Symantec 10521146 - Network Security 7120 Administration Manual page 360

360 Glossary
SOCKS
software
source-route attack
SPI (Security Parameter
Index)
spoofing
spyware
SSH (Secure Shell)
SSL (Secure Sockets
Layer)
StandardUser
state
stateful
STOP (Stack Overflow
Protection)
sub-cluster
A security package that allows a host behind a firewall to use finger, FTP, telnet, Gopher,
and Mosaic to access resources outside the firewall while maintaining the security
requirements.
The instructions for the computer to perform a particular task. A series of instructions
that performs a particular task is called a program. Software instructs the hardware of the
computer how to handle data in order to perform a specific task.
A form of spoofing in which the routing, as indicated in the source routed packet, is not
coming from a trusted source and therefore the packet is being routed illicitly.
An Authentication Header (AH) SPI number between 1 and 65535 that you assign to each
tunnel endpoint when using AH in a VPN policy.
The act of establishing a connection with a forged sender address. This normally involves
exploiting a trust relationship that exists between source and destination addresses or
systems.
Stand-alone programs that can secretly monitor system activity and detect passwords and
other confidential information and relay the information back to another computer.
A program that allows a user to log on to another computer securely over a network by
using encryption. SSH prevents third parties from intercepting or otherwise gaining
access to information sent over the network.
A protocol that allows mutual authentication between a client and server and the
establishment of an authenticated and encrypted connection, thus ensuring the secure
transmission of information over the Internet.
An individual with an account that is configured to perform a specific set of tasks, such as
view reports, receive alerts, and add or delete objects. This group and the respective set of
permissions is predefined, and cannot be modified.
The last known status, or current status of an application or a process.
Of, or pertaining to, a computer or computer program that is designed to note and
remember one or more preceding events in a given sequence of interactions with a user,
another computer or program, a device, or other outside element. Stateful means that the
computer or program keeps track of the state of interaction, usually by setting values in a
storage field designated for that purpose. Stateless does not.
A simple and transparent protection approach that renders stack or buffer overflow
attacks unsuccessful. Stack or buffer overflow attacks continue to be a favorite technique
used by hackers to break into servers. STOP reallocates the location of the system stack
(the area to which the attacker is trying to have the data overflow). This is like reshuffling
the cards in a deck, making it very difficult for the attacker to predict the location for the
overflow data.
See group.