API (Application Programming Interface) - set of definitions of the ways in which one piece of computer software communicates with another

Applet - a small program that runs in a panel that provides a specific function

Application server - a network-based engine for building applications. Typically application servers are put in between the user interface portion of an application and the infrastructure, such as database servers. Application servers are designed to handle transaction-based operations

Audio compression - works by setting a limit for how loud sound can get while raising low parts of a song a certain extent, depending on the level of compression. Basically, the lowest and highest volume levels of a song get closer together. This should not be confused with the use of a codec for data compression, which is about how music is digitally stored; audio compression is about sound

Backdoor - a program that "listens" at a specific port or ports on a computer for instructions or downloads from remote systems. Used by Trojan horse programs, the backdoor provides unauthorized remote access to the compromised system without the PC owner's knowledge

Bandwidth - the size of the "pipe" that brings information to and from computers over the Internet. Low bandwidth includes dial-up modem speeds of 28 kbps and 56 kbps, while high-bandwidth (broadband) connections deliver more information at a faster pace

Browser Helper Objects (BHO) - DLL's which are installed into Internet Explorer and have access to most functionality of IE

BSD (Berkley Software Distribution) - popular version of UNIX that helped establish the Internet. BSD lives on today in the variants FreeBSD, OpenBSD, and NetBSD

Buffer - an area of memory (usually on your hard drive) that is shared by two enabling processes, which run at different speeds to sync up with each other. For example, a buffer designed for streaming audio helps a patchy data stream from a server sound consistent when played by your computer's audio software

Cocoa - API (or toolkit) used in Apple's popular OS X operating system

Codec - An algorithm for compressing and decompressing the data that makes up audio and video files. Once a file has been compressed by a codec like MP3 or RealAudio, it is smaller and easier to transmit across the Web, and, in most cases, still sounds fairly true to the original

CPU (Central Processing Unit) - core of any modern computing system. Often referred to as the "brain" of a computer

Cross Platform - ability to run on many different computing architectures. An example of a cross platform program would be the Mozilla web browser, which can run natively on Windows, Mac OS, and many versions of UNIX (including Linux)

CVV (Card Verification Value) - a 3 or 4 digit code that is printed on a credit card and nowhere else, not even on the card member's statement. The number is not raised so it imprints on a credit card slip, nor is it stored in the mag strip. It is a security method used to verify that the cardholder actually has the physical card. The CVV is transmitted during card authorization to the card issuer

Directory Traversal Vulnerability - a flaw in a web application or module that allows an attacker access to executable or other files through the use of directory dot and slash commands. Under most operating systems the current folder can be referred to as a "./" (dot slash), and the parent folder is "../" (dot dot slash). A vulnerable web server system is one that accepts a command or address line with these commands to get to other files or folders. For example, a web page accessed by "http://www.mydomain.com/index.htm" but is physically on a computer as "D:\html\index.htm". In the D:\ folder (root) there is a file runme.exe. An attacker exploiting the DT vulnerability could run the file by sending a URL "../runme.exe"

DLL (Dynamic Link Library) - an executable program or code that is associated with another program or the operating system. Programmers use DLL's to provide additional functionality that can be loaded on demand, rather than all at once when an application runs

DMZ (Demilitarized Zone) - special area of the local network that is outside the security zone, including the firewall

Download - To copy a file (for example, a program or MP3 file) from a server to a machine, a.k.a. the client

EULA (End User License Agreement) - the legalese you have to agree to when you install pretty much any software. While boring to some, it is a good idea to read the EULA. Some Adware include disclaimers in the EULA to legally add monitoring to your system, since you must agree to it for installation.

Emacs (Editor Macros) - popular text editor released by the GNU project

encoder - Software that turns uncompressed WAV (Windows) or AIFF files into compressed files, using a CODEC such as MP3 or RealAudio.

Event handler - code within a script or program that is responsible for doing something when an "event", such as a keystroke, mouse click, or page change happens. It is the key to interactivity on web pages and in programs, but is often used to execute malicious code

Gecko - popular cross-platform web rendering engine. Thus, Gecko is a piece of software the draws web pages on the screen. Originally created for the Mozilla series of web browsers, Gecko has gone on to be used in many other related browser applications

GIMP (GNU Image Manipulation Program) - a popular software package that is used in creating and manipulating images. The GTK+ toolkit that was a core piece of the GIMP was used as a core technology for the GNOME project

GNOME (GNU Network Object Model Environment) - an advanced desktop environment and developer platform for UNIX operating systems. GNOME is especially popular on the Linux platform. The project was founded by Miguel de Icaza as a response to licensing concerns relating to another free desktop platform, KDE

GNU - a project started by Richard Stallman that's primary purpose was to create a free clone of the UNIX operating system. GNU represents the belief that proprietary software is wrong and that all software should be free (as in free speech)

GPL (GNU General Public License) - a Free Software license that forces users to make the source code for their programs freely available to anyone who wants it. Derivative works are also affected by the terms of this license. This makes it impossible to make proprietary closed-source versions of GPL'ed programs

GRE - Gecko Runtime Environment

GTK+ - Gimp Toolkit - Originally the toolkit used to develop the GIMP. GTK+ became the main API for GNOME. The original version (GTK1) was used as the core technology for the GNOME 1.x series of desktops. GTK2 was developed in 2002 and forms the basis for the GNOME 2.x series of desktops

GUI (Graphical User Interface) - system that allows humans to interface with computers using a mouse. Users are able to launch applications and control the operation of the computer by manipulating graphical objects on the screen such as icons, windows, and menus

Hosting service - a company employed to run software on their computers for clients. The most common example is a web hosting service, which runs web sites for companies and individuals.

HTTPS - the secure, encrypted version of HTTP, the transport protocol on the Internet for web pages. When you see the address of the web page begin with "https://" instead of "http://" you know that the transfer of data is encrypted and that the site has a certificate that you can examine that identifies who they are

Icon - small picture used to represent a file, a program, or another element

iFrame (inline frame) - an HTML construct that allows a web programmer to insert content (images, JavaScript, text) into a web page from another source. It is often used to provide live content, such as weather updates. It is also used to exploit cross-domain scripting vulnerabilities in browsers to run malicious code or web sites

IM (Instant Message) - real-time method of sending messages back and forth between people on the Internet. Many different providers have created incompatible IM protocols, which has limited interoperability to some extent. Popular examples include AIM and MSN Messenger

Ident Server - listens on a TCP/IP port and attempts to gather information on the systems connecting to that port

IRC (Internet Relay Chat) - an open Internet chat protocol not tied to any specific provider

KDE (K Desktop Environment) - a popular alternative to GNOME on UNIX platforms. KDE predates GNOME, but had some licensing controversy early in its existence. KDE is free and open source today, and is similar in capabilities to GNOME in many respects. KDE is known more for its configurability and solid technology than for its usability

LAND attack - a network attack against a host wherein a TCP packet is sent with the SYN flag set and the source and destination IP address and port both belong to destination machine.

Linux - popular open-source descendant of the UNIX operating system consisting of a kernel developed collaboratively world-wide, and other bits of powerful free software. The kernel was begun in 1991 by a Finnish student by the name of Linus Torvalds (the kernel bears his name)

Localhost - alias for the IP address 127.0.0.1. This address and alias refer to the physical local computer you are using. It is not accessible from other systems, as every PC refers to itself as Localhost.

Local Zone - a non-configurable security zone in Internet Explorer. Prior to Windows XP Service Pack 2, the local zone had expanded rights on the presumption that HTML files running locally should be like regular programs the user ran. But attackers focused on vulnerabilities to trick IE into running remote web pages in the local zone in order to expand their attack capabilities. As a result Microsoft "locked down" the local zone in Service Pack 2.

Modal Dialog Box - a window that requires user interaction to continue. An example of a Modal dialog box is the warning message box you get when you set your script permissions in IE to "prompt". You cannot continue with the web page until you click OK

Mozilla - an open source, cross-platform web application framework. Mozilla consists of many web applications based on technologies such as XUL and Gecko. Mozilla develops web browsers, email clients, a bug tracking system, and other applications using these technologies

Nigerian Scam - the name of a type of scam in which the perpetrator attempts to con a victim into giving access to their bank account, lending or putting up a security deposit to the scammers

Open Source - software where the underlying source code is freely available to be examined or modified by anyone

PDF (Portable Document Format) - Originally developed by Adobe, PDF's are cross-platform documents that are popular on the Internet

Perimeter - where a network connects to the outside. In most cases, this is the point where the local area network meets the Internet. This is a critical point for security functions, and a focus for the security industry

PIF (Program Information File) - a file that contains information on how to run a specific program in Windows, and is essentially a shortcut to an executable. They are typically used to describe how a DOS program is to be run under Windows, such as the amount of memory required, as well as path and executable name. When you double click on one Windows executes it or what it points to

PNG (Portable Network Graphics) - a type of bit-mapped graphic file; designed to be the next generation of graphics to replace GIF as a result of patent claims against the GIF format

Port Scanning - a technique used by malicious programs and attackers to find open ports and services. The attacker sends a message to each port and evaluates the reply. Since there are up to 65,535 possible port numbers, attackers often only test commonly used ports, such as FTP (20/21), Telnet (23), or HTTP (80). A full port scan is analogous to dialing every phone number in a specific exchange to see who's home

QT - an API, based on C++, and developed by a Norwegian company called Trolltech. QT is the core toolkit of the KDE environment

Redhat Linux - a popular enterprise Linux vendor. They use GNOME as a core technology for their version of Linux

.REG file - Windows Registry format file. The file can contain one or more registry keys and values and is often used to apply patches to a system or application. The file can be added or imported to the Windows Registry from the File or Registry menu in Regedit

Registry Flag Value - numeric value, usually set in Hex (for example 0004h), but interpreted by the operating system in binary (00000100b) that is used to configure states, features and behaviors

Root - user in most UNIX-based or derived operating systems, such as Linux or Mac OS X, is a special user account which has full rights to all aspects of the system. It is considered bad practice, from a security standpoint, to use the computer when logged in as root except when absolutely necessary. Users who are members of the admin group enjoy some administrative privileges, but not as many as root. Since UNIX is case-sensitive in most things, the name root is lower-case

Shell - software environment in an operating system that accepts and executes commands. An example is the Windows command prompt you get when you click on Start/Run and type CMD.EXE or COMMAND.EXE (depending on version of Windows)

SMTP AUTH - the standard that defines authentication for outbound e-mail servers; when you configure your mail client, if your ISP requires that you enter a user name and password for the outgoing mail server, you are configuring SMTP AUTH; this standard impedes a number of current threats, including spam bots that use the ISP outgoing mail server

SUDO (Supervisor Do) - a free and widely-distributed program for UNIX and variants of it that allows an administrator to grant certain users the right to execute certain programs with the privileges of a different user, including the root user

SVG (Scalable Vector Graphics) - a graphics format that allows for scalable images that do not become distorted or pixelated when their size is altered, even to fantastic sizes

Theme - collection of colors, icons and widgets that give the desktop a distinct look

Toolkit - see API

UNIX - powerful multi-user, multi-tasking operating system originally developed on the DEC PDP-11 by Ken Thompson and Dennis Ritchie. UNIX has since been ported to many architectures as it has evolved over the years. UNIX was the precursor to many popular operating systems today such as Linux, BSD, and Mac OS X

Wallpaper - background image used to decorate a computer desktop

Web bugs - Tiny images used on websites and HTML email to confirm receipt or viewing of a page. When a user views a page with a web bug, their browser normally tries to open all images on the page. They often link back to different sites or domains than the page, and can identify the viewer through the header and coded information

Widget - a graphical component such as a window or a text box. These are often packed together in widget toolkits. Programmers use widgets to build graphical user interfaces (GUIs)

Wildcard DNS Record - a DNS (Domain Name Services) entry that redirects all unassigned or unrecognized domain requests to a specific IP address and is often used to accept sub-domains. A domain record that has *.mydomain.com will accept any sub-domain such as "thisIs.mydomain.com", "not.mydomain.com" or "our.mydomain.com"

X-Windows - graphical system developed for the UNIX operating system at MIT. X-Windows is a powerful and flexible graphical system that allows for a graphical user interface (GUI) to run locally or over a network