Tools to help you resolve and network problems

A

ACL (Access Control List): A method of keeping in check the Internet traffic that attempts to flow through a given hub, router, firewall, or similar device. Access control is often accomplished by creating a list specifying the IP addresses and/or ports from which permitted traffic can come. The device stops any traffic coming from IP addresses or ports not on the ACL.
active mode FTP (File Transfer Protocol): One of two ways an FTP data connection is made. In active mode, the FTP server establishes the data connection. In passive mode, the client establishes the connection. In general, FTP user agents use active mode and Web user agents use passive mode.
activity light: An LED (light-emitting diode) that shines when a piece of hardware is working, communicating with the network, and transmitting data.
address learning: A method by which switches and routers determine the unique address number for each device on a network, enabling accurate transmission to and from each node.
address space probe: An intrusion technique in which a hacker sequentially scans IP addresses, generally as the information-gathering prelude to an attack. These probes are usually attempts to map IP address space as the hacker looks for security holes that might be exploited to compromise system security.
agent: A computer program that reports information to another computer or allows another computer access to the local system. Agents can be used for good or evil. Many security programs have agent components that report security information back to a central reporting platform. However, agents can also be remotely controlled programs hackers use to access machines.
AH (authentication header): An IPSec header used to verify that the contents of a packet have not been modified while the packet was in transit.
algorithm (encryption): A set of mathematical rules (logic) for the process of encryption and decryption.
API (Application Programming Interface): Programming tools that specify standard ways software programs within a given operating environment should act, so that numerous applications can play well together. These specifications and tools enable a developer to create applications that will interact well with other applications that the developer has never seen, because all the developers are working from standardized specifications. For example, the robust APIs in Windows allow many dissimilar software products to interact upon one another (and even look similar) within the Windows environment.
Argument: See parameter.
ARP (Address Resolution Protocol): Each device on a network has at least two addresses: a media access control (MAC) address, and an Internet Protocol (IP) address. The MAC address is the address of the physical network interface card inside the device, and never changes for the life of the device. The IP address can change if the machine moves to another part of the network or the network uses DHCP. ARP, one of the IP protocols, is used to match, or resolve, an IP address to its appropriate MAC address (and vice versa). ARP works by broadcasting a packet to all hosts attached to an Ethernet. The packet contains the IP address the sender is interested in communicating with. Most hosts ignore the packet. The target machine, recognizing that the IP address in the packet matches its own, returns an answer. For more details, see the LiveSecurity Service article, "Foundations: What Are NIC, MAC, and ARP?"
ARP table: A table of IP addresses stored on a local computer, used to match IP addresses to their corresponding MAC addresses.
See also ARP.
ASN.1 (Abstract Syntax Notation One): An international standard that aims at specifying data used in communication protocols. ISO/IEC standard for encoding rules used in ANSI X.509 certificates. Two common types exist: DER (Distinguished Encoding Rules) and BER (Basic Encoding Rules).
asymmetric keys: A pair of encryption keys, composed of one public key and one private key. Each key is one way, meaning that a key used to encrypt data cannot be used to decrypt the same data. However, information encrypted using the public key can be decrypted using the private key, and vice versa. This technology is commonly applied to e-mails, which are encrypted for confidentiality en route.
attack: An attempt to break into a system.
ATM (asynchronous transfer mode): A networking technology that breaks data into fixed-length cells, enabling high transfer speeds. ATM is widely used for the backbone, or core, of the Internet.
authentication: 1. The process of identifying an individual, usually based on a user name and password. Authentication iusually requires something a person has (such as a key, badge, or token), something a person knows (such as a password, ID number, or mother's maiden name), or something a person is (represented by a photo, fingerprint or retina scan, etc). When authentication requires two of those three things, it is considered strong authentication.; 2. A method of associating a user name with a workstation IP address, allowing the tracking of connections based on name rather than IP address. With authentication, you can track users regardless of which machine a person chooses to work from.
autopartitioning: A feature on some network devices that isolates a node within the workgroup when the node becomes disabled, so as not to affect the entire network or group.
authorization: To convey official access or legal power to a person or entity.