This page offers security tips and other resources.
Computer Security Primers
BroncoPassword Guidelines
Acceptable Use Policy Overview
Security Advisory: Phishing
Basic Security Terms
Here are some basic definitions of various computing security terms.
- Attack – Intentional act of attempting to bypass one or more computer security controls.
- Cache – A type of memory reserved for holding recently accessed data, designed to speed up subsequent access to the same data.
- Cookie – A small amount of information that a website copies to the hard drive, which helps that website identify you the next time you visit.
- Denial of Service Attack – Result of any action or series of actions that prevents any part of an information system from functioning.
- Email Spoofing – Forging an email header to make it appear as if it came from somewhere or someone other than the actual source.
- Honeypot – An Internet-attached server that acts as a decoy, luring in potential hackers in order to study their activities and monitor how they are able to break into a system.
- Keylogger – Hardware or software that records a user’s keystrokes, usually for the purpose of obtaining secret or encrypted data or passwords.
- Malware - Software designed to infiltrate or damage a computer system without the owner's informed consent. It is a morpheme of the words "malicious" and "software". The expression is a general term used by computer professionals to denote various forms of hostile, intrusive or annoying software or program code.
- Phishing – The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The email directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security and bank account numbers that the legitimate organization already has. The website, however, is bogus and set up only to steal the user’s information. View an example.
- Rootkit - A general description of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Techniques used to accomplish this can include concealing running processes, files or system data from the operating system. Rootkits have their origin in benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection.
- Shoulder Surfing – When someone watches a user, trying to see what is on the user's computer screen or typed on the keyboard in the hopes of gaining access to private information.
- Sniffer – A program and/or device that monitors data traveling over a network. These programs/devices can be used both for legitimate network management functions and for stealing information off a network.
- Social Engineering – The practice of obtaining confidential information by manipulation of legitimate users. Social engineering is the act of obtaining or attempting to obtain otherwise secure data by conning an individual into revealing secure information.
- Spam - Electronic junk mail or junk postings to news groups or discussions boards. Some define Spam as any unsolicited email. Roughly 75% of all email sent today is Spam.
- Spyware – Any software that covertly gathers user information through the user's Internet connection without his or her knowledge. The information collected via spyware is usually for marketing research purposes
- Trojan Horses – A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves, but they can be just as destructive. Like viruses, Trojan horses can be contracted from emails or email attachments as well as through files accessed from the Internet.
- Viruses - A program or script that is loaded onto a computer without the user's knowledge and runs without user control. Viruses can replicate themselves. All computer viruses are man-made. Even a simple virus is dangerous because it can quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Viruses can be contracted via emails and email attachments as well as through files accessed from the Internet.
- Worms - A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs. Like other viruses, worms can be transmitted via email messages and email attachments as well as through files accessed from the Internet.
- Zombie – A computer that has been implanted with a daemon that puts it under the control of a malicious hacker without the knowledge of the computer owner.
eHelp
