Appendix B. Networking Glossary

Appendix B. Networking Glossary

10BASE-2

10Mbps networking using a smaller, more flexible coaxial cable (RG-58) than 10BASE-5. Devices on the network connect to the cable using BNC connectors. Also known as thinnet.

10BASE-5

10Mbps networking using a coaxial cable (RG-8 or RG-11) larger than one used by 10BASE-2. To attach a network drop to connect a device to the coaxial cable, the cable is tapped by punching a hole through the cable (a procedure often referred to as a vampire tap). Also known as thicknet.

10BASE-T

10Mbps networking using CAT 3 or CAT 5 twisted-pair wiring and RJ-45 connectors. A wiring concentrator such as a hub or switch is used to connect devices on the LAN.

100BASE-T

100Mbps networking using CAT 5 or 5e twisted-pair wiring and RJ-45 connectors. Also known as Fast Ethernet. A wiring concentrator such as a hub or switch is used to connect devices on the LAN.

1000BASE-T

1000Mbps networking using CAT 5, 5e or 6 twisted-pair wiring and RJ-45 connectors. Also known as Gigabit Ethernet. A switch is used to connect devices on the LAN.

10Gigabit Ethernet

Ethernet operating at 10 billion bits per second. Defined by IEEE 802.3a.

Accelerated Graphics Port (AGP)

A PCI-based port that enables you to connect a graphics card that supports advanced features.

Access Point (AP)

See Wireless Access Point .

Active Directory

An LDAP-based directory and directory service that contains information such as user accounts, computer accounts, and links to network resources. The Active Directory is used on Windows networks but can interoperate with some other LDAP directories.

Active monitor

A node on a Token-Ring network that initializes and monitors the traffic on the ring. The active monitor detects error conditions and can reset the state of the ring. There can be only one active monitor on the ring at any point in time. If the active monitor fails, another node in the ring can be promoted to that position.

Ad hoc wireless network

A wireless network that does not use a Wireless Access Point (AP). Instead, each computer that is part of the ad hoc network can establish a connection with others in the network without using an AP or a wired network. See also Wireless Access Point to contrast this with a network that uses an AP. See also infrastructure mode .

Address Resolution Protocol (ARP)

The protocol used to probe a LAN to discover the MAC address of a computer based on an IP address. The arp command can be used for many other purposes, such as viewing and managing the current table of MAC addresses stored in the local ARP cache.

AGP

See Accelerated Graphics Port .

American National Standards Institute (ANSI)

ANSI was founded in 1918 and is the major standards organization for the United States. ANSI is also a member of other standards organizations, such as ISO.

American Standard Code for Information Interchange (ASCII)

An assignment of alphabetic characters (both upper- and lowercase) and certain other symbols (such as punctuation marks) to a numeric format. For many years ASCII was the standard means used to represent text in computer systems. Newer systems expand on this concept to include other languages that use additional symbols/characters, such as Unicode.

American wire gauge (AWG)

The wire gauge is the standard for sizing wires in the U.S. Wire size is based primarily on the current carrying capacity of the wire set by the National Electrical Code. As the wire gauge increases , the physical diameter of the wire decreases.

ANSI

See American National Standards Institute .

APIPA

See Automatic Private IP Addressing .

Arbitrated Loop

A loop topology used by Fibre Channel. Up to 126 nodes can be placed on a single loop, or 127 if the loop connects to a switch. Each device on the loop must contend for access on the loop; thus data transfers can be initiated by only one device at a time.

ARCnet

An older LAN protocol, similar to Token-Ring, limited to 255 nodes. ARCnet is still in use in point-of-sale registers, as well as factory automation applications, where this type of network is sometimes called a field bus. The main benefits of ARCnet are due to its simplicity: Little setup is required, other than assigning an address to each device. ARCnet supports RG-59 and RG-62 coaxial cable, UTP, and fiber- optic cable.

ARP

See Address Resolution Protocol .

ARPANET

The predecessor to the Internet.

ASCII

See American Standard Code for Information Interchange .

Asynchronous Transfer Mode (ATM)

A switched protocol that sets up a dedicated path through the switched network and uses a small fixed packet size (53 bytes), usually referred to as a cell. By limiting the size of the cell to a known size, hardware switches can route ATM cells much faster than protocols that use frames or packets, which can vary in size. See also www.atmforum.com/ .

ATA (AT Attachment)

An IDE disk interface standard introduced in 1989 that defines a compatible register set, a 40-pin connector, and its associated signals. The latest version is ATA/ATAPI-7, which supports transfer rates up to 133MBps, hard disk sizes up to 144.12PB (petabytes). ATA/ATAPI-7 also includes Serial ATA (SATA) specifications, because SATA is based on ATA/ATAPI. See also IDE and SATA .

ATA RAID

An implementation of RAID that uses ATA drives Some recent servers include ATA RAID host adapters on the motherboard, while others use an add-on card. Most ATA RAID implementations support RAID 0 or RAID 1. See also SATA RAID and RAID .

ATM

See Asynchronous Transfer Mode .

Attenuation

The decrease in magnitude of the signal as it travels through any transmitting medium, such as wire or glass. Attenuation is measured as a logarithm of the ratio between the input and output power or between the input and output voltage of the system, expressed in db (decibels).

Audit trail

A mechanism by which an operating system can record user activity. In most cases the administrator of the system needs to set up which actions to record.

Automatic Private IP Addressing (APIPA)

APIPA enables computers to obtain IP addressing automatically when no DHCP server is present on the LAN. The computer that needs to obtain configuration information automatically selects an address from the range 169.254.0.0 through 169.254.255.255 and then broadcasts an ARP packet containing this address. If no other computer responds that the IP address is already in use, the computer will configure itself using that IP address. If the address is in use, another is selected and the process is repeated.

Autosensing

The capability of a network adapter to detect the speed of the network to which it is attached (such as 10Mbps versus 100Mbps). This enables you to use a mobile computer without having to change the bandwidth settings when moving from one network to another. However, some network adapter cards and switch ports that claim to support autosensing may not work well together. The operating system usually allows you to select the mode of operation for a network adapter card. If the autosensing selection doesn't work, specify the correct setting.

AV

Can refer to audio-visual content or anti-virus software, hardware, or services, depending upon the context.

AWG

See American wire gauge .

Backbone Cabling System Structure

Connections between multiple telecommunication rooms, equipment rooms, and entrance facilities.

Backup Window

The time required to perform backups on a computer system, such as servers in a network. This term implies that the system should be used exclusively by the backup program, and that users cannot access the server at the same time. This concept is becoming outdated as many large data centers require a 24/7 uptime. Storage Area Networks (SANs), along with certain RAID techniques, can be used to create backups without interrupting user access. Additionally, a newer technology "snapshot" technique can be used. Using the snapshot technique, users can read data files that are being backed up, but changes are stored separately. After the backup has finished, the changes can be applied to the original data.

Bandwidth

The range (or width) of frequencies used for transmission of a signal on a network media. This is expressed in hertz (Hz) as a difference of frequencies.

Bindery

A server-based database used by NetWare clients to authenticate and access resources on a server. The bindery has been superceded by NDS (or the eDirectory) by most new implementations of NetWare.

Bit Error Rate (BER)

A calculated value as a percentage of bits that have errors when compared to the total number of bits sampled.

Bit Error Rate Tester (BERT)

A diagnostic device that performs a more basic function to determine whether the line is capable of carrying the network signaling at the required bit level with a minimum of errors.

Bluetooth

An inexpensive networking technology (operating in the 2.4GHz radio frequency) designed to connect devices such as keyboards, cellular phones, and computers over short distances.

BOOTP

The Bootstrap Protocol that enables diskless workstations and other network devices to discover their IP address and other configuration information, and download an operating system.

Bridge

A bridge is basically a repeater with a little intelligence. Bridges can store MAC addresses in a table in memory. Because of this, after a bridge has received a transmission from a particular computer, subsequent transmissions intended for that computer do not have to be repeated on all segments connected by the bridge, but only on the physical network segment on which the target computer resides. Using this technique, bridges help to reduce broadcast network traffic and reduce bandwidth usage. Other types of bridges can include such functions as translating different network protocols to allow data transfers between two dissimilar networks.

Bridge Tap

An open circuit on the local telephone loop caused by the removal of service from another site, without removal of the connection to the loop. The "dangling" bridge tap acts as an antenna and can cause problems with digital services, such as xDSL.

Bus

When a bus is applied to networking topologies, a single cable connects multiple computers (or other network-enabled devices). When applied to computer mechanics, a bus is a physical path that joins a computer's CPU, memory, and peripheral devices (such as PCI cards).

Cable modem

Used by cable TV companies to enable part of the bandwidth of their network to be used to provide Internet access to their customers.

CAP

See Carrierless Amplitude Phase modulation .

CardBus

The 32-bit version of PCMCIA (PC-Card) cards. CardBus devices enable features, such as direct memory access and a 32-bit data path, and operate at a greater speed than PCMCIA cards, which are 16-bit devices. CardBus also consumes less power than its predecessor, which is important when it's used in a laptop using battery power. In most cases, CardBus slots are backward compatible with PCMCIA cards, depending on the manufacturer.

Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)

A method used in wireless networks by clients wanting to gain access to the shared bandwidth. A small packet is first transmitted to let other devices on the network know that a packet is about to be transmitted. This technique does not eliminate collisions, and thus produces additional overhead. It is used by older AppleTalk networks, as well as some wireless networks. See also Carrier Sense Multiple Access/Collision Detect .

Carrier Sense Multiple Access/Collision Detect (CSMA/CD)

A method used by early Ethernet devices to contend for access to the network media. Carrier sense means that a node wanting to transmit data first listens to the network media to determine whether another transmission is in progress. Multiple access implies that many computers can try to access the media at any point in time. If two nodes on the media start transmitting at approximately the same time, a collision occurs. Collision detect means that a node is able to detect whether its transmission occurred while another was also being sent. Each node involved in a collision will back off for a pseudorandom interval before listening to the network media and again attempting a transmission.

Carrierless Amplitude Phase (CAP) modulation

A technique used by xDSL lines for transmitting and receiving data. CAP uses a broad frequency spectrum for receiving data, and a smaller frequency range for uploading transmissions. Compare to Discrete MultiTone (DMT), which divides the frequency spectrum into 256 units to make recovery from errors easier.

Channel Service Unit (CSU)

Used in leased lines to provide the basic functions needed to transmit data across the line, such as a keepalive signal, loopback capabilities, and statistical information.

CIDR

See Classless Interdomain Routing .

CIFS

See Common Internet File System , as well as Server Message Block .

Cladding

A material used in fiber-optic cables to reflect light back into the glass or plastic core .

Classless Interdomain Routing (CIDR)

Also known as supernetting (as compared with subnetting). CIDR removes the restrictions for the Internet core routers, as well as for ISPs, by doing away with the traditional class system used for IP addresses. Instead of a traditional subnet address (such as 255.255.0.0), CIDR postfixes a value (such as /18) to specify the number of bits to be used for the network address, with the remainder being used for the host address. Thus a Class A or Class B address, both of which enable a huge number of host computers, can be used to provide for many networks, instead of a single network, and thus help to conserve the limited address space provided for by IPv4.

Client

In computer networks the term client is generally used to refer to a computer that accesses resources on another computer called a server.

Coaxial cables

Cables used by early networks to connect computers. Both thinnet and thicknet cables were common, with these descriptions indicating their diameters. See 10BASE-2 and 10BASE-5 . Note also that cable TV providers still make use of coaxial cables. So if you are using a cable modem, it is very likely that the last mile between you and your cable company travels across this type of cable. Common types of coaxial cable include RG-6 (cable TV and Internet), RG-58 (thinnet), RG-59 (ARCnet) and RG-62 (ARCnet).

Collision domain

A collection of networked devices on a legacy Ethernet network that share a common network media. Each device on the shared media must contend for access to the media; hence, collisions can occur when more than one device attempts a transmission at approximately the same time. Switches have replaced hubs and other devices that propagated this shared network media, so the collision is pretty much a thing of the past for modern Ethernet networks.

Common Internet File System (CIFS)

The file/print server protocol that superseded the Server Message Block (SMB) protocol. Like SMB, CIFS uses TCP/IP as a transport protocol to exchange messages and data with other computers.

Cost

When referring to routers, synonymous with metric or hop.

CRC

See Cyclic redundancy check .

Cross-talk

The electrical signal in a copper wire not only travels down a particular wire, but also radiates out perpendicularly and can interfere with other copper wires in the same cable or bundle. This interference is called cross-talk.

CSMA/CD

See Carrier Sense Multiple Access/Collision Detect .

CSU

See Channel Service Unit .

Cut-through switch

A switch that begins transmitting the incoming frame on the outgoing port after it receives the header information, or about 20 or 30 bytes from the incoming port. The switch needs to determine only which port to output the framethe destination address (hardware address), which is contained in the frame header.

Cyclic redundancy check (CRC)

A value calculated according to a specific mathematical algorithm. The CRC value can be derived from header or payload information in network packets and frames. The receiving end of a network communication can perform the same calculation and compare it to the original value to determine the integrity of the data the CRC covers.

Data Over Cable Service Interface Specification (DOCSIS)

A specification created by CableLabs to assist in standardizing how cable modem service operates. CableLabs also certifies hardware so that DOCSIS-labeled devices can interoperate. See also www.cablemodem.com .

Data Service Unit (DSU)

Used on a leased line for translating between the data encoding used on the line, such as the time-division multiplexed (TDM) DSX frames that are used on a T1 line, and the serial data format used on the local network. DSUs also perform other functions such as error correction. A DSU usually has RS-232C or RS-449 connectors that can be used to connect to data terminal equipment (DTE), which then provides the actual physical connection to the LAN. The CSU and DSU used for leased lines are often combined into a single device today.

DECnet

A set of proprietary network protocols developed by Digital Equipment Corporation, and still available on computers running the OpenVMS operating system.

Demilitarized zone (DMZ)

A section of a network that consists of a firewall that connects it to the Internet, as well as another firewall that is used to protect the internal LAN. Those computers lying between these two firewalls are said to be in the demilitarized zone, and are less protected than those on the internal LAN. This technique is often used to provide access to Web servers (or other similar servers) that require some degree of security, while protecting LAN clients with a further degree of security offered by the second firewall.

Denial-of-service attack

An attack on your computer or network, designed to cripple routers, servers, or other computers by consuming massive resources. When this happens, the affected devices are unable to perform their normal actions.

DFS

See Distributed File System .

DHCP

See Dynamic Host Configuration Protocol .

Dialectic

An insulating material used to help prevent interference between two conductors. Typically a plastic or other nonconducting material that is used to separate cables in a bundle of wires.

Digital subscriber line (DSL)

DSL makes use of frequencies above the 4MHz voice channel on ordinary telephone lines. Standard DSL provides a larger download capacity and a smaller upload capacity. However, this technology is also referred to as xDSL, because many providers offer services that can vary in the upload/download bandwidth. There are also several methods used for signaling on DSL lines, such as CAP (Carrierless Amplitude Phase modulation) and DMT (Discrete MultiTone).

Digital Subscriber Line Access Multiplexer (DSLAM)

A device that concatenates multiple digital lines (such as DSL) and multiplexes the signals across one or more higher bandwidth interfaces, such as ATM or Frame Relay.

Directory

A term used to refer to a collection of files, and possibly other subdirectories that can also hold files and other subdirectories. When used in reference to the Active Directory or another LDAP database, the directory is the database that holds the objects that the directory service manages . On a local or network drive, a directory is sometimes referred to as a folder.

Directory services

A collection of programs that manage a directory database, such as the Active Directory or Novell's eDirectory.

Discrete MultiTone (DMT)

An xDSL technology that divides the frequencies (above the 4MHz voice channel) into 256 channels. Because each channel can be independently monitored , channels that interfere with the transmission of data can be isolated. DMT is the preferred method for DSL technologies. See also Carrierless Amplitude Phase .

Disparity

A term used by Fibre Channel to describe the number of ones or zeros transmitted on the network media. If the transmission over a short period consists of more zeros than ones, it is called negative disparity . If it consists of more ones than zeros, it is called positive disparity . If the number of ones and zeros is approximately the same, it is called neutral disparity .

Distributed Coordination Function (DCF)

Another name for CSMA/CA.

Distributed denial-of-service (DDoS) attack

Similar to a denial-of-service attack, this sort of attack is conducted by more than a single source. For an example, see Trojan horse . This type of attack uses hundreds, if not thousands, of infected computers to launch an attack on a single source at the same time, making it difficult to defeat by simple blocking of IP addresses or ports.

Distributed File System (DFS)

Similar to Sun's NFS, a method that enables Windows computers to share file systems by mounting all or part of a remote computer's file system so that it appears as if the remote files are part of the local file system.

DMT

See Discrete MultiTone .

DMZ

See Demilitarized zone .

DNS

See Domain Name System .

DOCSIS

See Data Over Cable Service Interface Specification .

Domain Name System (DNS)

A hierarchical system for resolving network names and hostnames to IP addresses. DNS is the heart of the Internet for name translations. Each domain contains two (or more) DNS servers, which are authoritative for a particular domain. When resolving a network name, DNS servers query other DNS servers that reside up the hierarchy until the authoritative DNS server is found, or until another DNS server that caches (stores in a short-term table in memory) the name resolution is located. Note the difference between this and a DNS server, which hosts the DNS database.

DSL

See Digital subscriber line .

DSLAM

See Digital Subscriber Line Access Multiplexer .

DSU

See Data Service Unit .

Dynamic DNS

A DNS server that can accept updates dynamically from a client on the network. Older DNS servers required that the network administrator manually enter information for each IP address to network name translation. Dynamic DNS works with DHCP to enable networks that change frequently to maintain updated information. See also Dynamic Host Configuration Protocol .

Dynamic Host Configuration Protocol (DHCP)

A protocol that is used to allow a client computer to obtain addressing, as well as other configuration information, from a central DHCP server. This relieves the network administrator from having to manually configure every client in the network. See also Dynamic DNS , which enables a client that receives configuration from a DHCP server to update the DNS server on-the-fly .

Dynamic packet filter

See Stateful Inspection .

E_Port

An expansion port used to connect a Fibre Channel switch to another Fibre Channel switch.

EBCDIC

See Extended Binary-Coded Decimal Interchange Code .

eDirectory

The name given to an enhanced version of Novell Directory Services (NDS) beginning with NetWare version 6. The eDirectory is also backward compatible with NetWare 5. Many features of the eDirectory can be used by other operating systems, such as Unix and Windows. See also Novell Directory Services .

EISA

See Extended Industry Standard Architecture .

Electromagnetic interference (EMI)

Signal interference between copper cables in a bundle of cables. High-frequency signals traveling through a copper wire tend to flow more rapidly near the outer edge of the cable, and radiate a signal at a 90-degree angle. This is also known as radio frequency interference (RFI).

EMI

See Electromagnetic interference .

Encryption

The process of performing some function on a set of data that attempts to render it in a format that makes it unreadable or unusable by anyone but the intended recipient. See also Single key and Public key encryption .

Ethernet

The most widespread LAN protocol. Ethernet was originally a baseband protocol, based on research by Robert Metcalf. That technology was further refined by Digital Equipment Corporation, Intel, and Xerox (DIX). Today, Ethernet technology has evolved to incorporate other technologies, such as switches, higher bandwidths, and other features that have made it still the main choice for a business, enterprise, and home network. Ethernet is also the current standard protocol for wireless networks.

ExpressCard

ExpressCard is a new standard for portable and desktop computer expansion; it was developed by PCMCIA as an eventual replacement for PC Card and CardBus slots. The design comes in two forms, a 54mm wide card (same width as CardBus and PC Card) and 34mm wide; both card types are 5mm thick. ExpressCard connects to the system chipset via the PCI Express x1 and USB 2.0 buses. For more information, see the ExpressCard website at www.expresscard.org .

Extended Binary-Coded Decimal Interchange Code (EBCDIC)

A method for encoding alphabetic, numeric, and other symbols using 256 binary numbers . EBCDIC was developed for use in IBM's mainframe operating systems. However, PCs developed by IBM use ASCII or Unicode for this purpose today. EBCDIC is usually used today by IBM mainframes, and is not a widely adopted standard for computers today.

Extended Industry Standard Architecture (EISA)

A computer bus created to compete with IBM's proprietary Microchannel bus. EISA operates at 8MHz, like the ISA bus, but it allows for a 32-bit path, enabling more data to be channeled through the bus.

Extensible Markup Language (XML)

A development of HTML that uses special tags to specify the types of data being stored in a document. XML enables new markup symbols to be created as needed. A collection of element types and attribute names used in XML documents are known as an XML namespace. For more information on XML, see the XML Core Working Group Public Page at http://www.w3.org/XML/Core/ .

F_Port

A port on a Fibre Channel switch used to connect to a device.

Fabric

Used to describe a network that is transparent to network nodes that traverse a network composed of many interconnecting devices.

Far-end cross-talk

The transmitting end of a cable pair produces a strong electrical signal. However, because the signal attenuates, or becomes weaker, as it passes through the copper wire (or fiber-optic cable), interference between copper wires at the endpoint can distort the signal, because the signal is usually weaker at the endpoint of a connection. This is why the specifications allow only a very small amount of exposed copper wire when a cable is connected to an actual connector (such as an RJ-45 jack). Otherwise the exposed copper cables, which have been stripped of the protective dialectic insulator, can interfere with each other at the endpoint of the transmission.

Fast Ethernet

See 100BASE-T .

FAT (file allocation table)

A table held near the outer edge of a disk that tells which sectors are allocated to each file and in what order. The maximum size of a logical drive using FAT is 2GB in Windows 9x/Me, MS-DOS, and other operating systems that use allocation unit (cluster) sizes up to 32KB. Windows NT/2000/XP/2003 support 64KB allocation units, permitting a maximum logical drive size of 4GB. Hard disks larger than 2GB or 4GB must be subdivided into logical drives to enable the full capacity of the hard disk to be used.

FAT32

A disk file allocation system from Microsoft that uses 32-bit values for FAT entries instead of the 16-bit values used by the original FAT system, enabling partition sizes up to 2TB (terabytes). Although the entries are 32 bits, 4 bits are reserved, and only 28 bits are used. FAT32 first appeared in Windows 95B and is also supported by Windows 98, Windows Me, Windows 2000, and Windows XP.

FDDI

See Fiber Distributed Data Interface .

FEXT

See Far-end cross-talk .

Fiber Distributed Data Interface (FDDI)

A dual-ring topology that enables network traffic to pass from one node to another. Although this technology is still in use, it has been superseded by newer technologies. One advantage that FDDI offered during its prime is that a problem caused on one of the dual-rings (such as a cable break or a malfunctioning node) could be corrected by the ring-wrap capability built into FDDI. This enabled communications to continue using the other ring, effectively isolating the problem until it could be resolved. FDDI can be used on both single-and multi-mode fiber-optic cabling. Speeds range from 10Mbps to 100Mbps.

Fiber-optic cables

Cables that contain a glass or plastic core surrounded by a material that reflects light back into the core. Fiber-optic cables can be classified into two categories. Single-mode cables contain a small core (9 to 12.5 microns), whereas multi-mode cables have a larger core (usually 50 to 62.6 microns). Single-mode fiber works best over long distances, and multi-mode fiber is generally used for shorter distances.

Fibre Channel

A serial form of communications protocol used today mostly by storage area networks (SANs), among others. Between any two devices, there are two connectionsone to transmit and one to receive data. The two cables are swapped so that the transmitter of one device is connected to the receiver of the other end of the connection. SANs use Fibre Channel to provide (usually over fiber-optic cables) faster access to storage devices, over longer distances, than can be accomplished using the standard SCSI architecture. Fibre Channel is also used by other technologies for data transmissions.

File Transfer Protocol (FTP)

A protocol/utility that enables network devices to send/receive files, as well as obtain a list of files on another device.

Firewall

A combination of technologies designed to protect a network from another network. For example, a firewall can be placed between your network and the Internet, or between departments in your own network. Firewalls use techniques such as packet filtering, stateful inspection, proxies, and content filtering, among others.

FireWire

Described by IEEE 1394, a high-speed serial bus (usually between 100Mbps and 400Mbps) that can connect up to 63 devices to a computer. Like USB, FireWire is hot plug-and-play, enabling you to connect or disconnect devices (such as computer peripherals or consumer devices) without requiring a reboot of the computer.

FL_Port

A port that connects an Arbitrated Loop to a Fibre Channel switch.

Frequency

A measurement of the number of times a periodic action occurs in a measure of time. In terms of alternating current, this is the number of cycles per second and is usually expressed in hertz (Hz).

Frequency Hopping

Transmitting data by rapidly changing the radio frequency on a predetermined basis. Used by some wireless protocols to help avoid interference between devices using the same radio spectrum.

FTP

See File Transfer Protocol .

Full-duplex

Communications between two network nodes that occurs in both directions simultaneously . See also Half-duplex .

GID

A numerical value used by Unix/Linux systems that identifies a user group to which the user account belongs. The file /etc/group contains a listing of user groups and the numbers associated with them. Group membership can be used to make managing access to system resources, such as files and directories, an easier task, because access can be granted to the group as a whole instead of individual users.

Gigabit Ethernet

Ethernet that operates at 1 billion bits per second, defined by the IEEE 802.3 standard.

Half-duplex

Communications between two network nodes in which only one side of the link can transmit at any point in time.

HBA

See Host Bus Adapter .

HomeRF

This specification was originally intended to be used for home wireless networks. Later the specifications were extended to enable the same functionality that was already provided by the IEEE 802.11b and 802.11a standards. The HomeRF Working Group was disbanded in January 2003, and HomeRF products are no longer sold.

Hop

A term used to describe the number of routers (or number of seconds) a network packet will pass through to reach its destination. This value can be manipulated to force network traffic to use a specific route. See also metric and cost .

Horizontal Cabling System Structure

Connection from the telecommunications outlet in the work area, terminating in the telecommunications room.

Host Bus Adapter (HBA)

The term given to the adapter card that connects a computer to a Fibre Channel SAN. The HBA differs from an Ethernet card in that the HBA performs more functions than the Ethernet card, which frees up CPU cycles for other duties . Note that other types of host adapters, such as SCSI and SATA hard disk host adapters, are also sometimes referred to as HBAs.

Hostname

The name of the network device. The command hostname can normally be used to discover the name of the current host.

HOSTS file

A file used to translate hostnames to IP addresses. Although it's still useful in some situations, the Domain Name System (DNS) has replaced this functionality on most networks, though the HOSTS file can still be used to force a translation that is different from that stored in a DNS server.

HTML

See Hypertext Markup Language .

HTTP

See Hypertext Transfer Protocol .

HTTPS

A secure HTTP connection used by e-commerce, e-banking, and other sites that require secure connections. HTTPS uses the Secure Sockets Layer protocol to encrypt information. See Hypertext Transfer Protocol . See SSH .

Hub

A device that concentrates wiring of a LAN into a star formation using twisted-pair cables so that each device is connected to a port on the hub. Hubs are similar to multiport repeaters, but were first designed for use with 10BASE-T connections, whereas repeaters used the older thinnet (10BASE-2) Ethernet connections (coaxial cabling). In addition, later developments added features to hubs that could isolate segments that were transmitting corrupt data, and enable the use of SNMP for management purposes. Hubs have been replaced by switches in most cases for both SOHO and enterprise networks. Unlike switches, hubs divide the total bandwidth of the network among connected devices. This means that a hub provides slower throughput than a switch of the same speed.

Hypertext Markup Language (HTML)

A programming language that is used to create Web pages using a set of defined symbols that describe how text, images, and other data should be presented to the user accessing a website using a browser.

Hypertext Transfer Protocol (HTTP)

A protocol that uses TCP/IP to receive and respond to requests for data using the World Wide Web. Although much of the data transferred using HTTP consists of HTML pages, other technologies are also transferred using HTTP. See also HTTPS .

ICMP

See Internet Control Message Protocol .

ICMP redirects

The Internet Control Message Protocol can be used to manipulate routing tables, usually by sending "destination unreachable" messages to a router. This type of attack can make it difficult for your network to communicate with other networks because the routing table can become inaccurate due to this sort of attack.

IEEE

Institute of Electrical and Electronics Engineers. This professional society is responsible for many standards, including networking standards. See http://ieee802.org/ .

IEEE 802 LAN/MAN Standards Committee

An IEEE committee that is responsible for creating standards for local and wide area networking. This committee was formed in 1980 and was originally called the Local Network Standards Committee.

IEEE 802.11a

A wireless network protocol developed by the IEEE, operating in the 5GHz radio spectrum, and providing a bandwidth of up to 54Mbps.

IEEE 802.11b

A wireless network protocol developed by the IEEE, operating in the 2.4GHz radio spectrum, and providing a bandwidth of up to 11Mbps.

IEEE 802.11g

A wireless network protocol developed by the IEEE, operating in the 2.4GHz radio spectrum (like 802.11b), providing a bandwidth of up to 54MHz. Most 802.11g devices can interoperate with 802.11b devices. The larger bandwidth in the 2.4GHz spectrum is accomplished by using a more sophisticated technique for encoding data.

IEEE 1394

See FireWire .

Ifconfig

This command used on Unix/Linux systems is similar to the Windows ipconfig command. However, this command goes far beyond displaying configuration information and can be used to configure network interfaces.

iFolder

A technology used by NetWare to allow access and synchronization between data from remote clients and servers. This is usually employed by mobile clients to ensure that data on servers/clients remain synchronized.

IMAP

See the Internet Message Application Protocol .

Industrial, Scientific and Medical (ISM) Radio Frequency Band

A radio frequency band that has been set aside worldwide (for the most part) to be used for specific purposes. This frequency range doesn't require a radio operator's license for the user. This is the frequency range that was chosen to be used for wireless networking based on the IEEE 802.11b and IEEE 802.11g standards.

Infrastructure mode

The mode used on IEEE 802.11-based wireless networks in which a wireless AP or router is used to transmit data between stations . Infrastructure mode permits Internet access by using the wireless AP or router to act as a gateway to another network, such as the Internet. See also ad hoc wireless network .

Industry Standard Architecture (ISA)

The name given to the original PC bus, created in the 1980s. This computer bus operated at 8MHz, using a 16-bit data channel to connect components to the computer's memory and CPU.

Integrated Services Digital Network (ISDN)

A digital connection that consists of a B-channel, which carries voice and other data, and one or more D-channels, which transmit control and signaling information. Primary Rate Interface (PRI) consists of one D-channel, and two 65Kbps B-channels (for a total bandwidth of 128Kbps). Primary Rate Interface services can provide for up to 23 B-channels (or 30 B-channels in Europe), greatly increasing the bandwidth.

Internet

The worldwide interconnection of many networks, which evolved from the ARPANET.

Internet Control Message Protocol (ICMP)

A protocol that uses UDP packets for many diagnostic purposes for the TCP/IP protocol. See also ping and traceroute .

Internet Message Application Protocol (IMAP)

A protocol that enables users of email to view, download, or delete email messages from an email server. Whereas the POP3 protocol downloads all email messages from the email server to the client's computer, IMAP enables the user to leave messages on the server as well as viewing the subject headers and the message and attachments. The user can also explicitly delete messages from the server.

Internet Printing Protocol

A new development that enables clients to send print jobs to printers across the Internet.

Internet Protocol

The workhorse of the TCP/IP protocol suite. IP is a connectionless, unreliable protocol that makes a best-effort to get data from one location to another. IP provides the hierarchical address space that makes routing between networks possible. TCP, UDP, and other protocols in the TCP/IP suite use IP to route data through the Internet and intranets . The upper-level protocols that use IP are responsible for providing the mechanisms that ensure reliable delivery of data.

Internetwork Packet Exchange

A NetWare protocol that is used to transfer data between multiple NetWare networks. See also Sequenced Packet Exchange .

Interrupt Request (IRQ)

IRQ is a hardware component of the computer that devices can use to send an interrupt signal to the CPU in an attempt to get the attention of the processor. This is accomplished using a hardwired interrupt request line connected to the processor. Although many devices require their own interrupt request value (a numeric value), some devices today can share the same request number.

Intranet

A collection of networks connected by routers that compose a private network. Compare to Internet .

IP

See Internet Protocol .

Ipconfig

This command can be used on Windows computers (Windows NT, 2000, XP, and Windows Server 2003) to view current IP and other configuration assignments. Other features of this command can be used to release/renew DHCP configuration information, among other things. Windows 9x/Me use the comparable WinIPCfg command.

IPP

See Internet Printing Protocol .

iPrint

NetWare's implementation of the Internet Printing Protocol. See also Internet Printing Protocol .

IP address

An identifier for a computer or device on a TCP/IP network. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods, in which each number can be 0255. TCP/IP routes messages based on the IP address of the destination.

IPv6 (Internet Protocol version 6)

A new version of IP that expands the range of IP addresses from 32 bits to 128 bits, which relieves the strain on the current universe of IP addresses. IPv6 is backward compatible with IPv4 to allow its gradual adoption.

IPX

See Internetwork Packet Exchange .

IRIX

Silicon Graphics's implementation of UNIX. IRIX is used on SGI's 64-bit Origin servers. See also UNIX .

IRQ

See Interrupt Request .

ISA

See Industry Standard Architecture .

iSCSI (Internet SCSI)

An implementation of SCSI that uses Ethernet networks using TCP/IP to transfer data in both directions between a server and a SCSI drive or drive array.

ISDN

See Integrated Services Digital Network .

ISO

The official international name for the International Organization for Standardization. It is a Greek-language prefix that reflects their function. ISO means equal, the same, and so on. ISO is not an abbreviation or acronym.

LAN

See Local area network .

LDAP

See Lightweight Directory Access Protocol .

LED

Light-emitting diode. A low-power semiconductor device that produces light when electricity is applied. LEDs are commonly used on network adapter cards and other network devices (such as hub or switch ports) to indicate whether certain functions of the device are working correctly. LEDs can also be used in place of lasers to transmit data on fiber-optic cables.

LIFA

See Loop Initialization Fabric Address .

Lightweight Directory Access Protocol (LDAP)

A directory and directory services based on the OSI directory protocols (X.500). LDAP-compliant directories can be accessed by clients running different operating systems, provided that the client software has been created. LDAP uses the directory structure described by X.500, but the protocols and services provided by X.500 were scaled down to lessen the overhead required by the client and server.

LIHA

See Loop Initialization Hard Address .

LILP

See Loop Initialization Loop Position .

Linux

An operating system similar to UNIX that can be run on a wide range of server, desktop, and portable computers. Linux is based on open-source components, enabling it to be customized easily to provide support for different processors, server and client platforms, and tasks . Linux customizations, which usually include software and utilities, are often referred to as distributions, or distros. See UNIX .

LIP

See Loop Initialization Primitive .

LIPA

See Loop Initialization Previous Address .

LIRP

See Loop Initialization Report Position .

LISA

See Loop Initialization Soft Address .

LISM

See Loop Initialization Select Master .

LMHOSTS file

See also HOSTS file. This file is used on Windows systems to provide translation between hostnames and IP addresses on older Windows operating systems that used NetBIOS names. The Windows Internet Name Service (WINS) was developed to automate this process. DHCP can assign an IP address to a Windows client, and WINS can dynamically register this name/address translation. However, today most Windows operating systems use a DNS server.

Load coil

A device used on analog telephone circuits to amplify a voice circuit. Because these devices can interfere with frequencies nearing the 4MHz voice boundary on an ordinary telephone line, you may not be able to get DSL service.

Local area network (LAN)

A small network used to connect network devices over short distances, such as in an office.

Logical topology

The logical path through the network that data can take from one place to another. See also Physical topology .

Loop Initialization Fabric Address (LIFA)

The first frame used in assigning addresses on a Fibre Channel Arbitrated Loop. Devices that were assigned an address by a Fibre Channel switch can register their addresses using this frame.

Loop Initialization Hard Address (LIHA)

The third frame used in assigning addresses on a Fibre Channel Arbitrated Loop. Devices that have hardware-assigned addresses can register their address using this frame.

Loop Initialization Loop Position (LILP)

The last frame sent around a Fibre Channel Arbitrated Loop to let each member know the position of all other devices on the loop.

Loop Initialization Previous Address (LIPA)

The second frame used in assigning addresses on a Fibre Channel Arbitrated Loop. Devices that remember their previous address can register that address using this frame.

Loop Initialization Primitive (LIP)

Frames used during the initialization of a Fibre Channel Arbitrated Loop.

Loop Initialization Report Position (LIRP)

A frame used during the initialization of an Arbitrated Loop enabling devices to report their position on the loop. After this information has been gathered, the loop master sends the Loop Initialization Loop Position (LILP) frame around the loop so that all devices know the position of all other devices on the loop.

Loop Initialization Select Master (LISM)

The procedure used to select a temporary loop master that will coordinate address assignment during the initialization of a Fibre Channel Arbitrated Loop.

Loop Initialization Soft Address (LISA)

The last frame used to assign addresses on a Fibre Channel Arbitrated Loop. Any device that was not assigned an address using the previous frames can select an address from those not yet assigned.

Loop Master

A device on a Fibre Channel Arbitrated Loop that is temporarily selected to coordinate addressing and reporting functions during the initialization of the loop.

Lpr/lpd

Line printer remote/line printer daemon. These Unix utilities enable sending print jobs to remote computers. Today TCP stream printing is generally used for this purpose.

MAC address

See Media Access Control .

Malware

General term for spyware, adware, viruses, Trojan horse programs, or any other type of software which causes unwanted effects on a system.

MAN

See Metropolitan Area Network .

Media Access Control (MAC)

A sublayer of the OSI Data Link layer. The MAC sublayer creates the frames to be transmitted on the physical network media. The MAC address is one that is typically burned into a network adapter card or other network device by the manufacturer, and it creates a flat address space. MAC addresses are used to communicate on a network LAN, whereas IP addresses are used to communicate between devices on different LANs, using a router. Many routers can use MAC filtering to create or prevent network access.

Media access unit (MAU)/multistation access unit (MSAU)

Similar to an Ethernet hub, these devices centralize wiring in a Token-Ring network. The capabilities of the MAU or MSAU exceed those of a simple hub, however, in that misbehaving ports can be isolated so that communications can continue on the ring. Also, these devices do not broadcast all traffic received out on all ports at the same time as a simple hub does. Instead, the MAU or MSAU maintains the ring topology of the network, and passes frames from one port to the next .

Mesh topology

A network in which every device has a connection to every other device in the network. For practical reasons, this includes just the switches and servers that connect clients to the network. A mesh topology provides a great deal of redundancy to a network. This can be an important building factor for a network that requires 99.999% uptime. This topology can also be used to describe the topology of many wireless networks.

Metric

This term is a synonym for the hop count that limits the number of routers a network packet can pass through before being dropped. This term is also referred to as the "hop count" or the "cost" of a particular route. This value is used in distance-vector routing protocols to assign a value (usually 1) to a router. You can manipulate this value for different routes to a particular destination, forcing traffic to that destination to use a route you prefer.

Metropolitan Area Network (MAN)

A network that is larger than a LAN but smaller than a WAN. Typically, this designation is used to describe a network that covers the geographical distance of a city, or another similarly sized geographical area.

MicroChannel

IBM's proprietary bus created in 1987 to attempt to recapture the PC market from clone manufacturers that used the ISA and, later, the EISA bus. The PCI bus eventually replaced these buses.

Microsoft Management Console (MMC)

A generic interface tool introduced in Windows 2000 that enables many management utilities to use a common interface. The basic utilities are set up and available in the Administrative Tools folder, but new tools can be created by loading Snap-ins.

MMC

See Microsoft Management Console .

Modem

This used to be an acronym for "modulation/demodulation," but it now has entered the English language as a word. Modems enable computers to send digital information across an analog line (such as a telephone connection) to another modem. Modems are used to connect to the Internet, or to business networks. Broadband connections, such as DSL and cable, are slowly replacing these devices.

Monitor bit

Used by a workstation that acts as the active monitor for a Token-Ring network to determine when a frame has been around the ring more than once.

Multi-mode fiber-optic cabling

Coaxial cabling that uses a larger glass or plastic core than single-mode fiber-optic cabling. Instead of a single wavelength of light, multi-mode cabling injects more than one wavelength of light, each at a different angle to help prevent one wavelength from interfering with another.

Multi-Protocol Label Switching (MPLS)

Used by a Layer Three switch. A packet enters the MPLS network through an ingress LSR (label switching router), which attaches a label to the packet and exits the MPLS switched network through an egress LSR . The ingress LSR performs the necessary processing to determine the path a packet will need to take through the switched network. MPLS makes IP seem like a connection-oriented protocol. That function is usually provided by TCP.

NAS

See Network Attached Storage .

NAT

See Network Address Translation .

NDIS

See Network Driver Interface Specification .

NDS

See Novell Directory Services .

Near-end cross-talk

Interference that occurs between two twisted pairs measured at the same location; it usually occurs between wires in a twisted-pair cable. One of the conditions that can introduce this interference is a crushed cable, so care must be used when pulling network cabling and attaching connectors. See also far-end cross-talk .

Negative disparity

See disparity .

NetBEUI

Short for NetBIOS Extended User Interface. A means for transmitting data packets on the local network used early on by IBM, Microsoft, and other LAN providers. NetBEUI is a LAN (nonroutable) protocol and uses other protocols (such as TCP/IP) when traversing networks that consist of multiple LANs connected by routers.

NetBIOS

Short for Network Basic Input/Output System. Created by IBM and used by Microsoft and other early LAN operating systems, NetBIOS gives the application programmer a standard interface called a Network Control Block (NCB). Whereas TCP/IP uses IP addressing, NetBIOS uses a naming convention that can include unique names or group names. The underlying transport protocol (such as NetBEUI or TCP/IP) is transparent to NetBIOS. Used for many years in Windows operating systems, it is now supported mainly for backward compatibility for older applications. Newer versions of Windows, and other operating systems, typically use TCP/IP. The Windows Internet Naming Service (WINS) is used to translate between NetBIOS names and IP addresses. See also SAMBA , which is an open-source alternative to this protocol.

Netstat

A command used on Windows and some Unix/Linux systems to obtain statistics about the TCP/IP protocols that are in use on the computer.

NetWare

A network operating system developed by Novell.

Network Address Translation (NAT)

NAT allows you to use one or more IP addresses that are valid on the Internet, while using a reserved address space for the computers on the LAN. The NAT server (such as a router/switch) uses its valid Internet address to translate between the private network address and one valid on the Internet.

Network analyzer

A device that monitors the network at the Data Link and Transport layers in the OSI reference model, enabling you to locate protocol errors, among others. Some operating systems, such as Windows servers, contain a scaled-down version of this type of device. For Unix/Linux you can use the tcpdump utility to perform similar functionality. However, a good network analyzer offers other features that make the device worth the cost.

Network Attached Storage (NAS)

Storage devices (disk/tape) attached to the same network used by client computers. Contrast this with a Storage Area Network (SAN), which uses a separate network for storage.

Network Driver Interface Specification (NDIS)

A network driver interface created by Microsoft and 3Com Corporation.

Network File System (NFS)

Developed by Sun Microsystems, this set of protocols enables the network administrator to mount file systems from one computer onto a mount point on another computer. This makes it appear to the other computer as if the file(s) were part of the local file system. See also Distributed File System .

Network Information System (NIS)

A service developed by Sun Microsystems that enables clients on a network to obtain information from other computers, using a single sign-on. NIS+ was developed to enhance security. NIS code was released by Sun to the public domain and has been ported to a wide variety of operating systems.

Network interface card (NIC)

Network hardware that links a computer or workstation to the network media. Also known as network adapter card.

Neutral disparity

See disparity .

NEXT

See near-end cross-talk .

NFS

See Network File System .

NIC

See network interface card .

NIS

See Network Information System .

NL_Port

A port that connects a device to an Arbitrated Loop.

Node

A term generally used to describe any type of device connected to a network, such as a computer, bridge, server, or router.

Novell Directory Services (NDS)

A directory service used generally by Novell NetWare. NDS stores user accounts and links to network resources, among other data. NDS was renamed and given additional functionality with the release of NetWare 6.0, and has been renamed the eDirectory.

Novell NetWare

NetWare is a client/server network operating system for x86 servers. Originally, NetWare used its own network protocol (IPX/SPX), but starting in NetWare version 5.x, NetWare switched to TCP/IP. The current version of NetWare, version 6.5, is designed to work in a heterogeneous (mixed) environment with Windows NT/2000/Server 2003, Java, and open-source server and client technologies.

Nslookup

Use this command followed by a hostname or an IP address to get information about a particular host from a DNS server in your network.

NTFS

A file system used by Microsoft server operating systems starting with Windows NT. More recent client operating systems, such as Windows XP, also support NTFS. NTFS enables support for large disks, encryption, expanded security permissions, and data compression, among other features.

ODI

See Open Data-Link Interface .

Open Data-Link Interface (ODI)

A network driver specification created by Novell and Apple.

Open Shortest Path First (OSPF)

A routing protocol that uses Link State Advertisements (LSAs) to exchange routing information. Compared to RIP, OSPF takes into consideration other cost metrics, such as the speed of a route, the traffic on the route, and the reliability of the route. Additionally, OSPF does not suffer from the 15-hop limitation that RIP employs, and it uses subnet masks, which RIP does not.

Open Systems Interconnection (OSI)

A set of protocols developed in the 1980s that was designed to be implemented on computers from various hardware platforms, to provide seamless interconnection. See also the OSI Reference Networking Model .

OSI

See Open Systems Interconnection .

OSI Reference Networking Model

A seven-layer model created by ISO, designed to describe specific functional modules and interfaces on which network protocols could be created. Used today to teach the concepts of networking. Contrast this with the DOD (Department of Defense) or DARPA model, which was created earlier and is used to describe TCP/IP.

OSPF

See Open Shortest Path First .

Packet filter

A basic firewall that filters incoming and outgoing network traffic based on information in the IP header, such as IP addresses and ports.

Patch panels

Provide a means of rearranging circuits so that adding, subtracting, and changing workstations is made easier. Patch panels are where the circuits are connected and reconnected, typically in a telecommunications closet.

PC Card

The original 16-bit version of the PCMCIA card standard. See also PCMCIA and CardBus .

PCI

See Peripheral Component Interconnect .

PCMCIA

Small cards that can be used in laptops and other small computers. The acronym does not stand for "People Can't Memorize Computer Industry Acronyms," which is a popular phrase used to remember the acronym. Instead, PCMCIA is the Personal Computer Memory Card International Association, which originally defined the specification. See also CardBus and PC Card .

Peripheral Component Interconnect (PCI)

The standard bus used on most modern PCs and minicomputers. PCI offers faster data transfer rates (33MHz in desktops; 33 and 66MHz in workstations and servers) and wider (32- or 64-bit-wide) data paths than earlier computer interconnect hardware, such as ISA and EISA. Devices on the PCI bus can also use a feature called bus mastering , whereby a card can take control of the bus and directly transfer large amounts of data to system memory without using the CPU. PCI cards also use a smaller footprint, as compared to PCI's predecessor, EISA. PCI-X and PCI-Express are developments of the PCI standard.

Permissions

On many computer systems, this term is used to grant or deny access to system resources, such as files or printers. See also Share-level permissions and User-level permissions .

Physical topology

The physical layout of a network media (such as copper and fiber-optic cables and, more recently, wireless equipment) and the devices that are connected in a network.

Ping

A TCP/IP utility that uses ICMP ECHO/REPLY packets to determine whether a particular network device is reachable . Another related troubleshooting tool is TRACEROUTE/TRACERT, depending on your operating system.

Plain old telephone service (POTS)

This term is used to refer to service provided by the older analog telephone network.

Point Coordination Function (PCF)

A method used by wireless clients to gain access to the network bandwidth by exchanging frames (RTS/CTS) with an Access Point.

Point-to-Point Protocol (PPP)

This protocol allows two endpoints of a connection to establish a communications channel. PPP is typically used by an ISP to allow a dial-up user to connect to a modem at the ISP to provide Internet access for the dial-up client.

Point-to-Point Tunneling Protocol (PPTP)

Similar to a VPN when it comes to a secure "tunnel" through the Internet. Companies that have many locations can use PPTP (if offered by their ISPs at each location) to get a secure "tunnel."

POP3

See Post Office Protocol Version 3 .

Positive disparity

See disparity .

Post Office Protocol Version 3

The current protocol used by many ISPs for downloading email from their servers to clients. Contrast this with IMAP, which can leave messages on the server until the user explicitly deletes them. POP3 downloads the emails to the users' computers and they are then no longer available on the POP3-based server.

POTS

See Plain old telephone service .

Power distribution units

Used in minicomputers and mainframe computers to condition the incoming power. Usually employed by using two or more units so that if one fails, the others continue to supply a stable, conditioned power supply to the computer. These devices are used to provide redundant power to a high-end server, and are usually connected to separate power sources. Because of this, the failure of one power supply does not bring a server down, because other power supplies can continue to provide electrical current to the other power distribution units.

PPP

See Point-to-Point Protocol .

PPPoE

The Point-to-Point Protocol over Ethernet.

PPTP

See Point-to-Point Tunneling Protocol .

Pretty Good Privacy (PGP)

A public key encryption set of utilities originally developed by Philip Zimmerman. PGP is widely employed on the Internet, though initially U.S. government restrictions disallowed exporting the technology. Both commercial and freeware versions are available. For the freeware version, see http://web.mit.edu/network/pgp.html . Another website, dedicated to international distribution of PGP, can be found at www.pgpi.org/ .

Protocol

An agreed-on set of methods for establishing communications between two or more nodes on a network, and for exchanging data or messages. In many instances, such as that which occurs with encryption technology, protocols must be negotiated to a level that both ends of the connection can understand. TCP and IP are perhaps the two most understood , and widely used, networking protocols in use today.

Proxy server

A firewall technique in which the firewall acts as a go-between for your network and another network, such as the Internet. The proxy server replaces the client's IP address with its own before sending a packet. When a response is received, the proxy server replaces its IP address with that of the client and sends the packet back to the client.

PSTN

See Public switched telephone network .

Public key encryption

An encryption method that uses two keys: a public key and a secret key. The message is encrypted by the public key, and decrypted by the secret key. This means that the public keys can be published on the Internet. The sender need only use the public key to encrypt and send a message to the holder of the private key for this transaction. The recipient can then use his secret key to decrypt the message. The key combination is a mathematical calculation that enables only the holder of the secret key to decipher messages sent that are encoded by the public key, which anyone can use. Compare this to using a single encryption key known by both parties to a secure connection. Using public key encryption means that both sides of the data exchange do not have to arrange some other means (such as a diplomatic pouch) to exchange the single encryption key. Indeed, the Secure Sockets Layer (SSL) uses public key encryption to begin the process of exchanging a single encryption key used for the remainder of the communications process.

Public switched telephone network (PSTN)

The telephone network in use today. The PSTN consists of myriad devices that interconnect many smaller telephone networks, and it is mostly made up of digital lines until that last mile to your home or office. Contrast this with POTS (plain old telephone service), which is the voice-grade service you get from your telco. In some cases these terms are used interchangeably, but that is incorrect.

R-utilities

A set of utilities developed by University of California at Berkeley that simplifies many tasks usually associated with other TCP/IP utilities. Today these utilities have for the most part been superceded by SSH utilities that provide the same capabilities but incorporate security mechanisms that make them less vulnerable than the original R-utilities.

Radio frequency interference (RFI)

See electromagnetic interference (EMI) .

RAID

First defined as "redundant array of inexpensive disks," this has now been redefined as "redundant array of independent disks," because disks are not inexpensive as they used to be. RAID technologies are common today and cover a large territory. Different RAID levels can provide access speed (striped sets) or redundancy (mirror sets or striped sets with parity). To carry this concept further, a stripe set composed of mirror sets can provide the best of both of the others. If a disk in a mirror set fails, the other disk in the mirror enables the disk volume to maintain operations until the failed member has been replaced. When a striped set with parity is used, performance is reduced because the parity stripe (which is spread across all members of the stripe set) needs to be calculated each time a client accesses the data.

Repeater

A repeater joins physical network segments and amplifies the signal it receives on one port before it transmits it on other ports. Because the repeater does not check on the contents of the data it receives or retransmits, frames that are corrupted by noise and other factors can also be repeated. A repeater that connects more than two network segments is usually called a multiport repeater. The development of the hub replaced the multiport repeater for all practical purposes, because it performs the same functions, and can include additional features.

RFI

See electromagnetic interference (EMI) .

Rights

On most computer operating systems this term is used to indicate actions the user can perform on the computer.

Ring topology

A physical topology that connects each node to its upstream and downstream neighbors. That is, each node in the network is connected to another node, and eventually the last node in the ring connects back to the first node. This can be accomplished by connecting cables from one node to the next, or by using a wiring concentrator (such as a MAU or MSAU when used in Token-Ring networks) that make the ring topological connections internally. All communications on the ring pass through every other node until the destination is reached.

RIP

See Routing Information Protocol .

RMON

See Simple Network Management Protocol .

Router

A device that operates at the OSI model third layer, the Network layer. The Network layer offers a logical address space, which makes it easier to organize networks and route traffic between networks. This overcomes the flat address space provided by lower-level devices that use Media Access Control (MAC) addresses. Each router contains two or more network interfaces. One or more of these interfaces can be used to connect the router to a wide area network, while other interfaces can be used to connect to local network segments. Routers receive input from one network interface, and then make routing decisions based on which interface can best get the packet to its eventual destination. Routers can also be used to configure such things as packet filtering, an important concept used by firewalls.

Routing Information Protocol (RIP)

A protocol uses routers to decide which port to use when sending a network packet to its eventual destination. RIP is a distance/vector protocol. RIP judges the best route to a destination based on information in the routing table that contains the distance (in hops) and vector (direction) to the destination. RIP routers also exchange data to update routing tables among themselves .

SAMBA

An open-source implementation of the Server Message Block (SMB) network communication protocol, which has been updated to include the Common Internet File System (CIFS)the predecessor to SMB. SAMBA is a freeware product that has been ported to many operating systems so that communications with Windows operating systems can be accomplished easily. See www.samba.org .

SANs

See Storage Area Networks .

SAS (Serial Attached SCSI)

A high-speed serial implementation of SCSI adopted in 2003 that combines backward compatibility with SATA drives, current performance of 300MBps, and future improvements to data rates up to 1200MBps. See also SCSI and SATA .

SATA (Serial ATA)

A high-speed serial interface designed to replace the current PATA and Ultra ATA drive interface standards. Serial ATA 1.0 uses a seven-wire data/ground cable and supports direct point-to-point connections to host adapters at initial speeds of up to 150MBps, which is faster than Ultra ATA-133. SATA 3GBps hardware is now available. See also ATA (AT Attachment) .

SCSI (small computer system interface)

A standard originally developed by Shugart Associates (then called SASI, for Shugart Associates System Interface) and later approved by ANSI in 1986. SCSI-2 (now called SPI-2) was approved in 1994, and Ultra3 SCSI(now called SPI-3) was approved in 2000. Ultra4 SCSI (now called SPI-4) was approved in 2002. Servers that support SCSI typically use Wide and Ultra Wide versions of SCSI, which use a 68-pin connector and can support up to 16 devices, including the host. An 80-pin connector is used on hot-swap SCSI drives used in RAID arrays.

Sequenced Packet Exchange (SPX)

A NetWare protocol that ensures that packets sent via IPX are delivered in an orderly, session-oriented manner.

Serial Line Internet Protocol (SLIP)

An older method used to establish a connection between two devices, typically two computers. SLIP has been replaced for the most part by the Point-to-Point Protocol (PPP).

Server

A computer that offers resources to other computers, usually referred to as clients. For example, a server may offer file or print shares for use by clients.

Server Message Block (SMB)

A protocol developed by IBM and adopted by Microsoft to exchange messages and provide for client/server resource access. SMB is still used by some applications and in Windows operating systems. Other operating systems adopted SMB to provide compatibility with Microsoft operating systems. SMB was enhanced and renamed the Common Internet File System (CIFS). SAMBA is an open-source version of the protocol.

Shadow Password File

Used on Unix/Linux systems to provide a password file (which stores user account information) that is protected so that only the root account (or an application that runs under root, such as the logon process) can access the file. This file prevents a hacker from obtaining the information contained in the typical world-readable /etc/passwd/ file and using tools to decrypt account passwords. On many Unix/Linux systems this file is /etc/shadow .

Share-level permissions

Permissions that grant access to all files/subdirectories offered by a file share on the network. Note that on many systems, selected files or subdirectories can be further protected by using user-level permissions. For example, you can use share-level permissions on an NTFS partition on a Windows server but restrict access to selected files and directories by applying user-level permissions.

Simple Mail Transfer Protocol (SMTP)

The current method for transferring emails from one email server to another. After the transfer is completed, users can use IMAP or POP3 to view and manage emails.

Simple Network Management Protocol (SNMP)

An extensible protocol used to monitor a wide variety of network devices. (RMON, or Remote Monitoring Protocol, is an extension of SNMP.)

Single key encryption

Encryption techniques that use a single, secret key to encode and decode the information. Using this technique, it is necessary for both ends of the communication to establish a mechanism for obtaining the single encryption key.

Single-mode fiber-optic cabling

A fiber-optic cable that conducts a single wavelength of light, provided by a laser or light-emitting diode (LED). Because only a single wavelength is used, there is no interference with other wavelengths , so a single-mode fiber-optic cable is able to transmit a signal across a longer distance than a multi-mode fiber-optic cable. Single-mode cabling has a smaller glass or plastic core than multi-mode cabling, and can be used to transmit data over a longer distance than multi-mode cabling.

SLIP

See Serial Line Internet Protocol .

Small Computer Systems Interface (SCSI)

A parallel architecture that enables the connection of disk and tape devices to a server or high-end workstation. See also Storage Area Networks and Network Attached Storage , which use a serial connection to storage devices.

Small office/home office (SOHO)

A small network usually confined to a single office or a small home office network. In the SOHO environment only a small number of computers are configured on the LAN, and simple router/switches are used, along with software-based firewalls for protection from intrusions from the Internet. Inexpensive hardware firewalls are also available for this purpose, and require little management compared to high-end enterprise network firewalls.

SMB

See Server Message Block .

SMTP

See Simple Mail Transfer Protocol .

SNIA

See Storage Networking Industry Association .

SNMP

See Simple Network Management Protocol .

Social engineering

A simple method for obtaining information about your network, such as user accounts and passwords. A typical event is to call a user and tell him that you are someone from the help desk and that you need his password to perform some action on his behalf . A good security policy can help prevent this sort of intrusion.

SOHO

See Small office/home office .

Spam

Unsolicited and unwanted email. Software or hardware devices known as spam filters can help reduce the amount of spam received.

Spread Spectrum

A wireless transmission technique that uses a signal that is a combination of a pseudo-noise signal and the actual information modulated on an RF (radio frequency) carrier. Mixing two different signals to produce only one for transmission causes the data to be masked by the seemingly random signal that it is combined with. Note that because the actual data and seemingly random "noise" are transmitted at the same time, a larger bandwidth is used than would be used by the data signal alone. The recipient of this signal simply masks out the pseudo-noise signal to recover the actual data.

SPX

See Sequenced Packet Exchange .

Spyware

Software that gathers information about you and your computing activities and sends it to others, often without your consent .

SSH

Secure Shell. This is also known as the Secure Socket Shell. This protocol provides a more secure environment for the traditional R-utilities. The current SSH utilities include slogin , ssh, and scp. End-to-end transfers of data using these connections are protected by a secure login mechanism as well as encryption of the data transfers. The most current version of these utilities is defined by the Internet Engineering Task Force (IETF) as version SSH2. See also HTTPS .

Star topology

A network topology in which a central wiring concentrator is used. Each computer on the network is cabled to a single concentrator (such as a hub or switch). It is at this wiring concentrator that communications between devices on the LAN (or MAN/WAN in some cases) are accomplished. An example of this topology is 100BASE-T Ethernet using a switch. Wireless networks that use the infrastructure mode essentially use a star topology but with radio waves replacing cables, and a wireless access point replacing the switch or hub. See also infrastructure mode .

Stateful Inspection

A firewall technique that keeps track of outgoing requests and matches incoming responses. This firewall mechanism helps keep unsolicited traffic from entering your network.

Storage Area Networks (SANs)

A network used by servers to access high-speed, high-bandwidth storage. SANs provide many functions. A much larger number of disk/tape devices can be stored on a SAN than can be attached to a server using SCSI or other protocols. In addition, storage on a SAN can be accessed by more than a single server. Contrast this with NAS, which must compete with other network clients and servers on a production LAN.

Storage Networking Industry Association (SNIA)

An industry association devoted to storage technologies, specifically NAS and SANs.

Store-and-forward switch

A switch that buffers a frame in its memory before beginning to send it out to the appropriate port. The switch can connect two different topologies, such as 10Mbps and 100Mbps networks, without having to worry about the different speeds. This type of switch can check the integrity of the frame, allowing it to discard damaged frames and not propagate them onto other network segments. See also cut-through switch .

Subnet

A subset of an IP address class. For example, you can divide a Class C IP address class into several subnets by borrowing bits from the host address portion of the IP address to create two or more subnets on your network. The subnet mask is used for this purpose. Contrast this with Classless Interdomain Routing.

Subnet mask

Thirty-two bits that are used to describe which bits of an IP address are used to identify the network address and which bits are used to identify the host address (your computer or other network device). Keep in mind that an IP address is used to specify both the network and the host address, and the subnet mask determines which bits represent each of these.

Switch

A device that is similar to a hub, in that it works as a wiring concentrator. However, instead of broadcasting all incoming data on all other ports, a switch makes connections between the data on the incoming port to a port that can deliver the data to its destination. Switches have replaced hubs in modern networks.

SYN flooding

An older form of attack against a server. This attack depends on the three-way handshake used by TCP/IP to set up a connection. The SYN bit in the TCP packet causes the server to set aside memory resources for the connection. By sending a large number of SYN packets, and not responding to responses from the server, it is easy to overrun the server's memory, and thus render it useless. Many modern operating systems have patches that prevent or limit this sort of attack.

Syslog

A Unix/Linux daemon (background process) that records significant events as configured by the administrator. Syslog provides an audit trail for these operating systems.

T-carrier

Used to describe digital services that range from T1 lines (1.544Mbps) to T4 lines (274.186Mbps). T1 provides 24 separate channels that can be used to send voice or data from one place to another using two pairs of wires. Each of the 24 channels can transmit at a rate of 64Kbps. In Europe this service is known as E-carrier. However, the channels supported vary. For example, the E1 line carries 30 channels.

TCP

See Transmission Control Protocol .

Tcpdump

A third-party utility commonly used in Unix/Linux operating systems to capture and view current TCP/IP packets and statistics. This popular utility is included with many Unix/Linux operating systems. A similar version for Windows clients is called windump. See http://www.wincap.org/windump/ .

TDR

See Time domain reflectometry .

Telecommunications closet

The central wiring point for a floor. The telecommunications closet can contain both network devices and concentrators , as well as telephone equipment.

Telnet

A protocol/utility used to establish remote terminal sessions.

TFTP

See Trivial File Transfer Protocol .

Thicknet

A term commonly applied to 10BASE-5 coaxial cabling, which was used in the first Ethernet networks.

Thinnet

A coaxial cable (10BASE-2) that has a smaller diameter than 10BASE-2 coaxial cables.

Time domain reflectometry (TDR)

A method of measuring cable length or locating faults by timing the period between a test pulse and its reflection from an impedance discontinuity on the cable. TDR measuring instruments can enable you to determine the approximate location of a problem on a cable.

Time to Live (TTL)

A concept used by many protocols. This value generally indicates the seconds, or number of hops, that a network packet can travel through the network before it is dropped. This ensures that a misconfigured routing topology does not endlessly route a packet.

Token-Bus

Similar to Token-Ring, except that all workstations connected to a bus can hear all transmissions that are made. However, the addressing for members on a Token-Bus preserve the integrity of the ring topology, passing the token (or data) frames from one node to another in an orderly fashion.

Token-Ring

A LAN technology that passes a token frame from one node in the network to another, in an orderly fashion. When a node on the LAN needs to transmit data, it waits until it receives the token frame and then constructs a frame containing the data to be sent, along with destination and originating addressing information. The data frame then travels through the ring until it reaches the originator. The originator can check flags in the frame to determine whether the receiving node was able to intercept the data and complete the transfer. The IEEE 802.5 working group was formed to develop standards for Token-Ring networks. Today, these networks make up only a small percentage of installed LANs.

Traceroute

A TCP/IP utility that uses ICMP ECHO/REPLY packets to discover the routers (or gateways) along a path to a destination device. This utility increments the TTL (Time to Live) value starting at one, and then adding one to each subsequent probe to determine each device along the path. This utility might be considered to be an advanced Ping utility. Traceroute is also known as tracert for some operating systems.

Tracert

The Traceroute command used by Windows and some other operating systems from MS-DOS 6.2 through Windows 2000 and Windows XP. Newer versions of Microsoft operating systems use Traceroute.

Transmission character

In the context of Fibre Channel, a 10-bit character chosen for transmission to assist in maintaining neutral disparity. Eight-bit values are encoded into one or two possible transmission characters to maintain neutral disparity.

Transmission Control Protocol (TCP)

A connection-oriented, reliable protocol that uses the Internet Protocol (IP) to transmit data through a network. TCP establishes sessions with the remote host and uses various techniques, such as acknowledgments, to ensure that data is reliably transferred between the two endpoints of a communication.

Trivial File Transfer Protocol (TFTP)

This is a stripped-down version of FTP that is generally used for uploading files to a router, and other similar equipment. It does not use any authentication or error correcting mechanisms. TFTP should not be used on a production network.

Trojan horse

A program similar to a virus. However, a Trojan horse file usually resides on the infected computer until some event sets it into action. This can be a specific date, or an external signal sent by another computer. For example, a Trojan horse program can be planted on many thousands of computers that do not use a firewall or antivirus protection. At a later date a signal can be sent to enable each copy of this file to begin a distributed denial-of-service attack on another computer. Many Trojan horse programs disguise themselves using a filename that appears to be relevant to the operating system they've infected.

TTL

See Time to Live .

Twisted-pair cables

Also referred to as unshielded twisted-pair cables, because no shielding is required to protect the integrity of the signals. The twisting of the individual pairs of the cable is significanttwisting the wire couples the electromagnetic fields equally, thus helping to cancel out any interfering signals.

UDP

See User Datagram Protocol .

UID

A numerical value used by Unix/Linux systems to identify the user when running processes or evaluating access to files and other system resources. A value of zero for this field is used to indicate the superuser , or a user who has the same privileges as root. On some systems, values from 1 to 99 are reserved for use for system processes, such as background daemons.

Unicode

A method used to assign numeric values to alphabetic, numerical, and symbolic characters. Compared to ASCII, which was a standard used early in the computer age, Unicode supports many languages, and is made up of 34,168 characters. See also American Standard Code for Information Interchange and Extended Binary-Coded Decimal Interchange Code .

Uninterruptible power supply (UPS)

A power source, usually powered by batteries, that provides power when the main source of power fails. For enterprise servers, a UPS, coupled with diesel generators, can maintain computing services indefinitely. For smaller units, a battery is used, and the unit can communicate with the server to perform an orderly shutdown of the server so that no data is compromised.

Universal serial bus (USB)

A high-speed bus that can be used to attach a large number of computer peripherals or consumer electronics devices to your computer. The initial specification (USB 1.1) supported up to 12Mbps. USB 2.0, now in widespread use, supports up to 480Mbps, and is backwards -compatible with USB 1.1 devices.

Unix

An interactive time-sharing operating system used for network servers and clients, Unix (sometimes spelled UNIX) was originally developed by Bell Labs in 1969. Many different implementations of Unix are used by RISC-based servers, including HP-UX (HP), AIX (IBM), Tru64 Unix (DEC, later Compaq), Solaris (Sun), IRIX (SGI), and others. Linux is a Unix-like operating system designed to support x86-based desktops and servers. See Linux .

Uplink port

A port on a hub, a switch, a router, or another network device that is used to connect it to another similar device to increase port density for a LAN. An uplink port incorporates a crossover connection so that a standard cable can be used for the connection to another device.

UPS

See Uninterruptible power supply .

USB

See Universal serial bus .

User Datagram Protocol (UDP)

A connectionless, unreliable protocol that uses IP to send messages through a network. Contrast this with TCP, which also uses IP but is a connection-oriented, reliable protocol.

User-level permissions

Permissions placed on files and directories that allow or deny specific users access to resources in a network. See also share-level permissions.

Vampire tap

The method used for connecting 10Base5 Ethernet adapters to a coaxial cable. The term comes from the need to drill a hole in the cable's outer shield to allow access to the cable's inner conductor to make the connection.

Virtual LAN (VLAN)

A method that uses network switches to connect a number of devices to one or more switches. A virtual LAN lets the network administrator select which LAN a computer or device will belong to. Because a switch is a wiring concentrator device, this virtual capability means that you do not have to use separate switches for each LAN segment. Instead, you can connect multiple clients to the same switch(es) and use software to designate which virtual LAN a computer or device is a member of.

Virtual Private Network (VPN)

A secure path through a shared network or WAN that connects two computers, or two networks, so that from the point of view of each endpoint of the connection, they are on the same network. The connection is private because some means have been taken to secure the payload information of the data carried through this virtual tunnel. Many different protocols are used to create VPNs, so check the documentation provided with your operating system, or third-party VPN solution, to determine what security is offered by this technique. Most SOHO routers offer VPN pass-through to enable you to use your own software to connect via VPN to a corporate network. A few more advanced routers include built-in client software. If you need more than one VPN connection at a time, make sure you buy a router that supports multiple VPN tunnels.

Virus

Similar to a virus that attacks a human (or any other living species) a computer virus tends to (1) disrupt normal activity on the computer, if only to present a message, (2) duplicate itself so that it can infect other computers, and (3) disguise itself as another program. Email viruses are very common, and you can usually protect yourself by using a good antivirus program, and by using an automatic update feature to download new virus definitions frequently.

VLAN

See Virtual LAN .

VoIP (Voice over IP)

Telephony services delivered by an IP network. VoIP uses the H.323 standard to carry audio and video over the Internet and internal networks (Intranets). VoIP products and services are widely available for SOHO, small business, and enterprises from many vendors .

VPN

See Virtual Private Network .

W3C

See World Wide Web Consortium .

Wake On LAN (WOL)

Part of the Wired for Management (WfM) Initiative, WOL enables a administrator to send a signal to a network adapter and boot a computer that has been shut down. This capability is useful in environments where a large number of computers need to be booted after-hours so that patches and other software upgrades can be downloaded to computers without interrupting the normal workday of a user.

WAN

See Wide area network .

WAP

Wireless application protocol, a set of communications protocols used to enable Internet access by cellular phones and other portable devices. WAP can also be used as an abbreviation for wireless access point. See Wireless Access Point .

WEP

See Wired Equivalent Privacy .

Wi-Fi

The Wireless Ethernet Compatibility Alliance (WECA), now known as the Wi-Fi Alliance, was formed specifically to promote products from different manufacturers that are subjected to stringent testing to ensure interoperability. The brand name chosen by WECA for these products is Wi-Fi. See www.wifi.org. Wi-Fi Certified products might support one or more of these standards: IEEE 802.11a, IEEE 802.11b, and IEEE 802.11g. Wi-Fi has also developed standards for various security technologies used as part of Wi-Fi Protected Access (WPA). See also Wi-Fi Protected Access .

WiMax

A new standard for broadband wireless products using microwave signals. The first WiMax standard supports 3.5GHz products, and is based on the IEEE 802.16-2004 Air Interface Standard and ETSI HiperMAN standards. WiMax will eventually support frequencies from 2-11GHz and 10-66GHz. See the WiMax Forum website at www.wimaxforum.org for more information.

Wide area network (WAN)

A network technology that connects LANs or MANs over a large distance. WANs can use various protocols, such as ATM and Frame Relay.

Windows Internet Naming Service (WINS)

A name resolution service used by Microsoft operating systems to translate NetBIOS names to IP addresses. WINS is still used today because of application dependencies, but for the most part the Domain Name System (DNS) server is used by most Windows (and other) operating systems to translate DNS names to IP addresses. Note that Microsoft's DNS server can be configured to query a WINS server if it cannot resolve a name.

Winipcfg

This command can be used on older Windows operating systems (such as Windows 95/98/Me) to view IP and other configuration systems. Similar to the ipconfig command for later Windows operating systems. See ipconfig .

WINS

See Windows Internet Naming Service .

Wired Equivalent Privacy (WEP)

Used in early implementations of Wi-Fi networks. WEP is a weak encryption technique that was designed to provide the same security as a wired network. However, wired networks also are usually protected by physical security measures. Today WEP should be used only for wireless networks in which WPA security is not available.

Wi-Fi Protected Access (WPA)

The IEEE 802.11i specification is intended to overcome the vulnerabilities of the Wired Equivalent Privacy (WEP) security that came with earlier wireless products. WPA uses authentication techniques, and a constantly changing encryption key, and thus may provide a more secure wireless environment. WPA2 is an improved version of WPA using improved encryption standards.

Wireless Access Point (AP)

A wireless network device that is used as a central point between wireless clients wanting to transmit data on the network. The AP can be used with wireless clients as a standalone device, or the AP can be connected to a wired network. Many APs include a router and a 10/100 Ethernet switch. Contrast this with an ad hoc wireless network that does not use an AP.

WLAN

Wireless LAN (local area network). A small network that uses wireless networking as all or part of the LAN.

WOL

See Wake On LAN .

Work Area

The termination point of the network at a user's workspace.

World Wide Web Consortium (W3C)

An industry group whose purpose is to promote the Web, by producing standards, and software that can be used as a reference model for creating interoperability between Web products.

Worm

A worm is similar to a virus in that it infects a computer and then uses resources on that computer, such as your email address book, to replicate itself on other computers. Today, worms can reside in memory and travel through your network or the Internet at a very rapid rate.

WPA

See Wi-Fi Protected Access .

xDSL

See Digital Subscriber Line .

XML

See Extensible Markup Language .