Multitech MultiAccess MA30120 User Manual page 170

Communications server

Hide thumbs Also See for MultiAccess MA30120:

Quick start manual (29 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

Table of Contents

header from the physical layer, followed by a header from the datalink layer (e.g., Ethernet), followed by a

header from the network layer (IP), followed by a header from the transport layer (e.g. TCP), followed by the

application protocol data.

– A form of security wherein readable data is changed to a form that is unreadable to unauthorized

Encryption

users. Encryption involves the conversion of data into a secret code for transmission over a public network.

The original (plain) text is converted into coded form (called cipher text) using an encryption algorithm. The

cipher text is decoded (decrypted) at the receiving end, and is converted back into plain text.

ESP (Encapsulating Security Payload)

combination with AH. Security services can be provided between a pair of communicating hosts, between a

pair of communicating security gateways, or between a security gateway and a host. ESP may be used to

provide the same security services as AH, plus it provides an encryption service. The main difference between

the ESP authentication method and the AH authentication method is that ESP does not protect any IP header

fields unless those fields are encapsulated by ESP (tunnel mode). ESP is important for the integrity and

encryption of datagrams.

– Certificates and keys may have a limited lifetime, and expiration dates are used to monitor

Expiration Date

and control their useful life.

– A set of rules that define what packets may pass through a network. Filters can use source,

Filter

destination, or protocol to determine whether to pass or discard a packet transmission. Part of a packet (the

header) must contain information that matches the information in the defined rules or else the packet filter will

discard it.

– The act or process of defining which data traffic is to be allowed between the network and hosts,

Filtering

typically using packet filter rules. Filtering is the central part of firewall security. With packet filter rules, you

define which data traffic is allowed between the networks and hosts. You can also define particular packets to

be filtered and are not to be allowed to pass through the firewall. Several types of filtering exist (e.g., Protocol

filtering, port number filtering, URL address filtering, and IP address filtering).

– Windows NT and 2000 have a TCP/IP utility called Finger. This utility is an old TCP/IP tool (very

Finger

popular on UNIX systems) that matches an email address with the person who owns it and provides

information about that person. While the Finger utility is fairly old (there are more advanced tools available that

performs the same general function), it still works and can be a useful tool in certain situations.

The Finger utility was actually developed as the Finger Information Protocol. Finger was designed to provide

an interface to the Remote User Information Program (RUIP). RUIP provides information about users who have

accounts on UNIX-based computer networks. The Finger utility was created six years before the Internet was

born. The first documentation on the Finger utility was in IETF RFC742, dated December 1977. A popular

slogan promoting the phone book's yellow pages was "Let your fingers do the walking". The utility was

christened "Finger", since the utility was basically designed for tracking down people.

The Finger Information Protocol let UNIX users on college campuses create a profile, called a "Plan page",

which included personal and job-related information. A Plan page was similar to a personal home page on the

Internet today. So when someone "Fingered" your email address, they learned more about you. The Finger

utility is a command line tool, so in Windows NT or Windows 2000 you must first access a command-prompt

window to use it. You then type the command followed by an email address.

– A device that serves to shield and thus protect a (partial) network (e.g., MultiAccess) from another

Firewall

network (e.g. the Internet). The entire network traffic runs via the firewall where it can be controlled and

regulated. Technically this can be achieved in different ways. The use of special hardware firewalls is rare.

More frequent is the use of routers with firewall options. The most common is use of firewall software on a

specially dedicated computer.

– A combination of hardware and software that links two different types of networks. E.g., gateways

Gateway

between email systems allow users on different email systems to exchange messages.

– A person who tries to, and/or succeeds at defeating computer security measures.

Hacker

– The terms used by hackers; entire dictionaries exist to document hacking terms (e.g.,

Hacking Lexicon

http://www.robertgraham.com/pubs/hacking-dict.html). These documents clarify many of the terms used within

the context of information security (infosec).

– A one-way security function that takes an input message of arbitrary length and produces a fixed-

Hash

length digest. Used in SHA (Secure Hash Algorithm).

MultiAccess Communications Server MA30120 User Guide

– An authentication protocol much like AH. IP ESP may be applied in

Glossary

170

Table of Contents

Multitech MultiAccess MA30120 User Manual page 170

Related Manuals for Multitech MultiAccess MA30120

Related Products for Multitech MultiAccess MA30120

Table of Contents