Cisco IPS-4255-K9 - Intrusion Protection Sys 4255 Installation Manual page 384

Glossary
Gathers actions that have occurred in a log file. Logging of security information is performed on two
logging
levels: logging of events (such as IPS commands, errors, and alerts), and logging of individual IP
session information.
Remote access, back door Trojan, ICMP tunneling software. When the computer is infected, the
LOKI
malicious code creates an ICMP tunnel that can be used to send small payload ICMP replies.
M
The main application in the IPS. The first application to start on the sensor after the operating system
MainApp
has booted. Reads the configuration and starts applications, handles starting and stopping of
applications and node reboots, handles software upgrades.
The bootable disk partition on the IDSM2, from which an IPS image can be installed on the application
maintenance
partition partition. No IPS capability is available while the IDSM2 is booted into the maintenance partition.
The bootable software image installed on the maintenance partition on an IDSM2. You can install the
maintenance
maintenance partition image only while booted into the application partition.
partition image
A base version that contains major new functionality or a major architectural change in the product.
major update
Malicious software that is installed on an unknowing host.
Malware
Full IPS system image used by manufacturing to image sensors.
manufacturing
image
A remote sensor that controls one or more devices. Blocking forwarding sensors send blocking requests
master blocking
to the master blocking sensor and the master blocking sensor executes the blocking requests.
sensor
Message Digest 5. A one-way hashing algorithm that produces a 128-bit hash. Both MD5 and Secure
MD5
Hash Algorithm (SHA) are variations on MD4 and strengthen the security of the MD4 hashing
algorithm. Cisco uses hashes for authentication within the IPSec framework. Also used for message
authentication in SNMP v.2. MD5 verifies the integrity of the communication, authenticates the origin,
and checks for timeliness.
Defines events that occur in a related manner within a sliding time interval. This engine processes
Meta engine
events rather than packets.
Management Information Base. Database of network management information that is used and
MIB
maintained by a network management protocol, such as SNMP or CMIP. The value of a MIB object can
be changed or retrieved using SNMP or CMIP commands, usually through a GUI network management
system. MIB objects are organized in a tree structure that includes public (standard) and private
(proprietary) branches.
Multipurpose Internet Mail Extension. Standard for transmitting nontext data (or data that cannot be
MIME
represented in plain ASCII code) in Internet mail, such as binary, foreign language text (such as
Russian or Chinese), audio, or video data. MIME is defined in RFC 2045.
A minor version that contains minor enhancements to the product line. Minor updates are incremental
minor update
to the major version, and are also base versions for service packs.
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
GL-12
OL-18504-01