Glossary of SpyWare and Virus Terms

Jargon is a set of words used by a certain industy, field, group or subculture, that is not readily understood by the general public. The AntiVirus/AntiSpyware field has a broad vocabulary that needs to be defined so that most of us can understand it. Contains definitions and explainations for 60 terms.

Virus and Spyware Terminology


 Active File Monitoring

    A feature of most Antivirus programs where all files are scanned for viruses in real time as they are created, opened or closed. This feature also scans programs before the are executed. Also known as Background Scanning. Back to top


     Back to top


     Back to top


     Back to top


    Basic Input/Output System XXXXXXXXXXXXXXXXXXXX Back to top


    An opening that programmers sometimes build into a program to allow them to update the program, fix bugs or monitor problems or usage. Backdoors can create serious security issues depending on the capabilities of the backdoor and if they are discovered and exploited by malicious people. Back to top

 Background Scanning

    See: Active File Monitoring Back to top

 Boot Sector

     Back to top

 Boot Sector Virus

     Back to top

 CAT 5

    Category 5 network cable. Used for LAN networks; consists of 4 twisted pairs of wires and can be shielded or not. Back to top


     Back to top

 Command Line Switch

    Options that are specified on the command line when executing a command-line program. Back to top


    Demilitarized Zone. Usually referrs to a server on a LAN that is exempt from the firewall rules for the LAN. Back to top

 Denial of Service

    (DoS) Also known as a Distributed Denial of Service (DDoS) attack. This is an attack on a computer, server, website or network, where large amounts of data are sent to the computer under attack in an effort to diluge or saturate the network, using all bandwidth, in order to "shut it down" or in other words, make it inaccessible to anyone else. The name Denial of Service comes from the fact that if this attack is successful, legitimate users will get a "denial of service". The data that is used to attack a server usually comes in the form of TCP/IP or UDP packets, sent from hundreds of remotely-controlled computers, often through the use of a trojanBack to top

 Domain Name

    Simply put a domain name is the name you can type into your browser's address bar to go to a website. A domain name consists of the extention (also known as the top level domain or TLD). Extentions can be .com .org .net .info .biz .name or the TLD's of the various countries .uk .us .ca .mx .tv .es .de and many more. A domain name consists of letters, numbers or a dash (-) followed by a dot and then one of the aforementioned TLDs. Examples: google.com ebay.de yahoo.com Back to top

 Drive-by Download

     Back to top


     Back to top


    A computer or device that acts as a "gateway" for all packets (information) going in and out of the network. Used to restrict certain activities and block access. A firewall works by inspecting the packets and blocking/allowing connections to certain ports. A very useful tool to prevent virus/spyware infections. A firewall can also be a piece of software installed on an individual computer that controls ingoing and outgoing access between the computer and network. See: Stateful Packet Inspection Back to top


    Hard Disk Drive. A semi-permanent storage location where data is magnetically stored on circular disks. On many Windows computers this is the "C:\" drive. Back to top


    Connects several computers to each other and (optionally) to a larger network and manages all data packets sent between them. Often used in an Ethernet LANSee: RouterBack to top

 IP Address

    Internet Protocol address. A number used to identify each network device on the network (computer, server, printer, firewall). It consists of four numbers separated by a dot (period, full stop). Each number is an integer between 0 and 254. Example: Back to top


    Refers to the sum total of all the networked computers together. Back to top


    Programming language developed by Sun MicroSystems. See also: Java Applet Back to top

 Java Applet

     Back to top


    Client-side scripting language developed by Netscape Communications Corp. and copied by Microsoft, whose version is called JScript. Used in webpages to do things on a webpage inside the browser, without contacting the webserver. Back to top

 Junk Mail

    See: Spam Back to top


    Local Area Network. A network of computers in a physically limited area such as a office building, university or home. See also: WAN, Internet Back to top

 Memory Resident

     Back to top


     Back to top


    Two or more computers or network devices interconnected by a wired or wireless connection. See also: Internet, LAN, WANBack to top

 Network device

    Computers or devices connected to a network, usually with a distinct IP Address. For example: Computers, Servers, Hubs, Switches, Firewalls and Print ServersBack to top


    In terms of the network, a router, hub, switch, computer, firewall or other network device through which data packets travel and are redirected to their subsequent destination. Back to top


    Operating System. A "program" that runs on a computer, providing an environment for other programs to run harmoniously and providing access to the disk drives, processor and input/output devices. Back to top


     Back to top


    A method used to attempt to trick people into giving away their username/password combination for an e-commerce site. Usually a forged "notice" from an online company requesting the user to "confirm", "activate" or "update" their account by going to a page, logging in and doing something. The only problem is that the page is on some rouge server and does not belong to the legitimate company. If you get communication from a legitimate company, for example paypal or ebay, and you follow links in the email, always make sure you are actually at the site you think you are at by looking at the address bar and seeing if the domain is actually ebay.com or paypal.com. See also: Domain names Back to top


     Back to top


    Ping is a program designed by XXXXXX XXXXXX to test network connections. It has been ported to most OSs and is called from the command line in the form of ping ip_address. There are also many command line switches available. Some people assert that "ping" stands for Packet Internet Grouper, but the author named it after the sound emitted from a sonar unit. Back to top


    port Back to top

 Print Server

    A computer or device connected to the network that routes print jobs to the printers. Can also be integrated into the printer, so that you just plug the printer into the network. Back to top


     Back to top


    Windows Registry. XXXXXXXXXXXXXXXX A special location in the Windows OS where the OS and other programs store configuration/startup information. Back to top


    A network device that routes packets on to the destination computer. You can also think of it as a device that "connects" computers. This is also a generic term that can refer to a hub, switch, or firewallBack to top


    A computer on the network that waits for other computers to connect and request/send information. These can be mail servers, print servers, web servers, database servers among others. Back to top


    Unwanted email. Spam is usually unsolicited commercial email promoting products and services, some of which are legitimate. Never click on any links in spam email, even "unsubscribe" links, as this will only notify the spammer that they have a live eamil address. Back to top


    Spyware is a computer program that gets installe don your computer and spies on you. It may compromise personal information, such as passwords, or log your surfing habits to show you "pop-up windows" with advertising. Back to top

 Spyware Scan

    Checking all or some of the files, bootsectors and or memory processes on a computer to see if they have been infected by a spyware program. See: SpyWare Back to top

 Stateful Packet Inspection

     Back to top


    Serves the same function as a hub, but instead of sending all packets to all connected computers, it is "smart" and only sends packets on the the computer/device that will actually be the end recipient. Speeds up the network. See also: Switches, Command Line SwitchesBack to top


    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Transport Control Protocol??/Internet Protocol. This is a way of sending data accress a network by breaking it up in packets. The receiving computer then replies which packets did not get through and the originating computer re-sends them. TCP/IP packets get a time to live (TTL) value, which means that as they make their way across the network, each node (or computer) they go through reduces their TTL by one. When the TTL is used up, and the packet didn't reach its destination, it dies and is no longer propagated. This prevents the network from becoming clogged with stranded/old data packets. Back to top


    Top Level Domain. See: Domain namesBack to top


    XXXXXXXXXXXXXX Time to Live. This is how long a TCP/IP or UDP data packet will continue to be sent accross the network before it dies. Counted in the number of nodes it crosses in its journey. Back to top


    (Trojan horse) A program that, when installed on a computer allows a remote person/computer to control the zombie computer to either directly attack the computer/data it stores or to atack other computers via the network (internet). One such way of attacking other computers is via a Denial of Service attack (DoS), sending spam email or directly breaking into another computer. In the last case, the zombie computer is used to "cover their tracks" and to attempt to hide where the attack truly came from. Back to top


    XXXXXXXXXXXXXXXXXXXSomething datagram packet Back to top


    Virtual Private Network(ing). Back to top


     Back to top

 Virus Definition

    See: Virus Signatures Back to top

 Virus Scan

    Checking all or some of the files, bootsectors and or memory processes on a computer to see if they have been infected by a virus. See: Virus Back to top

 Virus Signature

     Back to top


    Wide Area Network. A private network of computers, such as those of a company or university, that are not physically located near each other. See also: LAN, Internet  Back to top


    Referrs to a computer that is clandestinely controlled by someone else without the knowledge of the computer's owner. The term comes from the fact that the "zombie" does the will of its "controller". See also: Trojan Back to top