User guide

Reference Guide 167

create two additional netmasks under it that separate the first 128

and last 128 addresses into separate identifiable networks.

Subnetting enables a client with a single network to create

multiple networks; the advanced or multiple network

configurations can then be used when setting up the Firebox.

subnet mask

A 32-bit number used to identify which port of an IP address is

masked.

substitution cypher

A method in which the characters of the plain text are substituted

with other characters to form the cipher text.

switch

A device that filters and forwards packets between LAN

segments.

symmetric algorithm

Also called conventional, secret key, and single key algorithms;

the encryption and decryption key are either the same or can be

calculated from one another.

SYN flood attack

A method of denying service to legitimate users by overloading a

network with illegitimate TCP connection attempts.

syslog

An industry-standard protocol used for capturing log information

for devices on a network. Syslog support is included in Unix-

based and Linux-based systems.

TCP (Transmission Control Protocol)

A reliable byte-streaming protocol that implements a virtual

connection. Most long-haul traffic on the Internet uses TCP.

TCP/IP (Transmission Control Protocol/Internet Protocol)

A common networking protocol with the ability to connect

different elements.

TCP session hijacking

An intrusion in which an individual takes over a TCP session

between two machines. A hacker can gain access to a machine