Cisco IPS-4240-K9 - Intrusion Protection Sys 4240 Installation Manual page 184

Glossary
Denial of Service attack that sends a host more TCP SYN packets (request to synchronize sequence
SYN flood
numbers, used when opening a connection) than the protocol implementation can handle.
The full IPS application and recovery image used for reimaging an entire sensor.
system image
T
A Cisco Technical Assistance Center. There are four TACs worldwide.
TAC
Terminal Access Controller Access Control System Plus. Proprietary Cisco enhancement to Terminal
TACACS+
Access Controller Access Control System (TACACS). Provides additional support for authentication,
authorization, and accounting.
Transmission Control Protocol. Connection-oriented transport layer protocol that provides reliable
TCP
full-duplex data transmission. TCP is part of the TCP/IP protocol stack.
The TCPDUMP utility is a free network protocol analyzer for UNIX and Windows. It lets you examine
TCPDUMP
data from a live network or from a capture file on disk. You can use different options for viewing
summary and detail information for each packet. For more information, see http://www.tcpdump.org/.
The interface on the IDS-4250-XL and IDSM-2 that can send TCP resets. On most sensors the TCP
TCP reset interface
resets are sent out on the same sensing interface on which the packets are monitored, but on the
IDS-4250-XL and IDSM-2 the sensing interfaces cannot be used for sending TCP resets. On the
IDS-4250-XL the TCP reset interface is the onboard 10/100/100 TX interface, which is normally used
on the IDS-4250-TX appliance when the XL card is not present. On the IDSM-2 the TCP reset interface
is designated as port 1 with Catalyst software, and is not visible to the user in Cisco IOS software. The
TCP reset action is only appropriate as an action selection on those signatures that are associated with
a TCP-based service.
Standard terminal emulation protocol in the TCP/IP protocol stack. Telnet is used for remote terminal
Telnet
connection, enabling users to log in to remote systems and use resources as if they were connected to
a local system. Telnet is defined in RFC 854.
A router with multiple, low speed, asynchronous ports that are connected to other serial devices.
terminal server
Terminal servers can be used to remotely manage network equipment, including sensors.
Tribe Flood Network 2000. A common type of Denial of Service (DoS) attack that can take advantage
TFN2K
of forged or rapidly changing source IP addresses to allow attackers to thwart efforts to locate or filter
the attacks.
Trivial File Transfer Protocol. Simplified version of FTP that lets files be transferred from one
TFTP
computer to another over a network, usually without the use of client authentication (for example,
username and password).
Works with Cisco sensors to provide an efficient intrusion protection solution. Threat Response
Threat Response
virtually eliminates false alarms, escalates real attacks, and aids in the remediation of costly intrusions.
Process whereby two protocol entities synchronize during connection establishment.
three-way
handshake
Installing Cisco Intrusion Prevention System Appliances and Modules 5.0
GL-16
78-16124-01