NAT

Network Address Translation. The translation of an IP address used on

 

one network to an IP address on another network. Masquerading is

 

one particular form of NAT.

 

 

Net mask

The way that computers know which part of a TCP/IP address refers to

 

the network, and which part refers to the host range.

 

 

NTP

Network Time Protocol (NTP) used to synchronize clock times in a

 

network of computers.

 

 

Oakley Group

See Diffie-Hellman Group or Oakley Group.

 

 

PAT

Port Address Translation. The translation of a port number used on

 

one network to a port number on another network.

 

 

PEM, DER,

These are all certificate formats.

PCKS#12

 

PCKS#07

 

 

 

Perfect Forward

A property of systems such as Diffie-Hellman key exchange which use

Secrecy

a long-term key (such as the shared secret in IKE) and generate short-

 

term keys as required. If an attacker who acquires the long-term key

 

provably can neither read previous messages which he may have

 

archived nor read future messages without performing additional

 

successful attacksthen the system has PFS. The attacker needs the

 

short-term keys in order to read the traffic and merely having the long-

 

term key does not allow him to infer those. Of course, it may allow him

 

to conduct another attack (such as man-in-the-middle) which gives him

 

some short-term keys, but he does not automatically get them just by

 

acquiring the long-term key.

 

 

Phase 1

Sets up a secure communications channel to establish the encrypted

 

tunnel in IPSec.

 

 

Phase 2

Sets up the encrypted tunnel in IPSec.

 

 

PPP

Point-to-Point Protocol. A networking protocol for establishing simple

 

links between two peers.

 

 

PPPoE

Point to Point Protocol over Ethernet. A protocol for connecting users

 

on an Ethernet to the Internet using a common broadband medium

 

(e.g. single DSL line, wireless device, cable modem, etc).

 

 

PPTP

Point to Point Tunneling Protocol. A protocol developed by Microsoft™

 

that is popular for VPN applications. Although not considered as

 

secure as IPSec, PPP is considered "good enough" technology.

 

Microsoft has addressed many flaws in the original implementation.

 

 

Preshared secret

A common secret (passphrase) that is shared between the two parties.

 

 

Quick Mode

This Phase 2 keying mode automatically exchanges encryption and

 

authentication keys that actually establishes the encrypted tunnel.

 

 

Rekeying

The process of renegotiating a new set of keys for encryption and

 

authentication.

 

 

Road warrior

A remote machine with no fixed IP address.

174

Appendix B – Terminology

Page 177 Page 179
Page 178
Image 178
SnapGear 2.0.1 user manual Ntp, Appendix B Terminology
Page 177 Page 179
Top Page Image Contents