The dictionary is hosted at Git Hub, where you can make additions and corrections; please submit pull requests for updates.
AV, Antivirus: a program that runs on your computer, to detect and block malicious programs from running. AV is one piece of the security puzzle and does a good job of blocking common, older malware. It often relies on a signature, or detecting a specific pattern in the suspect program though, and malware authors have gotten very good at creating malware that changes itself like a chameleon to avoid detection. AV is not foolproof, but even so it is a good place to start, because it does catch and delete the mountain of older malware.
Bot/Botnet: a botnet is a "robot network," in which your computer is controlled by a criminal to do his or her bidding. Botnets can include thousands, or in a few cases millions, of computers, usually without the knowledge of the owner. The controller, or "bot herder," can use this army of bots to send spam mail, conduct DDoS (Distributed Denial of Service) attacks to shut down legitimate web sites, or search for yet more unprotected computers to take over. Once a bot herder has assembled a large botnet, in many cases he will rent it out for other criminals to carry out their own illicit activity.
CNP, Card Not Present: a type of purchase transaction where the payment card is not physically presented to the merchant, nor swiped / tapped at a point of sale device. Generally indicates an online transaction where a card number is provided. Since the card is not present, and generally the purchaser and merchant are not face to face, CNP transactions are somewhat more likely to be fraud than are in-person transactions.
DoS, DDoS, Distributed Denial of Service: a denial of service (DoS) attack is any activity intended to disrupt the normal behavior of a computer or network. A distributed DoS is simply the same thing carried out with the use of a large number of attacking systems - commonly through a botnet. A million bots trying to download information from a website simultaneously may well exceed the capacity of that website, so legitimate customers are unable to access the site.
DNS, Domain Name Service: you recognize websites by a human-friendly name such as www.google.com. Computers recognize websites by a network address such as 192.168.0.1. DNS is like a phone book, translating names into addresses.
Encryption: scrambling a message such that only someone with the right key can unscramble and read it. The math behind encryption is a science known as cryptography, and generally falls into two categories: symmetric or "shared-key," and asymmetric. With symmetric encryption, the same key is used to encrypt and to decrypt. This is very fast, but requires a secure way to give that shared key to anyone that needs to use it. With asymmetric cryptography, some really smart people figured out some mathematical algorithms where you could use one number to encrypt your information, but had to use a different number to decrypt it. Imagine a mailbox with two keys - one key locks the mailbox, but a completely different key unlocks it. You could share the first key with anyone in the world. They could put private mail into your mailbox and lock it, knowing that only with your second key could you open the mailbox. As long as you protect your private key, no one but you can get at that mail.
Firewall: a network device that controls traffic in or out of a network. Most wireless routers contain a basic firewall meant to allow your computers to communicate out, but stop attackers from reaching in. Modern Windows PCs have a similar function built into the operating system. More sophisticated firewalls can look inside the traffic and recognize or block patterns that indicate something unusual on the network.
Hacker, Hacking: one of the most maligned and misused terms in security. The original (and to many, myself included, "real") meaning of hacking is to take something and make it do what I want, rather than necessarily what the creator intended. That culture has nothing to do with malicious use of computers - it is the culture that lead to automotive performance shops, or the motorcycle customization industry glamorized by West Coast Choppers for two examples. A hacker could be known less controversially as a Maker, or a tinkerer, or a modder - or an engineer. Hacking in its purest form is perfectly legitimate. Where it becomes illegal is when I stop tinkering with things I own, and begin tinkering with something you own, without your permission. A hacker, as far as I’m concerned, is someone who is highly interested in a subject (usually technology) and pushes the boundaries of their chosen field.
Honeypot, Honeynet: one way researchers discover new attack techniques (as well as discover who is attacking them) is to set up a system or network that has no functional purpose except to attract malicious hackers, much like honey attracts flies. Since the honeypot has no real purpose, no one has a legitimate reason to log into it, thus any attempt to access it is suspicious and worth looking into.
Identity Theft: stealing personal information for the purpose of impersonating someone. In general identity theft falls into two broad categories: Unauthorized use of an existing relationship or account (for instance, credit card fraud, email compromise, or exploiting a Facebook or Twitter account); and unauthorized use of personal information to establish a new relationship or account (for instance, opening new credit accounts, tax return fraud, or medical identity theft)
IDS, Intrusion Detection System: similar to a firewall, an IDS looks at network traffic to identify unusual patterns. More to the point, an IDS looks for traffic that indicates an intruder, or unauthorized use of your devices. An IDS detects the intruder, while an IPS (Intrusion Prevention System) can actively prevent the attack by stopping the traffic.
Kali Linux: a Unix-based operating system build that includes many programs useful to hackers and security testers. It is the successor to the highly-popular Backtrack Unix.
Malware: malicious or undesired programs that infect your computer. Malware generally make your computer do something you do not want it to do. Common types of malware include viruses, worms, and trojans.
Multifactor Authentication: a password by itself can be stolen, giving an attacker access to your account. Multifactor authentication adds a second criteria to the login process. Generally, this second factor is possession of a physical item - a keyring-sized code generator, or a specific computer or smartphone. With multifactor authentication, a criminal must steal or have access to both the password and that physical device. This makes it significantly harder (but not impossible) for an attacker to gain unauthorized access to your banking, email, or social media accounts.
NAS, Network Attached Storage: a hard drive on a computer is a handy place to store information, and most computer operating systems have a way to share that information with others on the network. A NAS simplifies things by connecting directly to the network instead of requiring a computer. It is essentially a hard drive with a place to plug in a network cable.
NTP, Network Time Protocol: NTP can be envisioned as the timekeeper of the Internet. It is a definition (or "protocol") for how computers share the correct time with one another, as well as the name of a program that does the same. It's the reason you don't have to set the clock on your computer.
Password: the cause of more cursing than any other security topic. A string of letters and numbers that you can never remember, keeping you out of your email and social media accounts. Commonly-chosen passwords include password and 123456. Crooks know this, and so try these first.
Password Manager: a solution to forgotten passwords, password managers remember your usernames and passwords for every website you use. Most will also create strong passwords for you, and automatically enter them when you need to log in. Some will also give you a notice if a password has been stolen, so you know to change the password.
Pen Test, Penetration Test: an attempt to gain access to an organization or a network without going through the normally expected method. For example, entering through a back door to avoid being questioned by a security guard. When done with permission, this is a valid way to test the security of an organization; when done without permission, it may stray into illegal hacking.
Phishing: an attempt to trick you into giving away valuable information, often by pretending to be a legitimate website and getting you to "log in." Common phishing attacks send a generic message to thousands of people, hoping a few will respond. More elaborate "Spear Phishing" makes an effort to appeal to you specifically, possibly by addressing you by name, learning what bank you use, and imitating that specific bank.
Pi: a mathematical value - the ratio of a circle's circumference to its diameter. But that's not the definition you were interested in. See Raspberry Pi :-)
Raspberry Pi: a minimal computer about the size of a deck of playing cards. Designed for do-it-yourself projects; it's size and tiny power requirement make it ideal for security projects.
Router: in a basic home network, the router is something like the "brain" of the network, listening to network traffic and deciding where it should go. The router knows the IP address of each device in your network, and sends each device only the traffic that it needs to receive. Many routers also serve as DHCP servers, in which case they give each device the address and settings information it needs to participate in the network. Routers differ from switches in that they operate at the network layer, using IP addresses such as 192.168.0.1. Imagine you are sending mail to a college dorm - "123 University Street" would be the IP address (which the router handles), while "room 123" would be the MAC address, which the switch handles. The room number means nothing unless you are already at the right building; likewise the MAC address is meaningless unless you are already within the right local network. To further confuse things, most routers will also serve the function of a switch - routers talk to one another to get traffic onto the right local network, then the switch delivers the message to the right physical device within that network.
Samba: server software for sharing files on a network. Samba allows Unix or Linux computers to share folders in a way that looks identical to Windows file shares.
Sandbox, Sandnet: much like a child's sandbox is a safe place to play where nothing is permanent, a researcher's sandbox is a safe place to play with potentially malicious or risky software without fear of damaging the rest of the network.
Snort: open-source network intrusion detection software for looking at and acting upon network traffic. Whereas a firewall is designed to allow or block specific traffic, an IDS can interpret patterns and give an administrator or owner notification of unusual or suspicious behavior whether or not it is blocked.
Social Engineering: sometimes described as "hacking the human," social engineering takes advantage of the fact that people are often the weakest part of a security model. If a person can be tricked into allowing the attacker to do something, then the technology protections don't matter. It is in some ways the psychology of security.
Spam: unsolicited, and often undesired, email, often either trying to sell something, or delivering malware or phishing scams in the hope that you will click and become infected or give away private information.
Switch: a switch is similar to a router in that it directs traffic within a network, however it operates at a lower level - the "datalink" layer. Devices on your network have a physical (or MAC) address that looks something like AA:BB:CC:DD:EE:FF:00. Imagine you are sending mail to a college dorm - "123 University Street" would be the IP address (which the router handles), while "room 123" would be the MAC address, which the switch handles. The room number means nothing unless you are already at the right building; likewise the MAC address is meaningless unless you are already within the right local network.
Trojan, Trojan Horse: extra programs you may not want, that come along with or are disguised as a program you thought you wanted. For instance, if you install Java, the Java installer also offers to install Yahoo! Toolbar. Trojans may be merely a nuisance (like the aforementioned Yahoo! Toolbar), or they may be truly malicious (a password stealer, for example). Buying or installing software from trusted sources (such as the official app stores) is a fairly effective way to avoid malicious Trojans. Downloading "free" versions of expensive software from the Internet is a good way to acquire a malicious Trojan. A Trojan is different from a virus or worm in that it does not try to spread; you infect your own computer, but that is it.
Two-factor Authentication: a password by itself can be stolen, giving an attacker access to your account. Two factory (or multifactor) authentication adds a second criteria to the login process. Generally, this second factor is possession of a physical item - a keyring-sized code generator, or a specific computer or smartphone. With multifactor authentication, a criminal must steal or have access to both the password and that physical device. This makes it significantly harder (but not impossible) for an attacker to gain unauthorized access to your banking, email, or social media accounts.
Virus: malicious software that attaches itself to another file or program. The defining characteristic of a virus is that it cannot run without your help: clicking on a malicious link, or opening a malicious email attachment, for example. A virus is different from a Trojan in that once you open the malicious file and become infected yourself, the virus tries to spread, possibly by attaching itself to other files on your computer and shared drives.
VM, Virtual Machine: a computer system running within another computer system. With a VM, one can run a virtual Windows system on a Mac, or vice versa; one can also run multiple virtual computers without needing a room full of computer hardware. For researchers, VMs are a valuable way to run specific operating systems and software combinations for testing, and are often used to sandbox potentially malicious or risky programs under test.
Vulnerability: a flaw or mistake (often called a "software bug") that can be used to gain unauthorized or unplanned access to a system. In physical terms, an unlocked window beside a solidly-locked front door is a vulnerability, but no damage is done unless a burglar finds it and uses it to enter the house. Likewise a software vulnerability something that could be used, but only if it is discovered and if an adversary picks your computer or network to target.
Worm: similar to a virus, but a worm has the ability to spread without your help: it will actively look for other vulnerable computers, which it will attack and attempt to infect on its own. A classic example is the "Code Red" worm of 2001, which attacked a flaw in Microsoft Windows to infect over 350,000 Internet-connected computers in a matter of hours.