IDS Terminology
bfbb46927b0b80929eaeb2b2c11deda912d04f3d056e2c44b3ff80973869c203
<HTML><HEAD>
<TITLE>Terminology</TITLE>
</HEAD>
<body text="#000000" bgcolor="#FFFFFF" link="#191970" vlink="#551A8A" alink="#FE0000">
<h1>Terminology</h1>
<br>
<br>
This is a list of some basic terminology you may find me using from
time to time. It short right now, but I'll add more as I get the time.
<BR>
<BR>
<P><A NAME="anklebiter"></A><B>Ankle
Biter </B>- This is a term used to describe relatively new hackers, or
expericenced hackers who <A HREF="#justdontgetit">"Just don't get it."</A>
They are somewhat successful in their hacking exploits simply because most
site security is so pathetic. They are also referred to as <A HREF="#scriptkiddies">Script
Kiddies</A>.
<P><A NAME="bohica"></A><B>BOHICA</B>
- An acronym that is short for: Bend Over Here It Comes Again. This generally
refers to some situation or circumstance that results in your taking it
up the ass. For system security there are a few system daemons that I consider
instant BOHICA material, not because they are any worse than any other
service (well the R-services do just plain suck), but because they tend
to almost always be setup incorrectly or are inherently flawed:
<CENTER>R*-Services (RSH, Rlogin)</CENTER>
<CENTER>Rexd</CENTER>
<CENTER>NFS</CENTER>
<CENTER>TFTP</CENTER>
<CENTER>Finger</CENTER>
<CENTER>NIS</CENTER>
<CENTER>X-Windows</CENTER>
<P><A NAME="bogahica"></A><B>BOGAHICA</B>
- From the root <A HREF="#BOHICA">BOHICA</A>, this is an acronym that is
short for: Bend Over, Grab Ankles, Here It Comes Again. This his a saved
for that heightened sense of knowing you are about to get screwed really
badly. This word can be used interchangably with BOHICA, but proper form
is to save it for the more serious situations.
<P><A NAME="justdontgetit"></A><B>"Just
Don't Get It."</B> - A favorite term of mine that a friend of mine often
used to describe people who, well, Just Don't Get It. This can apply to
any number/types of people you run across in everyday life. For computer
security professionals though, this is a hacker who repeatedly tries and
fails to hack your network or, after having been discovered and kicked
off, makes repeated attempts to gain re-entry and risk getting caught.
<P>An example of a person who "Just Don't Get It" is a system I set up
once to lure hackers into trying out their <A HREF="http://www.psionic.com/papers/attacks">IMAP</A>
exploits so I could see what they were doing. After having gotten the information
I needed I put up a simple banner that would display "THIS PORT IS A TRIPWIRE.
YOU ARE BEING WATCHED -- GO AWAY" anytime someone connected to the port.
Much to my chagrin, I still had several people <B>repeatedly</B> try their
exploits against the host and have them fail. They finally got the clue
when I shut off the service altogether, but it wasn't for a lack of trying
on my part I assure you.
<P><A NAME="scriptkiddies"></A><B>Script
Kiddies</B> - Hackers who run code and exploits that other people have
written to gain access to hosts. They are often beginners and don't even
know what the exploit does or what protocol flaws are being attacked. They
are closely related to <A HREF="#anklebiter">ankle biters</A>.
<P>
<br>
<br>
<br>
<br>
<br>
<!-- standard disclaimer -->
<CENTER>
<HR width="50%" size=1><B><I><NOBR><FONT SIZE=-1>All Material <A HREF="http://www.psionic.com/misc/disclaim">Copyright</A>
©1996-99 Craig H. Rowland and Psionic Software Systems</FONT></NOBR></I></B></CENTER>
<CENTER><NOBR><FONT SIZE=-1><A HREF="http://www.psionic.com/misc/contact">Contact
Me</A>
<br>
Site last updated: 1999/03/24</FONT></NOBR></CENTER>
</BODY>
</BODY>
</HTML>