S/MIME: Secure/Multipurpose Internet Mail Extensions, S/MIME provides a standard way to send and receive secure electronic mail. Based on the popular Internet MIME standard (RFC 1521), S/MIME provides authentication, message integrity, privacy and non-repudiation of origin of electronic messages, using digital signatures and encryption.

Satan: Security administrator's tools for analyzing networks. A TCP/IP port scanner that checks remote hosts for common misconfiguration problems and security vulnerabilities.

Self-Extracting Files: A file which, when run, decompresses part of itself into one or more new files. It is common to store and transmit groups of files in a self-extracting file to conserve both disk space and transmission time. If infected files are compressed into a self-extracting file, anti-virus programs that only scan files will not necessarily be able to detect the virus. To scan such files, you must first extract and then scan their constituent files.

Self-Garbling Viruses: Some viruses attempt to hide from virus scanning programs by keeping most of their code garbled in some way, and changing the garbling each time they spread. When such a virus runs, a small header degarbles the body of the virus and then branches to it.

Server: The control computer on a local area network that controls software access to workstations, printers and other parts of the network.

Server-based Computing: An innovative, server-based approach to delivering business-critical applications to end-user devices, whereby an application's logic executes on the server and only the user interface is transmitted across a network to the client. Its benefits include single-point management, universal application access, bandwidth-independent performance, and improved security for business applications.

Server Certificate: A digital document attesting to the binding of a given server to a given company or organization.

Server Farm: A group of servers that are linked together as a 'single system image' to provide centralized administration and horizontal scaleability.

Session Shadowing: A feature of Citrix WinFrame and MetaFrame that allows administrators and technical support staff to remotely join or take control of a user's session for diagnosis, support and training.

SET: Short for Secure Electronic Transaction, a new standard that enables secure credit card transactions on the Internet. SET has been endorsed by virtually all the major players in the electronic commerce arena, including Microsoft, Netscape, Visa, and Mastercard. By employing digital signatures, SET will enable merchants to verify that buyers are who they claim to be. And it will protect buyers by providing a mechanism for their credit card number to be transferred directly to the credit card issuer for verification and billing without the merchant being able to see the number.

Scalability: The ability to expand a computing solution to support large numbers of users without impacting performance.

Screened Host Gateway: A host on a network behind a screening router. The degree to which a screened host may be accessed depends on the screening rules in the router.

Screened Subnet: An isolated subnet created behind a screening router to protect the private network. The degree to which the subnet may be accessed depends on the screening rules in the router.

Screening Router: A router configured to permit or deny traffic using filtering techniques; based on a set of permission rules installed by the administrator. A component of many firewalls usually used to block traffic between the network and specific hosts on an IP port level. Not very secure; used when "speed" is the only decision criteria.

Signature: A search pattern, often a simple string of bytes, that is expected to be found in every instance of a particular virus. Usually, different viruses have different signatures.

Stealth Viruses: Some viruses attempt to hide from detection programs by hiding their presence in boot records or files. When such viruses are run, they install a resident extension. This resident extension intercepts various disk accesses, determines if its own code is part of the disk access, and removes the code before giving the data to the calling program. The result is that the virus can be in several places on the disk, but normal reads of the disk will not reveal it.

System Boot Records: Each logical PC-DOS or OS/2 drive (e.g. C:, D:, etc.) has a system boot record associated with it. The system boot record contains code that tells the system about that logical drive and tables that contain an index to the files on it.

Single-Point Control: Helps reduce the total cost of application ownership by enabling applications and data to be deployed, managed and supported at the server. Single-point control enables application installations, updates and additions to be made once, on the server, which are then instantly available to users anywhere.

Smart Card: A credit-card-sized device with embedded microelectronics circuitry for storing information about an individual. This is not a key or token, as used in the remote access authentication process.

S/MIME: Secure Multipurpose Internet Mail Extension. The new standard for security enhancement of e-mail is S/MIME. The advantage (as opposed to PEM and MailTrusT) lies in its ability to transport complete mails with attachments in one security package.

Smurfing: A denial of service attack in which an attacker spoofs the source address of an echo-request ICMP (ping) packet to the broadcast address for a network, causing the machines in the network to respond en masse to the victim thereby clogging its network

Sniffer: A sniffer is a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently. A sniffer can also be used illegitimately to capture data being transmitted on a network. A network router reads every packet of data passed to it, determining whether it is intended for a destination within the router's own network or whether it should be passed further along the Internet. A router with a sniffer, however, may be able to read the data in the packet as well as the source and destination addresses.

Socket: This is the endpoint in a connection. Sockets are created and used with a set of programming requests or "function calls" sometimes called the sockets application programming interface (API). The most common sockets API is the Berkeley UNIX C language interface for sockets. Sockets can also be used for communication between processes within the same computer.

Social Engineering: An attack based on deceiving users or administrators at the target site. Social engineering attacks are typically carried out by telephoning users or operators and pretending to be an authorized user, to attempt to gain illicit access to systems.

Spoof: 1) To deceive for the purpose of gaining access to someone else's resources (for example, to fake an Internet address so that one looks like a certain kind of Internet user) 2) To simulate a communications protocol by a program that is interjected into a normal sequence of processes for the purpose of adding some useful function.

SSL: This protocol is designed to create a secure connection to the server. SSL uses public key encryption, one of the strongest encryption methods around, to protect data as it travels over the Internet. SSL was created by Netscape.

Spam: To crash a program by overrunning a fixed-site buffer with excessively large input data. Also, to cause a person or a newsgroup to be flooded with irrelevant or inappropriate messages.

State Full Evaluation: Methodology using mixture of proxy or filtering technology intermittently depending upon perceived threat [and/or need for "speed"].

Stealth Mode: A protective setting that hides a port so that it isn't visible over the Internet. A port that has been put into stealth mode will give no reply to a port scan, thereby providing no evidence that a computer exists at the scanned IP address.

Stream Oriented Encryption: Encryption methods where the key is expanded to the length of the data to be transmitted.

Strong Authentication: Authentication is the verification of the identity of a person or process. In a communication system, authentication verifies that messages really come from their stated source, like the signature on a (paper) letter. Strong authentication uses a combination of items belonging to two out of the three following categories: Personal knowledge: something the authorized user knows (password, PIN) Personal objects: something that belongs to the authorized user (token, card, key) Personal characteristics: something uniquely characterizing the authorized user (physical characteristics e.g. voice, length of fingers…)

Symmetric Cryptography: Cryptography based on the sender and the receiver knowing and using the same secret key. The sender uses it to encrypt the message, the receiver uses the same secret key to decrypt the message. The main problem is that the sender and the receiver have to agree on the secret key without anyone else finding out. Mostly asymmetric cryptography is used to solve this problem.

SYN Flood attack: A SYN Flood attack is when the client does not response to the SYN-ACK, tying up the service until the service times out, and continues to send SYN packets. The source address of the client is forged to a non-existent host, and as long as the SYN packets are sent faster than the timeout rate of the TCP stack waiting for the time out, the resources of the service will be tied up.

Sysop: A sysop is the person who runs a computer server. The term is used mainly in the world of bulletin board services (BBSs) . In general, a sysop or system operator is one who runs the day-to-day operation of a server and the term suggests a person who is available when the system is. A related term is administrator. In larger computer systems, the administrator manages security and user access while a system operator monitors and performs routine operations at the computer. In smaller computer systems (for example, UNIX systems), the administrator and the system operator tend to be the same person.