is an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. Versions are available for most Unix-like operating systems (including Solaris, Linux, Mac OS X and the various open-source BSD operating systems), OpenVMS and Microsoft Windows. IBM provides a port for theSystem i (OS/400). OpenSSL is based on SSLeay by Eric Andrew Young and Tim Hudson, development of which unofficially ended on December 17, 1998, when Young and Hudson both started to work for RSA Security.

Pay-per-Click - (PPC), also called cost per click, is an internet advertising model used to direct traffic to websites, in which advertisers pay the publisher (typically a website owner) when the ad is clicked. It is defined simply as “the amount spent to get an advertisement clicked.” With search engines, advertisers typically bid on keyword phrases relevant to their target market. Content sites commonly charge a fixed price per click rather than use a bidding system. PPC "display" advertisements, also known as "banner" ads, are shown on web sites or search engine results with related content that have agreed to show ads.

Phishing - is the illegal attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using fake bait in an attempt to catch a victim. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. Many websites have now created secondary tools for applications, like maps for games, but they should be clearly marked as to who wrote them, and users should not use the same passwords anywhere on the internet.

RSA - is one of the first practical public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and differs from the decryption key which is kept secret. In RSA, this asymmetry is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem. RSA is made of the initial letters of the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described the algorithm in 1977. Clifford Cocks, an English mathematician, had developed an equivalent system in 1973, but it was not declassified until 1997.

Spam - (electronic spamming) is the use of electronic messaging systems to send unsolicited messages, especially advertising, as well as sending messages repeatedly on the same site. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: Internet forum spam with advertising links, instant messaging spam, distribution of advertisements via email etc.

SSH - - (Secure Shell) allows a user to run commands on a machine's command prompt without them being physically present near the machine. It also allows a user to establish a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. SSH was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols.

SSL - (Secure Sockets Layer) are cryptographic protocols designed to provide communications security over a computer network.[1] They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating,[2] and to negotiate a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication.[clarification needed] Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging, and voice-over-IP (VoIP). An important property in this context is forward secrecy, so the short-term session key cannot be derived from the long-term asymmetric secret key

TLS - (Transport Layer Security) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to negotiate a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication.[clarification needed] Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging, and voice-over-IP (VoIP). An important property in this context is forward secrecy, so the short-term session key cannot be derived from the long-term asymmetric secret key.

Trojan - is a malware that serves the attacker to collect, destroy or modify the information, leads to computer malfunction or exploration of its resources with evil intent.

WordPress - is an open source content management system distributed under GNU GPL license. It was written in PHP and uses MySQL as a database server. Fields of application varies from blogs to sufficiently complex news portals and internet stores. Embedded system of themes and plugins as well as neat architecture allows developing almost any projects.

XSS - Cross-site scripting is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.