Snort | Snort is an open source network intrusion detection and prevention system that uses rules |
| created with a special syntax to examine and control specified traffic. |
SPAN Port | Switched Port Analyzer (SPAN) Port is a switch port that receives a copy of specific traffic that |
| passes through a switch. The SPAN port is also called a mirroring port. |
State | State is information about a flow including the source address, destination address, source |
| port, and destination port. See Flow. |
Static Rules | Static rules are rules that are specified in a file using Snort syntax, and then compiled to |
| become part of the firmware. Static rules can be disabled/enabled individually, but they cannot |
| be changed once they have been loaded into the FPGA. To change static rules, you make |
| changes to the rules in the original rules file, recompile them, and reload the new firmware in |
| the FPGA. |
SYN | A synchronous packet (SYN) is a packet sent from the client to the server that requests a TCP |
| connection. It is the first part of the TCP handshake that establishes a TCP connection |
| between the client and server. |
| The second part of the handshake is where the server sends a |
| client to acknowledge the receipt of the SYN request. Finally, the client sends an ACK packet |
| to the server to complete the connection. A SYN flood is a type of denial of service attack |
| where a series of handshakes is initiated but not completed because the final ACK packet is |
| never sent to the server. This occupies the server’s resources, which results in a denial of |
| service for other clients. See ACK. |
Tap | A tap is a device that can passively monitor network traffic, and is analogous to a telephone |
| wire tap. |
XFP | XFP is a tranceiver that interfaces a network device and a fiber or unsheilded twisted pair |
| (UTP) network cable. It can transmit data at a rate of 10 Gb/s. |
128
