home »
# |
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
- 3DES
A triple strength version of the DES cryptographic standard, usually using a 168-bit key. 3DES would require a huge amount of computing power to crack.
- ActiveX
A Microsoft® reusable component technology used in many SSL VPN solutions to provide VPN client access in a road warrior's web browser.
- AES
Advanced Encryption Standard replaces DES as the US government's cryptographic standard. AES offers faster and stronger encryption than 3DES.
- AH
Authentication Header forms part of the IPSec tunnelling protocol suite. AH sits between the IP header and datagram payload to maintain information integrity, but not secrecy.
- Alias (or External Alias)
In SmoothWall terminology, an alias refers to an additional public IP that operates as an alternative identifier of the red interface.
- ARP
Address Resolution Protocol is a protocol that maps IP addresses to NIC MAC addresses.
- ARP Cache
Used by ARP to maintain the correlation between IP addresses and MAC addresses.
- Authentication
Authentication is the process of determining whether someone or something is who or what it declares itself to be.
- Bandwidth
Bandwidth is the rate that data can be carried from one point to another. Measured in Bps (Bytes per second) or Kbps.
- BIN
A binary certificate format, 8-bit compatible version of PEM.
- Buffer Overflow
An error caused when a program tries to store too much data in a temporary storage area. This can be exploited by hackers to execute malicious code.
- CA
A Certificate Authority is a trusted network entity, responsible for issuing and managing x509 digital certificates.
- Certificate
A digital certificate is a file that uniquely identifies its owner. A certificate contains owner identity information and its owner's public key. Certificates are created by CAs.
- Ciphertext
A message form that cannot be understood by unauthorised parties. Ciphertext is created from plain text by an encryption algorithm.
- Cracker
A malicious hacker.
- Cross-Over Cable
A network cable with TX and RX (transmit and receive) reversed at either end to provide a direct peer-to-peer network connection.
- Default Gateway
The gateway in a network that will be used to access another network if a gateway is not specified for use.
- DER
Distinguished Encoding Rules is a certificate format typically used by Windows operating systems.
- DES
A historical 64-bit encryption algorithm still widely used today. Scheduled for official obsolescence by the US government agency NIST.
- DHCP
Dynamic Host Control Protocol is a protocol for automatically assigning IP addresses to hosts joining a network.
- Dial-Up
A telephone based, non-permanent network connection, established using a modem.
- DMZ
An additional separate subnet, isolated as much as possible from protected networks.
- DMZ Pinhole
A firewall rule that allows DMZ host to Protected Network host communication between a specified pair of IP addresses and a port.
- DNS
Domain Name Service is a name resolution service that translates a domain name to an IP address and vice versa.
- Domain Controller
A server on a Mircrosoft® Windows network that is responsible for allowing host access to a Windows domain's resources.
- Dynamic IP
A non-permanent IP address automatically assigned to a host by a DHCP server.
- Encryption
The process of transforming plain text into ciphertext.
- Encryption Key
A sequence of characters used by an encryption algorithm to encrypt plain text into ciphertext.
- ESP
Encapsulating Security Payload is a protocol within the IPSec protocol suite that provides encryption services for tunnelled data.
- Exchange Server
A Microsoft® messaging system including mail server, email client and groupware applications (such as shared calendars).
- Exploit
A hardware or software vulnerability that can be 'exploited' by a hacker to gain access to a system or service.
- Firewall
A combination of hardware and software used to prevent access to private network resources.
- Gateway
A network point that acts as an entrance to another network.
- Green
In SmoothWall terminology, green identifies the Protected Network.
- Hacker
A highly proficient computer programmer who seeks to gain unauthorised access to systems without malicious intent.
- Host
A computer connected to a network.
- Hostname
A name used to identify a network host.
- HTTP
Hypertext Transfer Protocol is the set of rules for transferring files on the World Wide Web.
- HTTPS
A secure version of HTTP (using SSL).
- Hub
A simple network device for connecting networks and network hosts.
- IP Address
A 32-bit number that identifies each sender and receiver of network data.
- IPtables
The Linux packet filtering tool that is used by SmoothWall to provide firewalling capabilities.
- IPSec
Internet Protocol Security is an internationally recognised VPN protocol suite developed by the IETF (Internet Engineering Task Force).
- IPSec Passthrough
A 'helper' application on NAT devices that allows IPSec VPN traffic to pass through.
- ISP
An Internet Service Provider provides Internet connectivity.
- Kernel
The core part of an operating system that provides services to all other parts the operating system.
- L2TP
Layer 2 Transport Protocol is based on IPSec and combines Microsoft® PPTP and Cisco Systems® L2F tunnelling protocols.
- LAN
A Local Area Network is a network between hosts in a similar, localised geography.
- Leased Lines (or Private Circuits)
A bespoke high-speed, high-capacity site-to-site network that is installed, leased and managed by a TelCo.
- MAC Address
A Media Access Control address is the unique hardware identifier of a NIC.
- MX Record
Mail eXchange Record is an entry in a domain name database that specifies a mail server to handle a domain name's email.
- NAT
Network Address Translation is the translation of an IP address known within one network to a different IP address known within another network.
- NAT-T
NAT Traversal is a VPN Gateway feature that circumvents IPSec NATing problems. It is a more effective solution than IPSec Passthrough.
- NTP
Network Time Protocol is a protocol for synchronising a computer's system clock by querying NTP Servers.
- Orange
In SmoothWall, orange is used to identify a DMZ.
- PEM
Privacy Enhanced Mail is a popular certificate format.
- Perfect Forward Secrecy
A key-establishment protocol, used to secure previous VPN communications, should a key currently in use be compromised.
- PFS
See Perfect Forward Secrecy
- Phase 1
Phase 1 of a 2 phase VPN tunnel establishment process. Phase 1 negotiates the security parameter agreement.
- Phase 2
Phase 2 of 2 phase VPN tunnel establishment process. Phase 2 uses the agreed parameters from Phase 1 to bring the tunnel up.
- Ping
A basic program used to verify that a particular IP address can be seen from another.
- Pinhole
See DMZ Pinhole
- PKCS#12
A portable container file format for transporting certificates and private keys.
- Port
A service connection point on a computer system numerically identified between 0 and 65536. Port 80 is the HTTP port.
- Port Forward
A firewall rule that routes traffic from a receiving interface and port combination to another interface and port combination.
- PPP
Point-to-Point Protocol is used to communicate between two computers via a serial interface.
- PPTP
Peer-to-Peer Tunnelling Protocol, a widely used Microsoft® tunnelling standard deemed to be relatively insecure.
- Private Circuits
See Leased Lines.
- Private Key
A secret encryption key known only by its owner. Only the corresponding public key can decrypt messages encrypted using the private key.
- Protocol
A formal specification of a means of computer communication.
- Proxy
An intermediary server that provides Internet access to a pool of workstations.
- PSK
Pre-Shared Key is an authentication mechanism that uses a password exchange and matching process to determine authenticity.
- Public Key
A publicly available encryption key that can decrypt messages encrypted by its owner's private key. A public key can be used to send a private message to the public key owner.
- PuTTY
A free Telnet / SSH client.
- QOS
In relation to leased lines, Quality of Service is a contractual guarantee of uptime and bandwidth.
- RAS
A RAS (Remote Access Server) can be attached to a LAN to allow dial-up connectivity from other LANs or individual users.
- Red
In SmoothWall, red is used to identify the Unprotected Network (typically the Internet).
- Road Warrior
An individual remote network user, typically a travelling worker 'on the road' requiring access to a company network via a laptop. Usually has a dynamic IP address.
- Route
A path from one network point to another.
- Routing Table
A table used to provide directions to other networks and hosts.
- Rules
In firewall terminology, rules are used to determine what traffic is allowed to move from one network endpoint to another.
- Site-To-Site
A network connection between two LANs, typically between two business sites. Usually uses a static IP address.
- SmoothHost
A SmoothWall add-on module to provide support for multiple web, email and other servers via red aliasing.
- SmoothMonitor
A remote firewall monitoring add-on module for SmoothWall used to report and raise incident alerts.
- SmoothNode
A VPN companion module to SmoothTunnel used to add single tunnel capability to a SmoothWall system.
- SmoothTunnel
A standards based, highly secure, protocol independent VPN add-on module for SmoothWall.
- SMTP
Simple Mail Transfer Protocol is a protocol for sending and receiving email.
- Spam
Junk email, usually unsolicited.
- SQL Injection
A type of exploit whereby hackers are able to execute SQL statements via an Internet browser.
- Squid
A high performance proxy caching server for web clients.
- SSH
Secure Shell is a command line interface used to securely access a remote computer.
- SSL VPN
A VPN accessed via HTTPS from any browser (theoretically). SSL VPNs require minimal client configuration.
- Subnet
An identifiably separate part of an organisation's network.
- Switch
An intelligent cable junction device that links networks and network hosts together.
- Syslog
A server used by other hosts to remotely record logging information.
- VPN
A Virtual Private Network, a network connected together via securely encrypted communication tunnels over a public network, such as the global Internet.
- VPN Gateway
An endpoint used to establish, manage and control VPN connections.
- X509
Authentication method that uses the exchange of CA issued certificates to guarantee authenticity.
|
|
|
