|
|
 |
Note |
For information about an error message rather than a definition of a particular word or phrase, search the NIS or NPF Knowledge Base for the error message that you see. Searching on a portion of the error message is more likely to find a document on the problem than searching on the entire text of the error message. |
-
- Active content
Material on a Web page that changes with time or in response to user action, such as a weather map or a stock ticker. Active content is implemented through ActiveX controls, VB Scripts, Java scripts, and Java applets in the HTML code that defines the page. |
-
- ActiveX Controls
Programs that are designed to run over the Internet. Because ActiveX controls don't run in a restricted environment (unlike Java applets), they have the potential to take control of your computer. Malicious hackers can use this capability to steal or destroy your data or system software. |
-
- Address mask
A technique that is used to select bits from an Internet address for subnet addressing. Masks are often used to help identify a range of addresses. |
-
- Adware
Adware programs gather information from your computer for marketing purposes. The information is used to decide, for instance, which advertisements to display when you are on a specific Web site or which advertisements to download to your computer for display on your desktop.
- In most cases, Adware programs are installed to your computer as part of the installation of another program. Though you chose to install the other program, you may not be aware that adware was also installed.
See also spyware. There is not a clear definition of the differences between adware and spyware. For more information, click here. |
-
- ALE = Application Lookup Engine
NIS and NPF use their Application Lookup Engine to consult their list of commonly used programs for information on how those programs access the Internet. NIS and NPF use the information to create Internet Access Control rules (firewall rules) for an application. NIS and NPF make frequent additions to the program list, and update your copy of the list when you run LiveUpdate. |
-
- Alert
In NIS and NPF, an alert is a message that you see on your screen that tells you about a potential security problem. The alert or the type of alert tells you which type of security problem it found. For more information, consult your NIS or NPF user manuals, or see the following documents in the knowledge base:
-
- Internet Access Control alerts: Click here.
- Security alerts: Click here.
- Alerts that are listed in the Alert Tracker: Click here.
|
-
- Attack
An attack on your computer is an attempt by a hacker to damage the files on your computer, copy information from your computer without your consent, use your computer to damage another computer or computer service, or to perform other actions on your computer without your consent.
- Typically, attacks occur by means of a virus, Trojan Horse, worm, or other intrusion. For information on these specific types of attacks, see the definitions for the words virus, Trojan Horse, worm, or IDS.
- Some common attacks include Denial of Service attacks caused by worms or Trojan horses, and viruses using your list of email addresses to send themselves to other computers.
|
-
- Banner ad
An advertising graphic that appears across the top of a Web page and usually contains a link to the advertiser's Web site. |
-
- Block
To prevent information or communications from being sent. For instance, a specific firewall rule in NIS may prevent a Trojan horse from an Internet web site from being saved to your computer's hard drive. In this instance, NIS has blocked the Trojan. |
-
- Cache
A location on your hard disk in which data is stored for reuse. A Web browser cache stores Web pages and files (such as graphics) as you view them. Web pages that you frequently visit or have already seen appear more quickly because the browser opens them from your hard disk instead of downloading them from the Web. |
-
- Closed port
A port that is blocked by a firewall. If a computer receives incoming communication on a closed port, it responds to the sender by refusing the connection. See also port, open port, port scan, and stealth port. |
-
- Computer attack
See Attack. |
-
- Confidential information
NIS uses the term "confidential information" to refer to personal information that you add to the Confidential Info window in the Privacy Control feature. Confidential information typically includes your name, address, telephone number, credit card information, bank account number, personal identification number, social security number, and similar personal information.
- Confidential information is typically sent over the Internet in the following ways:
-
- When you fill out a form that includes such information.
- When you use an instant messenger program such as Yahoo or Microsoft Instant Messenger and include confidential information in a message. Click here to know more about NIS or NPF support to Instant messenger.
- When you permit a Web page to keep your confidential information. Usually, when you check an option such as "Remember this information so that I do not have to type it the next time I visit this page," the Web page places a cookie on your hard disk. The cookie includes the information that you told that page to save. The next time you access that Web page, the page retrieves the information from the cookie that is on your hard disk.
- When you communicate with other methods such as email, other chat programs, new readers, and so on.
- In unusual circumstances, other programs such as a Trojan horse may try to obtain confidential information from your hard drive.
- The Privacy Control feature allows you to specify which confidential information you want NIS to protect. To protect confidential information means to prevent that information from being sent over the Internet.
- NIS only protects confidential information that is sent by HTTP (Web) protocol. It does not block data that is sent to secure (HTTPS) Web sites or data that is sent through applications that use other protocols (email, chat programs, news readers, and so on).
- For more information, click here.
|
-
- Connection
A method of data exchange that allows transfer of data between two computers. |
-
- Connection attempt
The data transfer that requests the opening of a connection. |
-
- Connection-based protocol
A protocol, such as TCP, that requires a connection before information is transmitted. |
-
- Connectionless protocol
A protocol, such as UDP, that sends a transmission to a destination address on a network without establishing a connection. |
-
- Cookie
Cookies are small files that Web sites store on your computer. A Web site may place a cookie on your computer in order to store information about your visits to that Web site. The Web server reads the cookie when you revisit the site. Cookies often store information such as the following:
-
- Your personal information and preferences. This saves you time on your next visit to that Web site, because the Web server can obtain your information from the cookie rather than requiring you to retype the information.
- A list of items that you place in your "shopping cart" at an online store. When you are ready to "check out" of the store and purchase the items, the cookie lists these items for your convenience.
- When you visited a Web site and which pages you viewed. The Web server can use this information to tailor advertisements so that they are more relevant to your needs.
- Some Web servers use cookies to send information to other Web servers, such as advertisement servers. This is one way of sending "referred" information to other servers.
- Some Web servers can read cookies that were placed on your computer by a different Web server.
|
-
- Cracker
(From "safecracker.") A person who attempts unauthorized access of other people's computers for the purpose of obtaining information on those computers or to do damage to those computers. |
-
- Data packet
See the definition for Packet. |
-
- DDoS (Distributed Denial of Service) attack
See the definition for Denial of Service (DoS). |
-
- Default Rules
These firewall rules that are predefined and enabled when you install Norton Internet Security. These rules provide basic network functionality as well as protect you from known Internet risks. The default firewall rules appear in the system-wide settings and in Trojan horse settings. |
-
- Denial of Service (DoS) attack
A Denial of Service (DoS) attack occurs when an excessively large number of communications are purposely sent to a computer to overload that computer's ability to handle them.
When the computer is overloaded, it may slow down to the point at which it appears to stop responding, and programs running in memory may become corrupt. After the attack has stopped, restarting the computer removes corrupt programs from memory, and reloads programs such as NIS from the non-corrupted files on the hard disk.
- Typical targets of DoS attacks are servers that handle large amounts of network or Internet traffic, though any computer that has an Internet or network connection may be attacked.
-
- If a Web server is attacked, users who want to view Web pages on that server may be unable to do so during the attack. Users may see messages that the server is not available, that a specific Web page cannot be found, or other messages indicating that they cannot access that Web server. Note that though such messages can be caused by a DoS attack, they are typically caused by problems other than a DoS attack.
- If a network server is attacked, other computers that want to access files, programs, or shared printers on that server may be unable to do so during the attack.
- If a home computer is attacked, the computer typically responds very slowly to input and may appear to stop responding. Other users who want to access shared files, folders, or printers on that computer may be unable to do so during the attack. In some cases, memory may become corrupt. After the attack has stopped, restarting the computer removes the corruption from memory. Though restarting the computer during the attack also removes the corruption from memory, corruption may recur until the attack stops.
- DoS attacks typically do not damage the files that are on the target computer, but the interruption in service can be costly to companies that rely on the target computer to serve customers or for other business operations. Generally, once an attack has stopped, functionality is restored by restarting the computer.
Because DoS attacks often take advantage of security holes in operating systems or network protocols, applying the latest updates to your operating system may prevent some types of DoS attacks or reduce their effectiveness.
A simple DoS attack originates from a single computer. That is, all the communications that overload the target computer are sent from one computer. A more complicated type of DoS attack, called a Distributed Denial of Service (DDoS) attack, originates from many computers. Computer hackers typically use other people's computers to conduct a DDoS attack without the knowledge or permission of the computer's owner. A computer that is used in this way is sometimes called a zombie or a drone.
To use another person's computer for a DDoS attack, a computer hacker typically copies a file to that computer's hard disk, to be used at a later time when the hacker starts the DDoS attack. The file is sometimes referred to as a zombie. One of the more common methods for placing a zombie file on a computer's hard disk is by means of a Trojan horse.
NIS and NPF protect your computer from Trojan horses. In addition, popular antivirus programs such as Norton AntiVirus can detect specific zombie files and remove them from your computer. |
-
- DHCP (Dynamic Host Configuration Protocol)
A service that automatically assigns a temporary IP address to each device on a network. |
-
- Distributed Denial of Service (DDoS)
See the definition for Denial of Service (DoS). |
-
- DNS (Domain Name System)
A hierarchical naming system that correlates domain names (such as www.symantec.com) with IP addresses (such as 206.204.212.71). |
-
- DNS Server
A computer that keeps a database of domain names and their corresponding IP addresses. When a computer sends a domain name to a DNS server, the server returns the IP address for that domain. |
-
- Domain
On the Internet, the common address for a single company or organization (such as symantec.com), which might have multiple hosts (such as www.symantec.com, securityresponse.symantec.com, and ftp.symantec.com). |
-
- Domain Name
Locates an organization or other entity on the Internet. For example, the domain name "www.symantec.com" locates an Internet address for a domain name where "symantec.com" is the domain and the particular host server is "www." Together, www.symantec.com constitutes a fully qualified domain name. |
-
- DoS Attack
See the definition for Denial of Service (DoS). Not to be confused with MS-DOS, Microsoft's legacy Disk Operating System. |
-
- Drone
See the definition for Zombie. |
-
- Echo
To transmit each character that a computer receives back to the source immediately, serving as a confirmation of receipt. TCP and UDP use port 7 for echo. |
-
- Email (Electronic mail)
A method of exchanging messages and files with other people via computer networks. A popular protocol for sending email is SMTP (Simple Mail Transfer Protocol). Popular protocols for receiving email are POP3 (Post Office Protocol 3) and IMAP4 (Internet Message Access Protocol 4). Web-based email services send and receive email using standard protocols, but then use HTTP (HyperText Transfer Protocol) for delivering email to the recipient, by displaying the email as a Web page. |
-
- File and Printer Sharing for Microsoft Networks:
A service that allows sharing of files and printers through a network connection. File and Printer Sharing for Microsoft Networks uses UDP ports 137 and 138, and TCP port 139. If you block TCP port 139, no shared resources are allowed. |
-
- Filter
A program or process that intercepts information, processes it, and then sends it to its intended destination. During processing, the filter identifies information that meets a set of previously specified criteria, and prevents that information from being sent. Filters are typically used when blocking inappropriate content from a Web site. |
-
- Finger
A command in some operating systems that requests network user account information. |
-
- Firewall
A security system that uses rules to block or allow connections and data transmissions between your computer and the Internet. |
-
- Firewall rule
A set of parameters that specifies a type of data packet or network communication and an action to perform (permit it or block it) when it is found. |
-
- Fragment or IP fragment
An IP packet that has been split into two or more parts, or fragments. When the size of an IP packet exceeds the maximum frame size of a network that it crosses, the packet must be divided into smaller packets, or fragments. |
-
- FTP (File Transfer Protocol)
A standard protocol for copying files to and from remote computers over TCP/IP networks, such as the Internet. FTP uses ports 20 and 21. FTP is commonly used to download programs and other files to your computer from other servers. It is also used to upload Web page files to your own Web site. |
-
- Hacker
A person who attempts unauthorized access of other people's computers for the purpose of obtaining information on those computers or to do damage to those computers. |
-
- Host Name
The name that identifies a computer on a network. For example, www.Symantec.com is the host name for the Symantec Web site. Host names are translated to IP addresses by the DNS. |
-
- HTML (HyperText Markup Language)
A standard language for documents on the World Wide Web. Codes inserted in a text file instruct the Web browser on how to display a Web page's words and images for the user, and defines hypertext links between documents. |
-
- HTTP (HyperText Transfer Protocol)
A set of rules for requesting pages from a Web server and transmitting pages (including text, graphic images, sound, video, and other multimedia files) to the requesting Web browser. HTTP is the most widely used application protocol on the World Wide Web. HTTP uses TCP port 80. |
-
- HTTPS (HyperText Transfer Protocol Secure)
A variation of HTTP that uses encryption to transmit data securely. HTTPS uses TCP port 443. |
-
- ICMP (Internet Control Message Protocol)
A protocol used on the Internet to report errors, give limited routing advice, and provide simple low-level services over TCP/IP networks. Some IP troubleshooting tools, such as ping and traceroute, use ICMP. |
-
- Identification
A service that provides user information to another system, also known as IDENT, Authentication, or AUTH. Some email servers, news servers, and IRC servers use this service to verify your identity before allowing access. Identification uses TCP port 113. |
-
- IDS (Intrusion Detection System)
Intrusion Detection System, a feature included in some Symantec products, detects attempts that are made to access your computer without your knowledge through your Internet connection or network. These attempts typically take advantage of security vulnerabilities in the computer's software such as the operating system or Internet browser. |
-
- IDS signature
An IDS signature is a string of text that is found in communications that attempt to gain access to your computer, typically through your Internet connection or network. IDS uses these signatures to identify connection attempts that could be threats.
IDS signatures are not the same as virus definitions. Virus definitions are strings of text that are included in files that include computer viruses. IDS signatures are strings of text that are included in packets. |
-
- IDS update
An IDS update is a list of IDS signatures that are used by Symantec programs that include the IDS feature. Because computer hackers continue to create ways of accessing your computer without your consent, the number of IDS signatures continues to grow. Regular updates to the list of signatures is required to keep your computer protected. |
-
- IGMP (Internet Group Membership Protocol)
A protocol used to establish memberships in multicast groups. |
-
- Implicit block rule
When a communication over a network or over the Internet is not specifically described by an existing firewall rule, NIS and NPF use an implicit block rule that blocks the communication unless you specify whether to permit or disallow the communication, or to create a rule for that communication. That is, if the communication is not specifically permitted by an existing firewall rule and does not trigger a NIS of NPF alert, then NIS or NPF blocks the communication. |
-
- Inbound communication
An attempt by an external computer to open a connection to your computer. The connection can be used to send data to and from your computer. |
-
- Inbound packet
A data packet arriving from a remote computer or network. |
-
- Incoming connection
A connection established by a remote computer to your computer. |
-
- Internet
A collection of networks and gateways (including ARPANET and NSFnet) that use the TCP/IP protocol suite and function as a single cooperative virtual network. |
-
- Intranet
A network within an organization that uses TCP/IP protocols and other Internet technology. It may include many interlinked local area networks and also use leased lines in a wide area network. The purpose of an intranet is to share company information and computing resources among employees. |
-
- IP (Internet Protocol)
IP is a set of standards, called a protocol, that defines one aspect of how information is sent over the Internet and over many types of networks. When a computer uses IP, information that is sent over the Internet or a network is divided into pieces called packets, and each packet is sent separately. IP, or the Internet Protocol, handles the part of the packet that includes the IP addresses of the local computer and the remote computer or Web page. |
-
- IP Address (Internet Protocol Address)
This term usually refers to a computer address that uniquely identifies a computer on a network or on the Internet. The IP address usually refers to the address of your computer, a server computer on your network, or a different computer that is on the Internet.
IP addresses for computers on the internet, such as a Web page for a company, do not change often. IP addresses for computers on a network might change daily or more often.
The IP address is a 32-bit number that is assigned to computers (typically to host computers, or workstations) that use TCP/IP. The address for a host must be unique on the network. IP addresses are usually expressed as four decimal numbers, each ranging from 0 to 255, separated by periods. For example, 206.204.52.71.
Note that a computer on the Internet can be referred to either by an IP address or by an address that uses recognizable words such as www.symantec.com. |
-
- IP fragment
See the definition for "fragment." |
-
- ISP (Internet Service Provider)
An Internet Service Provider is a company that provides its customers with access to the Internet. The ISP can be local or national. Often, the ISP also provides the IP address for your computer, or a range of IP addresses for a company's many computers. |
-
- Java Applet
A small program that runs in a restricted environment (sometimes referred to as a sandbox) that is managed by your browser. Most Java applets are used to add multimedia effects, interactivity, or other functionality to a Web page, but they can be used for malicious purposes, such as password stealing. |
-
- JavaScript
JavaScript is a computer language that is used in writing Web pages. JavaScript code is often included in Web pages to add interactivity and other functionality. |
-
- Local
A term that refers to your computer, as opposed to a remote computer. |
-
- Log
A list of events related to network activity. |
-
- Modem
Device that modulates (converts to analog) and demodulates (converts from analog) digital data for transmission over a telephone line. Also includes interface devices for digital connections to the Internet, such as ISDN, cable, and DSL. |
-
- Name resolution
The process of mapping (matching) a domain name to a corresponding IP address. |
-
- NAT (Network Address Translation)
A method of converting IP addresses used on an intranet or local area network into Internet IP addresses. This lets many computers share an Internet IP address. More importantly, it hides the IP addresses of network computers from outsiders. The Internet Connection Sharing (ICS) feature included with recent versions of Windows uses NAT. |
-
- NetBIOS (Network Basic Input Output System)
An interface specification for local area networks that is used with the Client for Microsoft Networks and other LAN operating systems. Application programs use NetBIOS for client/server or peer-to-peer communications in support of file and print shares. This protocol can be carried over TCP and UDP. |
-
- NetBEUI (NetBIOS Extended User Interface)
The implementation of the NetBIOS transport protocol available with the Client for Microsoft Networks. A network protocol that lets computers communicate within a local area network. |
-
- Network address
The portion of an IP address that is common to all computers on a particular network or subnet. |
-
- Nonlistening server port
A port that does not have a service (server program) bound to it. When a service is started, it binds to a designated port number, which it then uses for network communication. |
-
- NNTP (Network News Transfer Protocol)
A protocol used by news servers and newsreaders for managing the messages posted on Usenet newsgroups. NNTP uses port 119. |
-
- NTP (Network Time Protocol)
A protocol used for services that supply the time. NTP uses port 123. |
|
Shopping
PRINT THIS SOLUTION
RATE THIS SOLUTION