Packet Sniffer: A device or program that monitors the data traveling between computers on a network.

Password: A secret code assigned to a user. Also known by the computer system. Knowledge of the password associated with the user ID is considered proof of authorization. (See One-Time Password.)

Password Sniffing: The use of a sniffer to capture passwords as they pass across a network. The network could be a local area network, or the Internet itself. The sniffer could be hardware or software. A favorite method for installing a password sniffer onto a local area network would be through the use of a Trojan Horse.

PDC: Primary Domain Controller: The principal NT server containing user account information in a domain.

PEM: Privacy Enhanced Mail. Format for the digital signing of texts and the sending of certificates. Additionally, encryption can be carried out. The format is framed in such a way that it can be sent regardless of the transport path and the e-mail applications. PEM documents are suited for local verification of signatures and privacy because they keep their security enhancements after being received. Thus PEM serves well for document security in general. (See also 'MailTrusT')

Performance: A major factor in determining the overall productivity of a system, performance is primarily tied to availability, throughput and response time.

Perimeter-based Security: The technique of securing a network by controlling access to all entry and exit points of the network.

PGP: Pretty Good Privacy. Developed 1991 by Phil Zimmermann. PKI based on mutual trust between the participants; used mainly by individuals in the non-commercial sector.

Piggyback Attack: The gaining of unauthorized access to a system via an another user's legitimate connection.

PIN: In computer security, a personal identification number used during the authentication process. Known only to the user. (See 'Challenge/Response', 'Two-Factor Authentication')

Ping: Packet Internet Groper is a basic Internet program that lets you verify that a particular Internet (IP) address exists and can accept requests. The verb ping means the act of using the ping utility or command. Ping is used diagnostically to ensure that a user's PC is properly connected to the Internet. If, for example, a user can't ping a host, then the user will be unable to use a browser or any other TCP/IP application with that host. Ping can also be used to learn the number form of the IP address from the symbolic domain name.

Ping of Death: The Ping of Death is a denial-of-service attack that crashes servers by sending invalid IP ping packets.

PKCS: Public Key Cryptography System, Public Key Cryptography Standards. Collection of standards for the exchange of information via the Internet.

Policy: Organizational-level rules governing acceptable use of computing resources, security practices, and operational procedures.

Port: An electronic connection that allows data to travel between a client PC and a server on the network.

Port Scan: Data sent by the cracker over the Internet to locate a PC or network and determine whether it has open ports that will accept a connection.

Private Key: In encryption, one key (or password) is used to both lock and unlock data. Compare with 'public key'.

Privacy: Privacy of data means that only persons who are entitled to, can read the data. The transport protocols usually used in networks cannot prevent unauthorized persons to read data undetected. Using strong cryptography, however, can guarantee privacy.

Protocols: Agreed-upon methods of communications used by computers.

Prototype Certificate: Certificate containing a signature that has been generated by one's own private key. Only after certification of the prototype certificate by a CA does it become a real certificate.

Proxy: 1) A method of replacing the code for service applications with an improved version that is more security aware. Preferred method is by "service communities", i.e. Oracle, rather than individual applications. Evolved from socket implementations. 2) A software agent that acts on behalf of a user. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.

Public Key: In encryption a two-key system in which the key used to lock data is made public, so everyone can "lock." A second private key is used to unlock or decrypt.

Public Key Infrastructure (PKI) : The set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke certificates based on public key cryptography. A PKI where users are certified by a superior CA enables an authenticated communication, provided that the users have a common point of trust.