ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaub_5.4.0.1/rzaubterms.htm

79 lines
4.8 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Terminology" />
<meta name="abstract" content="This topic defines intrusion detection terms." />
<meta name="description" content="This topic defines intrusion detection terms." />
<meta name="DC.Relation" scheme="URI" content="rzaubkickoff.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaubterms" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Terminology</title>
</head>
<body id="rzaubterms"><a name="rzaubterms"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Terminology</h1>
<div><p>This topic defines intrusion detection terms.</p>
<div class="section"><dl><dt class="dlterm">denial-of-service (DOS) attack</dt>
<dd>In computer security, an assault on a network that brings down one or
more hosts on a network such that the host is unable to perform its functions
properly. Network service is interrupted for some period.</dd>
<dt class="dlterm">Internet Control Message Protocol (ICMP)</dt>
<dd>An Internet protocol that is used by a gateway to communicate with a source
host, for example, to report an error in a datagram.</dd>
<dt class="dlterm">ICMP scan</dt>
<dd>An attack that tries to use ICMP to overload the system. This is typically
a denial-of-service attack.</dd>
<dt class="dlterm">intrusion detection</dt>
<dd>A broad term encompassing the detection of many undesirable
activities. The objective of an intrusion might be to acquire information
that a person is not authorized to have (information theft). The objective
might be to cause a business harm by rendering a network, system, or application
unusable (denial of service), or it might be to gain unauthorized use of a
system as a means for further intrusions elsewhere. Most intrusions follow
a pattern of information gathering, attempted access, and then destructive
attacks. Some attacks can be detected and neutralized by the target system.
Other attacks cannot be effectively neutralized by the target system. Most
of the attacks also make use of "spoofed" packets, which are not easily traceable
to their true origin. Many attacks now make use of unwitting accomplices,
which are machines or networks that are used without authorization to hide
the identity of the attacker. For these reasons, detecting information gathering,
access attempts, and attack behaviors are vital parts of intrusion detection.</dd>
<dt class="dlterm">port scan</dt>
<dd>An attack that attempts to connect to unused ports looking for a way to
break into the system.</dd>
<dt class="dlterm">Quality of Service (QoS)</dt>
<dd>Any operation that allows traffic priorities to be designated. Through
QoS, different traffic throughout a network can be classified and administered.</dd>
<dt class="dlterm">traffic regulation (TR)</dt>
<dd>Used for intrusion detection policies that specify the data/connection
rate thresholds.</dd>
<dt class="dlterm">User Datagram Protocol (UDP)</dt>
<dd>An Internet protocol that provides unreliable, connectionless datagram
service. It enables an application program on one machine or process to send
a datagram to an application program on another machine or process.</dd>
</dl>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaubkickoff.htm" title="Intrusion detection involves gathering information about unauthorized access attempts and attacks coming in over the TCP/IP network. Security administrators can analyze the auditing records that intrusion detection provides to secure the iSeries network from these types of attacks.">Intrusion detection</a></div>
</div>
</div>
</body>
</html>