Section 7.8. Terms and Concepts


7.8. Terms and Concepts

single point of failure, 377

resilience, 377

fault tolerance, 377

server, 378

client, 378

node, 379

host, 379

link, 379

workstation, 379

topology, 381

network boundary, 381

network ownership, 381

network control, 381

digital, 382

analog, 382

modem, 382

twisted pair, 382

unshielded twisted pair, 382

bandwidth, 382

coaxial cable, 382

Ethernet, 383

repeater, 383

amplifier, 383

optical fiber, 383

wireless LAN, 383

802.11, 383

microwave, 383

infrared, 383

satellite, 384

geosynchronous orbit, 384

transponder, 384

footprint, 384

protocol, 385

protocol stack, 385

ISO reference model, 386

OSI model, 386

application layer, 386

presentation layer, 386

session layer, 386

transport layer, 386

network layer, 386

data link layer, 386

physical layer, 386

peer, 386

router, 387

packet, 387

network interface card, 387

MAC address, 388

frame, 388

session header, 388

logical connection, 388

sequencing, 389

TCP, 391

IP, 391

UDP, 391

application layer, 391

transport layer, 391

Internet layer, 391

physical layer, 391

port, 391

SMTP, 392

HTTP, 392

FTP, 392

SNMP, 392

IP address, 393

domain, 393

top-level domain, 393

local area network, 394

LAN, 394

wide area network, 395

Internet Society, 395

anonymity, 397

motivation for attack, 400

challenge, 400

fame, 402

money, 402

espionage, 402

organized crime, 403

ideology, 403

hactivism, 403

cyberterrorism, 403

reconnaissance, 404

intelligence, 404

port scan, 404

social engineering, 405

fingerprinting, 406

eavesdrop, 408

war driving, 408

passive wiretap, 409

active wiretap, 409

packet sniffer, 409

inductance, 409

impedance, 410

multiplexed signals, 410

interception, 412

theft of service, 412

RFC (request for comments), 414

impersonation, 415

authentication, 415

guessing authentication, 415

eavesdropping authentication, 416

avoiding authentication, 416

nonexistent authentication, 417

well-known authentication, 417

trusted authentication, 418

spoof, 418

masquerade, 418

phishing, 419

session hijacking, 419

man-in-the-middle attack, 420

session hijacking, 420

misdelivery, 420

message exposure, 421

interception, 421

traffic flow analysis, 422

message falsification, 422

message replay, 422

message fabrication, 422

theft of service, 422

noise, 423

interference, 423

protocol flaw, 423

impersonation, 423

malformed packet, 423

protocol failure, 423

web site defacement, 424

buffer overflow, 425

dot-dot attack, 425

address resolution, 425

application code attack, 426

server-side include, 427

denial-of-service attack, 427

transmission failure, 427

connection flooding, 427

ICMP, 428

ping, 428

echo, 428

chargen, 428

ping of death, 428

smurf, 428

syn flood, 429

SYN, 429

ACK, 429

teardrop attack, 430

DNS attack, 431

distributed denial of service, 431

zombie, 431

Tribal Flood Network, 432

TRIN00, 432

TFN2K, 432

active code, 433

mobile code, 433

cookie, 434

script, 434

escape-character attack, 434

active server page, 435

Java code, 435

sandbox, 435

Java virtual machine, 435

hostile applet, 436

ActiveX, 436

bot, 437

botnet, 437

script kiddie, 438

building block attack, 438

network segmentation, 442

redundancy, 443

failover mode, 443

single point of failure, 443

link encryption, 445

end-to-end encryption, 446

virtual private network, 449

encrypted tunnel, 449

PKI (public key infrastructure), 450

certificate, 451

certificate authority, 451

SSH, 453

SSL, 453

Transport layer security, 453

IPv6, 454

IPSec, 454

security association, 454

security parameter index, 455

authentication header, 455

encapsulated security payload, 455

ISAKMP, 455

ISAKMP key exchange, 455

signed code, 456

content integrity, 457

error detection, 458

error correction code, 458

parity, 458

even parity, 458

odd parity, 458

hash code, 458

Huffman code, 458

cryptographic checksum, 459

message digest, 459

strong authentication, 459

one-time password, 459

password token, 459

challengeresponse system, 460

Digital Distributed Authentication, 460

Kerberos, 461

ticket-granting server, 461

ticket, 461

router ACL, 464

Service Set Identifier, 466

Wired equivalent privacy, 467

WiFi Protected Access, 467

Temporal Key Integrity Program, 467

honeypot, 468

traffic flow security, 469

onion routing, 470

firewall, 474

reference monitor, 474

packet filtering gateway, 475

screening router, 475

stateful inspection, 477

application proxy, 478

bastion host, 478

guard, 480

personal firewall, 481

layered protection, 484

defense in depth, 484

intrusion detection system, 484

network-based IDS, 485

host-based IDS, 485

signature-based IDS, 485

anomaly detection, 485

statistical analysis, 485

heuristic intrusion detection, 486

misuse detection, 487

stealth mode, 487

scanner, 488

IDS alarm, 489

false positive, 489

false negative, 489

secure e-mail, 490

message confidentiality, 491

message integrity check, 491

sender authenticity, 491

sender nonrepudiation, 491

key management, 493

PGP, 494

key ring, 495

S/MIME, 496




Security in Computing
Security in Computing, 4th Edition
ISBN: 0132390779
EAN: 2147483647
Year: 2006
Pages: 171

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net