Cybersecurity Glossary

Multi-homed is any computer host that has multiple IP addresses to connected networks. A multi-homed host is physically connected to multiple data links that can be on the same or different networks. Multi-homing is commonly used in web management for load balancing, redundancy, and disaster recovery.

The MD5 was designed by professor Ronald l. Rivest of MIT in 1991. The MD5 message-digest algorithm is the most widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32 digit hexadecimal number. It was developed to be used with digital signature applications that require large files to be compressed by a secure method before being encrypted with a secret key, under a public key cryptosystem. MD5 is currently a standard internet engineering task force (IETF) request for comments (RFC) 1321.

Natural disasters are any act of god or natural event caused by environmental factors. Some examples of these disasters include fire, flood, earthquake, lightning, or wind and disables the system, part of it, or a network of systems.

Network taps are hardware devices that help in accessing the data flow across a computer network. It is also desirable for a third party to monitor the traffic between two points in the network. The network tap has (at least) three ports, an A port, a B port, and a monitor port. Network taps are generally used for network intrusion detection systems, VoIP recording, network probes, RMON probes, packet sniffers, and other monitoring and collection devices and software that require access to a network segment.

Network-based intrusion detection systems (NIDS) are placed at a strategic point (or points) to monitor the traffic on the network. It analyzes the passing traffic on the entire subnet, and matches the traffic that is passed on the subnets to the library of known attacks. When an attack is identified, or abnormal behavior is detected, an alert is sent to the administrator. Opnet and Netsim are commonly used tools for simulation network intrusion detection systems.

Network address translation (NAT) is an approach that is used to remap an IP address space into another by modifying network address information in ip datagram packet headers while they are in transit. This technique was originally used for rerouting traffic in IP networks without renumbering every host. Typically home or small business networks use nat to share a single dsl or cable modem IP address. However, in some cases nat is used for servers as an additional layer of protection.

A null session is also known as anonymous logon. It is a method that allows an anonymous user to retrieve information such as user names and share this over the network, or connect without authentication. Null sessions are one of the most commonly used methods for network exploration employed by “hackers.” A null session connection allows you to connect to a remote machine without using a username or password. Instead, you are given anonymous or guest access.

The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce. NIST’s mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.

A netmask is a string of 0’s and 1’s that screens out the network part of an IP address so that only the host computer part of the address remains. The binary 1’s at the beginning of the mask turn the network ID part of the IP address into 0’s. The binary 0’s that follow allow the host ID to remain. In a netmask, two bits are always automatically assigned. For example, in 255.255.225.0, “0” is the assigned network address, and in 255.255.255.255, “255” is the assigned broadcast address. The 0 and 255 are always assigned and cannot be used.

Network mapping is the study of physical connectivity of networks. It is used to compile an electronic inventory of the systems and the services on any network. With the increase in complexities of networks, automated network mapping has become more popular.