Table of Contents
Advertisement
Router (Gateway)
– A router is a device that selects intelligent pathways for network packets. Strictly
speaking, a gateway is something different than a router, but in connection with TCP/IP, both terms are
synonyms. To establish connections throughout world and not just stay within one's own network, one has to
introduce this router (gateway) to one's computer. Normally, the highest address on the network 134.93.178.0
is the address 134.93.179.254 (since 134.93.179.255 is the broadcast). Generally, a router is a node that
forwards packets not addressed to itself. Requirements for a router are defined in IETF RFC 1812.
– A public key encryption and digital signature algorithm. It was invented by Ron Rivest, Adi Shamir, and
RSA
Leonard Adleman. The RSA algorithm was patented by RSA Security, but the patent expired in September
2000.
– A synchronization protocol that uses checksums to determine differences (as opposed to using
Rsync
modification dates) and does a partial file transfer (transferring only the differences instead of entire files).
Rsync was developed by Andrew Tridgell and Paul Mackerras; the rsync daemon (rsyncd) provides an
efficient, secure method for making files available to remote sites.
– The configuration settings used to set how packets are filtered. The rules are set with the network and
Rules
service definitions set up in the Networks & Services menu. When setting packet filter rules, the two basic
types of security policies are:
1. All packets are allowed through – the rules setup must be informed explicitly what is forbidden.
2. All packets are blocked – the rules setup needs information about which packets to let through.
This lets you explicitly define which packets may pass through the filter. All other packets are blocked
and can be displayed for viewing. See also "Filtering".
– The main purpose of SCP is the safe copying of files between local and remote
SCP (Secure copy)
computers. The MultiAccess supports login using SCP. A Windows SCP client can be downloaded from
http://winscp.vse.cz/eng/. WinSCP is freeware SCP client for Windows 95/98/2000/NT using SSH (Secure
shell). WinSCP manages some other actions with files beyond the basic file copying function.
– The key used both for encryption and decryption in secret-key cryptography.
Secret Key
– A communication medium that is safe from the threat of eavesdroppers.
Secure Channel
– A random bit sequence used to generate another, usually longer, pseudo-random bit sequence.
Seed
– Enterprises should have a carefully planned set of statements in place regarding network
Security Policy
protection. A good corporate Internet security policy should define acceptable use, acceptable means of
remote access, information types and required encryption levels, firewall hardware and software management
processes and procedures, non-standard access guidelines, and a policy for adding new equipment to the
network. New security protocols, new services, and security software upgrades should also be considered.
The purpose of a security policy is to define how an organization is going to protect itself. The policy will
generally require two parts: a general policy and specific rules (system specific policy). The general policy sets
the overall approach to security. The rules define what is and what is not allowed. The security policy describes
how data is protected, which traffic is allowed or denied, and who is able to use the network resources.
– A server is a device on the network that provides mostly standardized services (e.g., www, FTP,
Server
news, etc.). To be able to use these services, you as a user require the comparable client requirements for the
desired service.
SHA (Secure Hash Algorithm)
that produces a 160-bit digest. See MD5. SHA-1 is defined in FIPS PUB 180-1.
SHA-1 (Secure Hash Algorithm version one)
Digital Signature Standard (DSS).
S-HTTP (Secure HTTP)
Hypertext Transfer Protocol (HTTP), which forms the basis for the World Wide Web.
Secure HTTP (S-HTTP) provides independently applicable security services for transaction confidentiality,
authenticity/integrity and non-reputability of origin. The protocol emphasizes maximum flexibility in choice of
key management mechanisms, security policies, and cryptographic algorithms by supporting option negotiation
between parties for each transaction. The current IETF RFC describes S-HTTP version 1.2. Previous versions
of S-HTTP numbered 1.0 and 1.1 have also been released as Internet-Drafts.
– A functionality equivalent to DNAT, except that the source addresses of the IP packets
SNAT (Source NAT)
are converted instead of the target address. This can be helpful in more complex situations (e.g., for diverting
MultiAccess Communications Server MA30120 User Guide
– A United States government standard for a strong one-way, hash algorithm
– The algorithm designed by NSA, and is part of the U.S.
– The IETF RFC that describes a syntax for securing messages sent using the
Glossary
175
Advertisement
Table of Contents
