●Password crack
A “password crack” is the process of engaging in analysis to discover a
user name and password, which a cracker requires in order to use a computer for an unauthorized purpose. One form of password cracking is a
“dictionary attack” that involves analysis in combination with a file (dictionary file), which comprises a large list of descriptions of candidate user
names and passwords. Another form of password cracking is a “brute
force attack,” which involves analysis in combination with a program that
generates random character strings.
●Stepping stone
A “stepping stone” refers to the use of computer with weak security as a
cloaked base for a cracker to attack a target system.
●Buffer overflow attack
A “buffer overflow attack” is an intentional attempt by a cracker to overflow the buffer on a computer by executing unauthorized processes. The
attack is executed by sending data that exceeds the memory capacity (buffer) secured by a program operating on a computer.
Reference
DoS
Abbreviation for “Denial-of-Service.”
Reference
File exchange software
“File exchange software ” refers to software that enables the exchange of files
between computers on a network.
When a file is published on a computer
that has been installed with file exchange software, users on other computers can download that file. Careless
use of file exchange software can lead
to a serious breach of information leakage.
Reference
Security hole
A “security hole” refers to a security vulnerability in software.
283
●DoS attack
A “DoS (Denial-of-Service) attack” is an attempt to disable the functions
of a server by overloading the server. In general, this method involves
sending a large amount of packets that exceed the processing capacity of
the server. A “distributed denial-of-service (DDoS)” attack is an attack
that uses multiple computers to execute DoS attacks at the same time. The
network congestion created by the attack can render the entire server unusable to general users.
●E-mail bomb
An “e-mail bomb” attack is an attempt to disable the functions of a mail
server by sending a large amount of e-mail to overload a server. It is a type
of DoS attack that is used to harass a specific user.
●Phishing
“Phishing” is the act of sending e-mail as if it were from an actual corporation or organization to obtain the personal credit information of the recipient such as credit card numbers, IDs, and passwords.
●Cross-site scripting
“Cross-site scripting” is a type of security hole vulnerability in software.
The vulnerability can be exploited to steal personal information or destroy
files on a computer when a user views a malicious website containing embedded code. The damage occurs when the website is posted to a bulletin
board or online forum.