Wednesday, Dec 12th

Last update06:08:55 PM GMT

You are here: Glossary

Glossary of Computer Forensics Terms

Search for glossary terms (regular expression allowed)
Begins with Contains Exact term
All A B C D E F G H I J K L M N O P Q R S T U V W
Term Definition
Packet

A packet is a bundle of data that is routed between an origin and a destination on the Internet. When information such as files, e-mail messages, HTML documents, web pages, etc. are sent from one place to another on the Internet, TCP/IP divides the information into chunks of an efficient size for routing. Each of these packets includes the Internet address of the A packet is a bundle of data that is routed between an origin and a destination on the Internet. When information such as files, e-mail messages, HTML documents, web pages, etc. are sent from one place to another on the Internet, TCP/IP divides the information into chunks of an efficient size for routing. Each of these packets includes the Internet address of the

Packet sniffing

Packet sniffing is a technique in which attackers surreptitiously insert a software program at remote network switches or host computers. The program monitors information packets as they are sent through networks and sends a copy of the information retrieved to the hacker. By picking up the first 125 keystrokes of a connection, attackers can learn passwords and user identifications, which, in turn, they can use to break into systems. Packet sniffing is also used by Network Administrators for troubleshooting issues such as "slow" network connections.

Partition table

The partition table describes the first four partitions, their location on the disk, and which partition is bootable. This is indicated by a single byte in the partition table. In fact, the entire logical layout of the disk is determined by 64 bytes of information. It is quite easy to hide or change information or even entire volumes from DOS by changing a single byte in the partition table.

Password cracking

Password cracking is a technique used to surreptitiously gain system access by using another user’s account. Users often select weak password. The two major sources of weakness in passwords are easily guessed passwords based on knowledge of the user e.g. (wife's maiden name) and passwords that are susceptible to dictionary attacks (brute-force guessing of passwords using a dictionary as the source of guesses).

Path

A location of a file. The path consists of directory or folder names, beginning with the highest-level directory or disk name and ending with the lowest-level directory name. A path can identify a drive (e.g. C), a folder (e.g. C\Temp), or a file (e.g., C\Windows \ftp.exe).

PCMCIA

Personal Computer Memory Card International Association

Peer-to-Peer

A method of networking that allows every computer on the network to share its resources with all other users. This method makes good use of available hardware in exchange for data security.

Pen-drive

A storage medium.

Penetration testing

The attempt to discern the level of security that is protecting a system or network. Such testing includes trying to evade security measures using the same tools and tech¬niques that a potential attacker might use. Penetration testing may be used by a company to identify and correct security weaknesses.

Physical address

The actual sector in which a file is located.

Physical file size

The physical size of a file is the amount of space that the file occupies on the disk. A file or folder always occupies a whole number of clusters, even if it does not completely fill that space. A file always takes at least one cluster, even if it is empty. Therefore, even if a file has a logical size of only five bytes, its physical size is one cluster.

Pixel

A small dot used to create images.

PnP (Plug-and-Play)

A hardware and software specification developed by Intel that allows a PnP system and a PnP adapter to configure automatically. PnP cards generally have no switches or jumpers, but are configured via the PnP system’s BIOS or with supplied software for non-PnP computers.

Point-to-Point Protocol

PPP is a protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server.

POST

Power On Self Test. Each time a PC initializes, the BIOS executes a series of tests collectively known as the POST. The test checks each of the primary areas of the system, including the motherboard, video system, drive system, and keyboard, and ensures that all components can be used safely. If a fault is detected, the POST reports it as an audible series of beeps or a hexadecimal code written to an I/O port

Private key

In encryption, the key held by the owner of the file.

Promiscuous mode

When an Ethernet interface reads all information regardless of its destination. This is the opposite of normal mode, when the interface reads packets destined for itself only.

Proxy

A software agent that acts on behalf of a user. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.

Proxy server

In an enterprise that uses the Internet, this server acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. A proxy server can improve performance by supplying frequently requested data, such as a popular web page, and can filter and discard requests that the owner does not consider appropriate, such as requests for unauthorised access to proprietary files.

All A B C D E F G H I J K L M N O P Q R S T U V W