114
APPENDIX A
Glossary
Term
Description
Access Point
A device that transports data between a wireless network and a wired network. With
the helpof the system, a wireless base station is an example of an access point that
acts between a wireless node and with other wired PCs and peripherals.
Default Gateway
A device that is placed between network segments (or “subnets”) to ensure that traffic
is properly routed between different subnets. To communicate with a device on
another network, users need to know the default gateway’s IP address.
DHCP (Dynamic Host
Configuration Protocol)
A TCP/IP protocol that allows servers to assign IP addresses dynamically to PCs and
workstations. The PC or workstation “borrows” the IP address for a period of time,
then the IP address returns to the DHCP server for reassignment.
DMZ (Demilitarized Zone)
A computer or small subnetwork that sits between a trusted internal network (such as
a LAN), and an untrusted external network (such as the Internet). Typically, the DMZ
contains devices accessible to Internet traffic, such as Web (HTTP) servers, FTP
servers, SMTP (e-mail) servers, and DNS servers.
DNS (Domain Name System)
The DNS is the way that Internet domain names (such as www.2wire.com) are
located and translated into IP addresses.
DSLAM (Digital Subscriber Line
Access Multiplexer)
A device found in telephone company central offices that takes a number of DSL
subscriber lines and concentrates them onto a single ATM line.
Ethernet
A type of local area network that operates over twisted wire and cable at speeds of up
to 10 Mbps.
ICMP (Internet Control Message
Protocol)
ICMP supports packets containing error, control, and informational messages. For
example, the PING command uses ICMP to test an Internet connection.
Although ICMP is generally harmless, there are some message types that should be
dropped. Redirect (5), Alternate Host Address (6), and Router Advertisement (9) can
be used to redirect traffic from your site. Echo (8), Timestamp (13), and Address
Mask Request (17) can be used to obtain information on whether the host is up, the
local time, and the address mask used on your network, respectively. ICMP
messages are also sometimes used as part of DOS attacks (such as flood ping or
ping of death).
Invalid TCP flags.
Combination of TCP flags (such as SYN/FIN) that signal a malicious attempt to get
past the firewall.
IP (Internet Protocol).
The standard signaling method used for all communication over the Internet.
IP Address.
A numeric identifier for your computer. Just as the post office delivers mail to your
home address, servers know to deliver data to your computer based on your IP
address. IP addresses can be dynamic, meaning that your computer “borrows” the IP
address for the necessary timeframe, or they can be fixed, meaning that the number
is permanently assigned to your computer.
LAN (Local Area Network).
A network connecting a number of computers to each other or to a central server so
that the computers can share programs and files.
MAC (Media Access Control)
Address
A hardware address that has been embedded into the network interface card (NIC)
by its vendor to uniquely identify each node, or point of connection, of a network.
Map to Host Port
When set (not left blank or set to 0), this value provides the mapping offset to the local
computer. For example, if this value is set to 4000 and the range being opened is 100
to 108, the forwarded data to the first value in the range will be sent to 4000.
Subsequent ports will be mapped accordingly; 101 will be sent to 4001, 102 will be
sent to 4002, and so on.
MTU (maximum transmission unit)
The largest size packet or frame, specified in octets (eight-bit bytes), that can be sent
from a computer to the network. The Internet's TCP uses the MTU to determine the
maximum size of each packet in any transmission. If the MTU is too large, the packet
may need to be retransmitted if it encounters a router that can't handle that large a
packet. Too small an MTU size means relatively more header overhead and more
acknowledgements that have to be sent and handled. Most computer operating
systems provide a default MTU value that is suitable for most users. In general,
Internet users should follow the advice of their Internet service provider (ISP) about
whether to change the default value and what to change it to.