INDEX. Symbols. 3DES over4 mechanism to4 mechanism...101

Transcription

1 INDEX Symbols 3DES over4 mechanism to4 mechanism A AA...24 AAAA...99 access control list. See ACL ACK ACK-SYN message ACL ActiveX...38 Active attacks Active Directory...119, 120 Adaptive Network Security Alliance. See ANSA Address Resolution Protocol. See ARP Advances Encryption Standard. See AES AES...57 Aggregatable Global Unicast Addresses. See AGUA AGUA...87 AH...23 AH in transport mode...48 AH tunnel mode...48 AIIH...99 ALG...103, 144 ALS...42 ANSA API...47 Application Layer Security. See ALS Application Level Gateway. See ALG Application Program Interface. See API ARP...35, 192 Assignment of the IPv4 addresses to IPv6 Hosts. See AIIH Asynchronous Transfer Mode. See ATM ATM...12, 44, 95 authenticated IP datagram...63 Authentication Algorithm. See AA Authentication Header. See AH Authentication method Automatic Tunnelling Mechanism B BIA biometrics...28, 105, 203 biometrics technology biometric authentication biometric calculation biometric element biometric profile...70, 173 BITS...46, 103 BITW...46 BSD Unix bump-in-the-stack. See BITS bump-in-the-wire. See BITW C CA...162, 163 Certificate of authority. See CA Checksum...93 CIDR...81 cipher text...62 Classless Inter-domain Routing. See CIDR Close-in IPSec configured tunnel mechanism cryptographic authentication...20 cryptographic protocol...51 cryptographic security system cryptography crypto access list crypto ACL crypto map cyber...27 D DARPA...75 Data-Link-Layer Security. See DLLS Data Encryption Standard. See DES DDOS DECNET...31 Defence Advanced Research Projects Agency. See DARPA Denial of Service. See DoS DES...57, 138 DHCP...75, 91 DHCPv Discrete Logarithm Problem Disinformation or fabrication attack distributed denial of service. See DDOS

2 220 Index DLLS...45, 192 DNS zone DOI...24 Domain of Interpretation Document. See DOI DoS...4, 7, 8, 214, 216 dot NET...39 DSTM...99 Dual-stack. See Dual IP layer Dual IP layer...99 Dual Stack Transition Mechanism. See DSTM Dynamic Host Configuration Protocol. See DHCP Dynamic NAT E e-commerce. See ec EA...24 ec...26 Elliptic Curves Encapsulating Security Payload. See ESP Encapsulation mode...63 encrypted algorithm encrypted IP datagram...63 encryption...3, 213 Encryption Algorithm. See EA Encryption algorithm encrypt passwords...3 end-to-end security...49 ESP...23, 60 ESP in transport mode...48 ESP trailer...59 ESP tunnel mode...48 Ethernet...80 F facial characteristics FBI File Transfer Protocol. See FTP fingerprints finger print firewall...9, 20 Flow Label field...95 Format Prefix. See FP FP...87 Frame Relay...44 FreeBSD...10, 11 FTP...32, 34, 68, 82 G Group Policy H Hacker...67 handwriting Hashing Message Authentication Code. See HMAC Hash algorithm HCI HMAC...16, 58 HMAC-MD HMAC-SHA HTML...68 HTTP...39, 40, 68 human-computer interaction. See HCI human voice Hypertext Transfer Protocol. See HTTP I IAB...10 IANA ICMP...35, 76, 129 ICMPv ICMP message ICT...26 ICV...56, 57 IETF...6, 10, 11, 12, 25, 46 IKE... 11, 20, 25, 54, 108, 119, 137, 208 IKE policy IKE policy parameters IKE SA IKE SA lifetime IKMP...65 IMAP...40 Information and Communication Technologies. See ICTC Information Systems. See IS integrity check value. See ICV Inter-lock IPSec Interception Internet...1 Internet Architecture Board. See IAB Internet assigned numbers authority. See IANA Internet Control Message Protocol. See ICMP Internet datagram...76

3 Index 221 Internet Engineering Task Force. See IETF; See also IETF Internet Exchange Protocol. See IXP Internet Key Exchange. See IKE Internet Key Management Protocol. See IKMP Internet Messaging Access Protocol. See IMAP Internet module...76 Internet protocol...76 Internet Protocol Security. See IPSec; See also IPSec Internet Research Task Force. See IRTF Internet Security Association and Key Management Protocol. See ISAKMP; See ISAKMP Internet Security Event Response Process. See ISERP Internet Security Systems. See ISS Internet Service Provider. See ISP Internet switches packet...76 Interruptions intruders IP 1, 138 IP/MPLS...44 IPSec...3, 165, 166, 173 IPSec policy...49, 174, 175 IPSec services...54 IPSec transport mode...48 IPSec tunnel mode...50 IPv4...3, 20, 75 IPv4 address IPv6...3, 75 IPv6 address...86 IPv6 header...95 IPv6 packet IP address...35, 79, 110, 150 IP datagram...55 IP header IP packet...59, 173 IP packet header IP protected packet...70 IP Security Labels iris features iris patterns IRTF...10 IS 27 ISAKMP...23, 65, 137 ISERP...166, 196 ISP...36, 84 ISS IXP...84 J Java applet...38 Java Virtual Machine. See JVM JunOS JVM...38 K KAME KAME group KDC. See Key Distribution Centre keystroke patterns Key Distribution Centre. See KDC Key distribution method Key exchange L L2TP...14 Label Switch Path. See LSP Label Switch Router. See LSR LAN...35, 192, 197 LAN-to-LAN IPSec...47 Layer 2 Tunnelling Protocol. See L2TP LDAP...40 Lightweight Directory Access Protocol. See LDAP Link Local Addresses. See LLA Linux...10 LLA...88 local area network. See LAN Loop back Address...88 LSP...12 LSR...12 M MAC...56, 58 Main Mode...66 MD MD5-HMAC Message Authentication Code. See MAC Microsoft IPSec...39 Modification attack MPLS...12 Multi-Protocol Label Switching. See MPLS

4 222 Index Multicast...89 multicast address...89 N NAPT NAT...3, 70, 81, 147, 202 NAT-PT NetBSD...11 Network-Layer Security. See NLS Network Address Port Translation. See NAPT Network Address Translation. See NAT network router...9 Next-Level Aggregation. See NLA NGT Working Group...97 NIST...57 NLA...87 NLS...43, 193 non-repudiation...151, 212 O OAKLEY...65 Oakley determination protocol...23 OpenBSD...11 Open IPSec Open IPSec network Open Systems Interconnection. See OSI OSI...31 OSPS P packet-switching node. See PSN passive attacks PDU...55 PEP perfect forward secrecy. See PFS performance enhancement proxy. See PEP personal identifiable information. See PII PFS...65 PII PMTUD...92 POP3...37, 68, 194 post office protocol. See POP3 pre-shared key-password. See PSK Protocol Data Unit. See PDU PSK PSN public key cryptography Public Switch Telephone Networks. See PSTN Q QoS...12, 82, 142, 202, 213 Quality of Service. See QoS Quick Mode...66 R Remote-access IPSec...47 Repudiation Request for Comments. See RFC RES...87 Reserved. See RES RFC...6, 10 RIP...79 router...20 Routing Information Protocol. See RIP RSA Method S SA...25, 27 SAD...64, 69, 121, 201 SANS Institute SASSER worm...20 Secret key...62 Secure Key Exchange MEchanism. See SKEME Secure Server...49 Secure Sockets Layer. See SSL; See also SSL security association. See SA Security Association Database. See SAD security breach security gateway Security Parameter Index. See SPI security policy...69 Security Policy Database. See SPD; See SPD session hijacking authentication mechanisms. 151 SHA-HMAC SHA shared-secret. See PSK signature signs the private key. See SKCA Simple Internet Transition. See SIT Simple Key Management Protocol. See SKIP Simple Mail Transfer Protocol. See SMTP

5 Index 223 Simple network management protocol. See SNMP SIPSec...153, 163, 164, 166, 169, 172, 195, 198, 204, 207 SIPSec model...9 SIPSec policy...175, 197 SIT...97 Site-Level Aggregation. See SLA SKCA SKEME...65 SKIP...65 SLA...87, 88 SMDS...44 SMTP...34, 68, 194 SNA...31 Sniffing...67 SNMP socks Solaris...10 SPD...25, 64, 69, 121 SPI...54, 63, 141, 202 SSH SSL...39, 40, 213. See Secure Sockets Layer Standard Server...49 Static NAT Switched Multimegabit Data Service. See SMDS SYN...4 Synchronising flood attacks. See SYN Synchronising Internet protocol security. See SIPSec T TCP.. 2, 138, 161. See Transmission Controls Protocol TCP/IP application TCP/IP driver TCP/IP stack TCP/UDP TELNET...32, 68, 194 Telnet...82 TELNET TLA...87 TLS...43, 160, 161 Token Ring...80 Top Level Aggregation. See TLA translation mechanism Transmission Controls Protocol. See TCP Transport-Layer Security Transport Layer Security. See TLS Transport layer security. See TLS Transport relay translator. See TRT Trojan horse...9 TRT tunnel broker U UDP...31, 43, 138, 161 UNIX...36, 192, 195 UNIX system...7, 163 Unspecified Address...88 User Datagram Protocol. See UDP; See also UDP V v6. See IPv6 VAC Virtual Private Network. See VPN VPN...3, 12, 20, 43, 137 VPN Accelerator Card. See VAC W WAN...35, 192, 197 wide area network. See WAN Windows Windows NT...38 Windows XP...9, 122 X X XML...68