User guide
User Guide 177
Intrusion Detection System (IDS)
A class of networking products devoted to detecting, monitoring, and blocking
attacks from hackers. IDSs that operate on a host to detect malicious activity on
that host are called host-based IDSs. IDSs that operate on network data flows
are called network-based IDSs.
IP (Internet Protocol)
A protocol used by the Internet that enables computers to communicate over
various physical media.
IP address host
The 32-bit address that identifies a host. Technically, a host is a network device
connected to the Internet. In common usage, a host is a computer or some
other device that has a unique IP address. Computers with more than one IP
address are known as multihomed hosts.
IP fragment
An IP datagram that is actually part of a larger IP packet. IP fragments are
typically used when an IP packet is too large for the physical media that the
data must cross. For example, the IP standard for Ethernet limits IP packets to
about 1,500 bytes, but the maximum IP packet size is 65,536 bytes. To send
packets larger than 1,500 bytes over an Ethernet, IP fragments must be used.
IP masquerading
See dynamic NAT
.
IP options
Extensions to the Internet Protocol used mainly for debugging and special
applications on local networks. In general, there are no legitimate uses of IP
options over an Internet connection.
IP options attack
A method of gaining network access by using IP options.
IPSec (Internet Protocol Security)
An open-standard methodology of creating a secure tunnel through the
Internet, connecting two remote hosts or networks. IPSec provides several
encryption and authentication options to maximize the security of the
transmission over a public medium such as the Internet.
IP spoofing
The act of inserting a false sender IP address into an Internet transmission to
gain unauthorized access to a computer system.
ISA (Industry Standard Architecture)
A unique network interface card on the motherboard of a computer.