7.8. Terms and Concepts single point of failure, 377 resilience, 377 fault tolerance, 377 server, 378 client, 378 node, 379 host, 379 link, 379 workstation, 379 topology, 381 network boundary, 381 network ownership, 381 network control, 381 digital, 382 analog, 382 modem, 382 twisted pair, 382 unshielded twisted pair, 382 bandwidth, 382 coaxial cable, 382 Ethernet, 383 repeater, 383 amplifier, 383 optical fiber, 383 wireless LAN, 383 802.11, 383 microwave, 383 infrared, 383 satellite, 384 geosynchronous orbit, 384 transponder, 384 footprint, 384 protocol, 385 protocol stack, 385 ISO reference model, 386 OSI model, 386 application layer, 386 presentation layer, 386 session layer, 386 transport layer, 386 network layer, 386 data link layer, 386 physical layer, 386 peer, 386 router, 387 packet, 387 network interface card, 387 MAC address, 388 frame, 388 session header, 388 logical connection, 388 sequencing, 389 TCP, 391 IP, 391 UDP, 391 application layer, 391 transport layer, 391 Internet layer, 391 physical layer, 391 port, 391 SMTP, 392 HTTP, 392 FTP, 392 SNMP, 392 IP address, 393 domain, 393 top-level domain, 393 local area network, 394 LAN, 394 wide area network, 395 Internet Society, 395 anonymity, 397 motivation for attack, 400 challenge, 400 fame, 402 money, 402 espionage, 402 organized crime, 403 ideology, 403 hactivism, 403 cyberterrorism, 403 reconnaissance, 404 intelligence, 404 port scan, 404 social engineering, 405 fingerprinting, 406 eavesdrop, 408 war driving, 408 passive wiretap, 409 active wiretap, 409 packet sniffer, 409 inductance, 409 impedance, 410 multiplexed signals, 410 interception, 412 theft of service, 412 RFC (request for comments), 414 impersonation, 415 authentication, 415 guessing authentication, 415 eavesdropping authentication, 416 avoiding authentication, 416 nonexistent authentication, 417 well-known authentication, 417 trusted authentication, 418 spoof, 418 masquerade, 418 phishing, 419 session hijacking, 419 man-in-the-middle attack, 420 session hijacking, 420 misdelivery, 420 message exposure, 421 interception, 421 traffic flow analysis, 422 message falsification, 422 message replay, 422 message fabrication, 422 theft of service, 422 noise, 423 interference, 423 protocol flaw, 423 impersonation, 423 malformed packet, 423 protocol failure, 423 web site defacement, 424 buffer overflow, 425 dot-dot attack, 425 address resolution, 425 application code attack, 426 server-side include, 427 denial-of-service attack, 427 transmission failure, 427 connection flooding, 427 ICMP, 428 ping, 428 echo, 428 chargen, 428 ping of death, 428 smurf, 428 syn flood, 429 SYN, 429 ACK, 429 teardrop attack, 430 DNS attack, 431 distributed denial of service, 431 zombie, 431 Tribal Flood Network, 432 TRIN00, 432 TFN2K, 432 active code, 433 mobile code, 433 cookie, 434 script, 434 escape-character attack, 434 active server page, 435 Java code, 435 sandbox, 435 Java virtual machine, 435 hostile applet, 436 ActiveX, 436 bot, 437 botnet, 437 script kiddie, 438 building block attack, 438 network segmentation, 442 redundancy, 443 failover mode, 443 single point of failure, 443 link encryption, 445 end-to-end encryption, 446 virtual private network, 449 encrypted tunnel, 449 PKI (public key infrastructure), 450 certificate, 451 certificate authority, 451 SSH, 453 SSL, 453 Transport layer security, 453 IPv6, 454 IPSec, 454 security association, 454 security parameter index, 455 authentication header, 455 encapsulated security payload, 455 ISAKMP, 455 ISAKMP key exchange, 455 signed code, 456 content integrity, 457 error detection, 458 error correction code, 458 parity, 458 even parity, 458 odd parity, 458 hash code, 458 Huffman code, 458 cryptographic checksum, 459 message digest, 459 strong authentication, 459 one-time password, 459 password token, 459 challengeresponse system, 460 Digital Distributed Authentication, 460 Kerberos, 461 ticket-granting server, 461 ticket, 461 router ACL, 464 Service Set Identifier, 466 Wired equivalent privacy, 467 WiFi Protected Access, 467 Temporal Key Integrity Program, 467 honeypot, 468 traffic flow security, 469 onion routing, 470 firewall, 474 reference monitor, 474 packet filtering gateway, 475 screening router, 475 stateful inspection, 477 application proxy, 478 bastion host, 478 guard, 480 personal firewall, 481 layered protection, 484 defense in depth, 484 intrusion detection system, 484 network-based IDS, 485 host-based IDS, 485 signature-based IDS, 485 anomaly detection, 485 statistical analysis, 485 heuristic intrusion detection, 486 misuse detection, 487 stealth mode, 487 scanner, 488 IDS alarm, 489 false positive, 489 false negative, 489 secure e-mail, 490 message confidentiality, 491 message integrity check, 491 sender authenticity, 491 sender nonrepudiation, 491 key management, 493 PGP, 494 key ring, 495 S/MIME, 496 |