|
|
This appendix lists the acronyms and abbreviations used in this document. Refer to "Command Reference," for information on the commands described in this section.
For more information on acronyms used in this guide, refer to the Internetworking Terms and Acronyms guide, which can be viewed online at the following site:
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ita/index.htm
| Acronym | Description |
|---|---|
AAA | Authentication, authorization, and accounting. |
AH | Authentication Header. |
ARP | Address Resolution Protocol—A low-level TCP/IP protocol that maps a node's hardware address (called a "MAC" address) to its IP address. Defined in RFC 826. An example hardware address is 00:00:a6:00:01:ba. (The first three groups specify the manufacturer, the rest identify the host's motherboard.) |
BGP | Border Gateway Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run BGP on the rest of the network before the routers. |
BOOTP | Bootstrap Protocol—Lets diskless workstations boot over the network and is described in RFC 951 and RFC 1542. |
CA | Certification Authority. |
CHAP | Challenge Handshake Authentication Protocol. Security feature supported on lines using PPP encapsulation that prevents unauthorized access. |
CPP | Combinet Proprietary Protocol. |
chargen | Character Generation—Via TCP, a service that sends a continual stream of characters until stopped by the client. Via UDP, the server sends a random number of characters each time the client sends a datagram. Defined in RFC 864. |
conn | Connection slot in PIX Firewall—Refer to the xlate command page for more information. |
CRL | Certificate Revocation List. |
DES | Data Encryption Standard. |
DNS | Domain Name System—Operates over UDP unless zone file access over TCP is required. |
EGP | Exterior Gateway Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run EGP on the rest of the network before the routers. |
Enhanced Interior Gateway Routing Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run EIGRP on the rest of the network before the routers. | |
ESP | Encapsulated Security Protocol. Refer to RFC 1827 for more information. |
FDDI | Fiber Distributed Data Interface—Fiber optic interface. |
FTP | File Transfer Protocol. |
gaddr | Global address—An address set with the global and static commands. |
GRE | Generic Routing Encapsulation protocol—Commonly used with Microsoft's implementation of PPTP. |
HSRP | Hot-Standby Routing Protocol. |
HTTP | Hypertext Transfer Protocol—The service that handles access to the World Wide Web. |
IANA | Internet Assigned Number Authority—Assigns all port and protocol numbers for use on the Internet. You can view port numbers at the following site: http://www.isi.edu/in-notes/iana/assignments/port-numbers You can view protocol numbers at the following site: http://www.isi.edu/in-notes/iana/assignments/protocol-numbers |
ICMP | Internet Control Message Protocol—This protocol is commonly used with the ping command. You can view ICMP traces through the PIX Firewall with the debug trace on command. Refer to RFC 792 for more information. |
IGMP | Internet Group Management Protocol. |
IGRP | Interior Gateway Routing Protocol. |
IKE | Internet Key Exchange. |
IKMP | Internet Key Management Protocol. |
IP | Internet Protocol. |
IPCP | IP Control Protocol. Protocol that establishes and configures IP over PPP. |
IPinIP | IP-in-IP encapsulation protocol. |
IPSec | IP Security Protocol efforts in the IETF (Internet Engineering Task Force). |
IRC | Internet Relay Chat protocol—The protocol that lets users access chat rooms. |
ISAKMP | Internet Security Association and Key Management Protocol. |
KDC | Key Distribution Center. |
laddr | Local address—The address of a host on a protected interface. |
MD5 | Message Digest 5—An encryption standard for encrypting VPN packets. This same encryption is used with the aaa authentication console command to encrypt Telnet sessions to the console. |
MIB | Management Information Base—Used with SNMP. |
MPPE | Microsoft Point-To-Point Encryption. |
MS-CHAP | Microsoft CHAP (Challenge Handshake Authentication Protocol). See "CHAP" for more information. |
MSRPC | Microsoft Remote Procedure Call. |
MTU | maximum transmission unit—The maximum number of bytes in a packet that can flow efficiently across the network with best response time. For Ethernet, the default MTU is 1500 bytes, but each network can have different values, with serial connections having the smallest values. The MTU is described in RFC 1191. |
NAT | Network Address Translation. |
NIC | Network Information Center. |
NNTP | Network News Transfer Protocol—News reader service. |
NOS | Network Operating System. |
NTP | Network Time Protocol—Set system clocks via the network. |
NVT | Network virtual terminal. |
OSPF | Open Shortest Path First protocol. |
PIX | Private Internet Exchange. |
PAP | Password Authentication Protocol. Authentication protocol that lets PPP peers authenticate one another. |
PAT | Port Address Translation. |
PFSS | PIX Firewall Syslog Server. |
PKI | Public Key Infrastructure. |
POP | Post Office Protocol. |
PPP | Point-to-Point Protocol. Provides PIX Firewall-to-router and host-to-network connections over synchronous and asychronous circuits. |
PPTP | Point-to-Point Tunneling Protocol. RFC 2637 describes the PPTP protocol. |
RADIUS | Remote Authentication Dial-In User Service—User authentication server specified with the aaa-server command. |
RAS | The registration, admission, and status protocol. Provided with H.323 support. |
RFC | Request For Comment—RFCs are the defacto standards of networking protocols. |
RIP | Routing Information Protocol. |
RPC | Remote Procedure Call. |
RSA/RC4 | RSA is the trade name for RSA Data Security, Inc. The RSA web site at http://www.rsasecurity.com/rsalabs/faq/3-6-3.html describes RC4 as a "stream cipher designed by Rivest for RSA Data Security, Inc. It is a variable key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation." |
SMTP | Simple Mail Transfer Protocol—Mail service. The fixup protocol smtp command enables the Mail Guard feature. The PIX Firewall Mail Guard feature is compliant with both the RFC 1651 EHLO and RFC 821 section 4.5.1 commands. |
SNMP | Simple Network Management Protocol—Set attributes with the snmp-server command. |
SPI | Security parameter index—A number which, together with a destination IP address and security protocol, uniquely identifies a particular security association. |
SQL*Net | SQL*Net is a protocol Oracle uses to communicate between client and server processes. (SQL stands for Structured Query Language.) The protocol consists of different packet types that PIX Firewall handles to make the data stream appear consistent to the Oracle applications on either side of the firewall. SQL*Net is enabled with the fixup protocol sqlnet command, which is provided in the default configuration. |
SYN | Synchronize sequence numbers flag in the TCP header. |
TACACS+ | Terminal Access Controller Access Control System Plus. |
TCP | Transmission Control Protocol. Refer to RFC 793 for more information. |
TFTP | Trivial File Transfer Protocol. |
Triple DES | Triple Data Encryption Standard. Also known as 3DES. |
uauth | User authentication. |
UDP | User Datagram Protocol. |
VPDN | Virtual Private Data Network. |
VPN | Virtual Private Network. |
WWW | World Wide Web. |
XDMCP | X Display Manager Control Protocol. |
xlate | Translation slot in PIX Firewall. |
Posted: Thu Aug 31 20:59:10 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.