Vous êtes sur la page 1sur 26

SERVERS & Security

Apache - One of the world's most popular Web server programs, Apache was built by a group of open-source programmers and is often used because of its outstanding performance, strong security features and the fact that it is free. Application Infrastructure - The software components that your custom application relies on for its functionality. Examples include web servers, application servers and database servers. ARP (Address Resolution Protocol) is the protocol used to dynamically map internet addresses to a physical hardware device. Authentication - Authentication is a process where a person or a computer program proves their identity in order to access information. The persons identity is a simple assertion, the login ID for a particular computer application, for example. Proof is the most important part of the concept and that proof is generally something known, like a password; something possessed, like your ATM card; or something unique about your appearance or person, like a fingerprint. Strong authentication will require at least two of these proofs. State of the art authentication processes are tightly linked with encryption or crypto systems. In a world where the application that wants to authenticate you is on the other side of an open network like the Internet, the password that is your proof must be sent encrypted or its no longer a secret. Back-end - (1) The part of the computer that changes source code into object code (machine read code). (2) The part of the program that runs on a server in a client/server application. Bandwidth - The amount of data that can be transmitted at a given moment to a server. The higher your bandwidth, the larger amount of traffic your site can handle at one time. Bridge - Connects two different kinds of local networks, such as a wireless network to a wire Ethernet network. CGI - Short for Common Gateway Interface, a small script that processes data taken from the user (such as from a form application). Cgi-bin - The directory on a web server where CGI scripts are stored.

The Cloud - A pool of highly available servers and computing services, made available for general use by web and other network-based applications. Cloud Bursting - Using cloud resources as a pressure valve when an increased amount of computer resources are required for a burst in traffic, or short-term demand spikes in activity or load. Cloud Computing - The sharing of compute resources (dedicated, time-shared, or dynamically shared servers) and related infrastructure components (load balancers, firewalls, network storage, developer tools, monitors and management tools) to facilitate the deployment and operation of web and network based applications. Cloud computing environments provide developers and their customers direct on-demand access to large-scale and scalable computing capabilities, all at a fraction of the cost of dedicated options such as managed data centers, colocation facilities, or private data centers. Cloud resources are typically accessed via the public Internet. DDoS - Short for Distributed Denial of Service Attack, the most common form of attack on network devices. It overwhelms a network by monopolizing its bandwidth by flooding it with information from multiple hosts, thereby preventing legitimate network traffic. Default Gateway - The device that forwards Internet traffic to your internal network. Device - Refers to the individual hardware components that make up a unique hosted configuration. This includes servers, firewalls and load balancers. DHCP (Dynamic Host Configuration Protocol) A protocol that lets one device on a local network, known as a DHCP server, assign dynamic IP addresses to the other network devices, typically computers. Directory Service - A directory service, in the technical sense, is very much like a directory service in the real world. A real-world directory service lets you look up a telephone number when you know someones name and location. In the same way, directory services on computers let you look for other computers, e-mail addresses, files and folders, and many other objects and attributes. DNS - Domain Name Server (or system) An Internet service that translates domain names into IP addresses.

DSL - Uses copper pair wiring to transfer data. sDSL provides the same transfer speed for uploading or downloading. aDSL provides a faster download speed but slower upload. Firewall - A piece of security software or hardware designed to protect web servers. They are typically used to protect sites from hacker attacks/unauthorized access. Forward DNS Lookup - A Forward DNS Lookup, or just DNS Lookup, is the process of looking up and translating a domain name into its corresponding IP address. This can be compared to a Reverse DNS Lookup, which is the process of looking up and translating an IP address into a domain name. FQDN - Fully Qualified Domain Name A name consisting of both a host and a domain name. For example, www.lsoft.com is a fully qualified domain name. www is the host; lsoft is the second-level domain; and .com is the top-level domain.

FTP - File Transfer Protocol FTP is the language used for file transfer from computer to computer across the Internet. FTP servers can be secure or anonymous. The software used to transfer data via FTP is called an FTP client. FTP Client An FTP client is a piece of software which allows you to log in to your FTP server to upload and edit files. Gateway - This is a hardware or software set-up that functions as a translator between two dissimilar protocols. A gateway can also be the term to describe any mechanism providing access to another system (e.g AOL might be called a gateway to the Internet). Grid Computing - An architecture for server networking, whereby processing cycles of all computers in a grid network can be allocated to a particular application. This differs from other architectures in that the integration is accomplished at the hardware level, thereby making the grid appear as a single large resource, rather than a pool of shared autonomous resources. Host - When a server acts as a host it means that other computers on the network do not have to download the software that this server carries. Host name - The name of a computer on the Internet (such as www.wilson.ca).

HTML - Short for HyperText Markup Language, the language by which web servers and client browsers communicate. All server-side functions (such as database processing), although they may be performed in another language, must eventually be output back to the user in HTML. HTTP - Stands for HyperText Transfer Protocol, the protocol by which HTML files move across the Internet. HTTP requires a client browser and an HTTP server (typically a web server). ICMP (Internet Control Message Protocol) is used to communicate IP status and error messages between hosts and routers. IDS - Short for Intrusion Detection System, it recognizes all types of hostile network traffic and computer usage that can't be detected by a conventional firewall. IIS - Short for Internet Information Server, Microsoft's server software for Windows NT/2000. ISDN - Integrated Services Digital Network accommodates speeds at either 64 or 128 Kbps. It works with data, voice and video signals. Internet - The largest worldwide computer network. Intranet - Contrary to the public Internet, an intranet is a private network inside a company or organization.

IP address - An IP (Internet Protocol) address is a unique identifier for a computer on the Internet. It is written as four numbers separated by periods. Each number can range from 0 to 255. Before connecting to a computer over the Internet, a Domain Name Server translates the domain name into its corresponding IP address. IPSec - short for "IP Security" is the name of a security architecture and set of protocols commonly used to construct a VPN. These services work at the IP (Internet Protocol) or network layer and provide confidentiality and authentication as the packets move through networked devices. J2EE - Short for Java 2 Platform, Enterprise Edition, J2EE is a programming platform for developing and running distributed multi-tier architecture applications, based largely on modular components running on an application server.

LAN - Local Area Network, which is a computer network, although geographically limited, usually to the same building, office, etc. LAMP - An acronym for a set of free software programs commonly used together to run dynamic Web sites: Linux, the operating system; Apache, the web server; MySQL, the database management system (or database server); Perl, PHP, and/or Python, scripting languages. LDAP - Lightweight Directory Access Protocol is a standard based on X.500, the OSI Directory Access Protocol (DAP). Just like a telephone directory will allow you to look up a telephone number by name, the LDAP standard for directories makes it possible for an LDAP compliant client to look up information thats contained in computer systems and networks. Devices on a network like printers and fax machines, users, e-mail addresses, and many more objects and attributes are stored in X.500 directories. Load Balancing - Distributing data across a network of servers in order to ensure that a single web server does not get overloaded with work, thereby affecting performance. Managed Backup - Refers to the copying of data for the purpose of having an additional copy of an original source, specifically storing data on separate tape media not located on the server. If the original data is damaged or lost, the data may be copied back from that source. Microsoft.NET, Passport - .NET Passport is Microsofts solution for federated identity management. It offers single sign-on (SSO) to multiple web-based service providers, while protecting a users privacy in e-commerce transactions. Name Server - A server responsible for translating domain names and IP addresses. NIST - National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Commerce Department. NIST security publications (Special Publications in the 800 series) may be used by organizations to provide a structured, yet flexible framework for selecting, specifying, employing, and evaluating the security controls in information systems. NOC - Short for Network Operations Center, a hosting company's "home base," so to speak. The NOC is usually where most administration, technical support and physical server storage takes place.

ODBC - Open DataBase Connectivity A Microsoft standard for accessing different database systems from Windows, for instance Oracle or SQL. On-demand Software Software applications provided through networks (such as the Internet) or as network-based services. On-demand software delivery, for local installation and use, is sometimes referred to as software on-demand. Operating system - A program that manages all other programs in a computer, such as Windows, Unix, Linux. Packet Switching - The method by which most data is exchanged throughout the Internet. Most data is broken down into smaller "packets" prior to transfer, and then reassembled at the destination. Platform as a Service - A SaaS variation, delivering integrated development environments as a turn key service. PPTP (Point to Point Tunneling Protocol) is a VPN protocol that allows Point to Point Protocol to be tunneled through an IP network. Protocol - The set of formal rules that describe how to transmit data, especially across a network of computers. RAID - Short for Redundant Array of Independent Disks, a method of data protection/backup. Data is stored over a number of servers so that information will still be accessible if a piece of hardware/software crashes. RARP (Reverse Address Resolution Protocol) is used by a host computer to obtain an IP address based on the address of the host's network card. Repeaters - Are used to connect any type of cable. They basically provide extra signal strength when you exceed the length limits. Data is transmitted near the speed of light on a network and the timing of transmitted data is crucial. Because of this, the path between any two nodes can't contain more than four repeaters. Router - The role of a router can be described as a bridge between two or more networks. The function of the router is to look at the destination addresses of the packets passing through it, and thereafter decide which route to send these packets on. RTP (Real-time Transport Protocol) A protocol that enables specialized applications, such as Internet phone calls, video and audio, to occur in real time.

SAN - Short for Storage Area Network, a network designed to attach computer storage devices such as disk array controllers and tape libraries to servers. In a storage network, a server issues a request for specific blocks, or data segments, from specific disk drives. This method is known as block storage. The device acts in a similar fashion to an internal drive, accessing the specified block, and sending the response across the network. Scalability - The ability to adapt to rapid changes in demand, by dynamically adding or removing cloud resources based upon performance metrics and load thresholds. In more advanced environments, these resource allocations and deallocations are fully automated and near instantaneous, allowing for smooth operation of services. Service Commerce Platforms - A hybrid of SaaS and managed service solutions, creating a cloud computing service offer as a full-service hub. These service platforms are typically embedded, or integrated, with other service offerings to provide a complete application. In some cases, service commerce platforms are fully self-contained, and targeted at vertical markets or trade groups as outsourced IT environments. Service Level Agreement (SLA) - A formal written agreement made between two parties: the service provider and the service recipient. The SLA itself defines the basis of understanding between the two parties for delivery of the service itself. The document can be quite complex, and sometimes underpins a formal contract. Generally, an SLA should contain clauses that define a specified level of service, support options, incentive awards for service levels exceeded and/or penalty provisions for services not provided. SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Software-as-a-Service (SaaS) - Provisioning of software and applications over the public internet, or private networks, on a shared basis. SaaS applications typically provide equivalent functionality to dedicated single-purchase applications, however, they are delivered and used on a month-by-month service contract or subscription basis. Some components may be required to operate locally. SQL - Short for Standard Query Language. A standard protocol used to request information from databases. Servers that can handle SQL are known as SQL servers. SSL - Short for Secure Sockets Layer, a protocol developed by Netscape to handle and protect confidential/sensitive information required for e-commerce transactions (like credit card numbers). SSL addresses usually begin with 'https'.

SSL-VPN - Although the Secure Sockets Layer (SSL) is a protocol designed specifically for web browsers to securely access web-based applications, the fact that it encrypts information and that it authenticates at least one of the parties, also makes it a Virtual Private Network (VPN). One of the best things about this protocol is that most computers have a browser; that means that no new software needs to be added to the client in order to use this method. A very simplified explanation of how it works is like this: The browser client asks for a secure session with the web server. If the web server can support an SSL session, it says what it supports and sends back a certificate that includes the servers public key as well as some other information to negotiate a secret key. The client checks the certificate and decides whether to trust the server; if it does, it encrypts some information with the servers public key and sends it back. The information is used to compute the secret key and the rest of the session is encrypted with that shared secret (symmetric key cryptography). TCP / IP - Transmission Control Protocol / Internet Protocol This is the protocol that defines the Internet. TCP / IP was originally designed for the unix operating system, but is today available for every major kind of computer operating system. Telnet - A user command and TCP/IP protocol used for accessing remote computers. URL - Uniform Resource Locator The address of a file or Web page accessible on the Internet (for example, http://www.wilson.ca). VPN - Virtual Private Networks (VPNs) allow private use of a public network. They enable mobile computers and other devices to connect to a companys private network by creating an encrypted tunnel from the network thats owned by the company, over the Internet and to the remote device on the other end. The most commonly used technologies to do this are Secure Sockets Layer (SSL) and IP Security (IPSec). These effectively extend the companys network, creating a Virtual Private Network. Web Hosting - Web hosting is a service that allows users to post web pages to the Internet. A web host, or hosting service provider (HSP), is a business that provides the technologies and services needed for websites to be viewed on the web. Also called virtual hosting.

XML - Short for Extensible Markup Language. XML is a language allowing developers to create their own markup tags. All XML tags are defined by the programmer, and can be interpreted differently in different applications. For

example, the "" tag in HTML means Italics, but could mean anything in XML, depending on the function the developer assigns to it.

WIRELESS
802.11 : an evolving family of specifications for wireless LANs, developed by a working group of the Institute of Electrical and Electronics Engineers(IEEE). 802.11 standards use the Ethernet protocol and CSMA/CA (carrier sense multiple access with collision avoidance) for path sharing. 802.11a : provides specifications for wireless ATM systems. 802.11a is also used in wireless hubs. Networks using 802.11a operate at radio frequencies between 5.725 GHz and 5.850 GHz. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. 802.11b : WLAN standard often called Wi-Fi; backward compatible with 802.11. Instead of the phase-shift keying (PSK) modulation method historically used in 802.11 standards, 802.11b uses complementary code keying (CCK), which allows higher data speeds and is less susceptible to multipath-propagation interference. 802.11d : a wireless network communications specification for use in countries where systems using other standards in the 802.11 family are not allowed to operate. Configuration can be fine-tuned at the Media Access Control layer (MAC layer) level to comply with the rules of the country or district in which the network is to be used. Rules subject to variation include allowed frequencies, allowed power levels, and allowed signal bandwidth. 802.11d facilitates global roaming. 802.11e : a proposed adaptation to the 802.11a and 802.11b specifications that enhances the 802.11 Media Access Control layer (MAC layer) with a coordinated time division multiple access (TDMA) construct, and adds error-correcting mechanisms for delay-sensitive applications such as voice and video. The 802.11e specification provides seamless interoperability between business, home, and public environments such as airports and hotels and offers all subscribers highspeed Internet access with full-motion video, high-fidelity audio, and Voice over IP (VoIP). 802.11g : offers transmission over relatively short distances at up to 54 megabits per second (Mbps), compared with the 11 Mbps theoretical maximum of 802.11b. 802.11g employs orthogonal frequency division multiplexing (OFDM), the

modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speeds of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network. 802.11h : intended to resolve interference issues introduced by the use of 802.11a in some locations, particularly with military radar systems and medical devices. Dynamic frequency selection (DFS) detects the presence of other devices on a channel and automatically switches the network to another channel if and when such signals are detected. Transmit power control (TPC) reduces the radiofrequency (RF) output power of each network transmitter to a level that minimizes the risk of interference. 802.11i : provides improved encryption for networks that use 802.11a, 802.11b, and 802.11g standards. Requires new encryption key protocols, known as Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES). Other features include key caching, which facilitates fast reconnection to the server for users who have temporarily gone offline, and pre-authentication, which allows fast roaming and is ideal for use with advanced applications such as Voice over Internet Protocol (VoIP). 802.11j : proposed addition to the 802.11 family of standards that incorporates Japanese regulatory extensions to 802.11a; the main intent is to add channels in the radio-frequency (RF) band of 4.9 GHz to 5.0 GHz. WLANs using 802.11j will provide for speeds of up to 54 Mbps, and will employ orthogonal frequency division multiplexing (OFDM). The specification will define how Japanese 802.11 family WLANs and other wireless systems, particularly HiperLAN2 networks, can operate in geographic proximity without mutual interference. 802.11k : proposed standard for how a WLAN should perform channel selection, roaming, and transmit power control (TPC) in order to optimize network performance. In a network conforming to 802.11k, if the access point (AP) having the strongest signal is loaded to capacity, a wireless device is connected to one of the underutilized APs. Even though the signal may be weaker, the overall throughput is greater because more efficient use is made of the network resources. 802.11m : an initiative to perform editorial maintenance, corrections, improvements, clarifications, and interpretations relevant to documentation for 802.11 family specifications. 802.11m also refers to the set of maintenance releases itself. 802.1X : standard designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework, allowing a user to be authenticated by a central

authority. The actual algorithm that is used to determine whether a user is authentic is left open and multiple algorithms are possible. Access Point (AP): a station that transmits and receives data (sometimes referred to as a transceiver). An access point connects users to other users within the network and also can serve as the point of interconnection between the WLAN and a fixed wire network. The number of access points a WLAN needs is determined by the number of users and the size of the network. Access Point Mapping (also called war driving): the act of locating and possibly exploiting connections to WLANs while driving around a city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a WLAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources. Ad-hoc network : a LAN or other small network, especially one with wireless or temporary plug-in connections, in which some of the network devices are part of the network only for the duration of a communications session or, in the case of mobile or portable devices, while in some close proximity to the rest of the network. Antenna : a specialized transducer that converts radio-frequency (RF) fields into alternating current (AC) or vice-versa. There are two basic types: the receiving antenna, which intercepts RF energy and delivers AC to electronic equipment, and the transmitting antenna, which is fed with AC from electronic equipment and generates an RF field. Common use is to transmit and receive data from a wireless networking bridge device to another antenna in the wireless network. Each antenna is always connected to a bridge, which provides the physical connection to the local area network. Bridge - Connects a local area network to another local area network through radio waves. The bridged network design can consist of pointtopoint, point to multi-point, or as a high-powered A/P and Bridge.

dBi - The decibel units used to calculate the gain of an antenna. The change in power is referenced against an isotropic radiator, which is a

theoretical ideal transmitter that produces a perfect electromagnetic field output. The sphere would extend in all directions with equal intensity, and at 100% efficiency, in 3-dimensions, similar to the rays of light produced by the sun. dBm - A dBm measurement is a measurement of absolute power based on the reference of 1 milliwatt (1 mW). Digital Pulse Wireless : (see also: ultra wideband or UWB) is a wireless technology for transmitting large amounts of digital data over a wide spectrum of frequency bands with very low power for a short distance. Ultra wideband radio can carry a huge amount of data over a distance up to 230 feet at very low power (less than 0.5 milliwatts), and has the ability to carry signals through doors and other obstacles that tend to reflect signals at more limited bandwidths and a higher power. EVIL TWIN : a home-made wireless access point that masquerades as a legitimate one to gather personal or corporate information without the end-user's knowledge. It's fairly easy for an attacker to create an evil twin by simply using a laptop, a wireless card and some readily-available software. The attacker positions himself in the vicinity of a legitimate Wi-Fi access point and lets his computer discover what name and radio frequency the legitimate access point uses. He then sends out his own radio signal, using the same name. Extensible Authentication Protocol (EAP): authentication protocol for wireless networks that expands on methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication. FIXED WIRELESS : wireless devices or systems in fixed locations such as homes and offices. Fixed wireless devices usually derive their electrical power from the utility mains, unlike mobile wireless or portable wireless which tend to be batterypowered. Although mobile and portable systems can be used in fixed locations, efficiency and bandwidth are compromised compared with fixed systems. Fresnel Zone - (pronounced 'fre-nel') The area around the line-of-sight between WLAN bridge antennas that radio waves spread out into after they leave the antenna. This area must be clear or the strength of the signal will weaken. Gain - The measurement used to indicate the frequency and range for a WLAN bridge antenna. As the number increases in a WLAN bridge antenna, the coverage area becomes narrower and the distance of the

coverage area becomes longer. HiperLAN : WLAN communication standards primarily used in European countries. There are two specifications: HiperLAN/1 and HiperLAN/2. Both have been adopted by the European Telecommunications Standards Institute (ETSI). The HiperLAN standards provide features and capabilities similar to 802.11. HiperLAN/1 provides communications at up to 20 Mbps in the 5-GHz range of the radio frequency (RF) spectrum. HOT SPOT : (see also access point) a WLAN node that provides Internet connection and virtual private network (VPN) access from a given location. A business traveller, for example, with a laptop equipped for Wi-Fi can look up a local hot spot, contact it, and get connected through its network to reach the Internet and their own company remotely with a secure connection. Increasingly, public places, such as airports, hotels, and coffee shops are providing free wireless access for customers. HOT ZONE : a wireless access area created by multiple hot spots located in close proximity to each other. Hot zones usually combine public safety access points with public hot spots. Each hot spot typically provides network access for distances between 100 and 300 feet; various technologies, such as mesh network topologies and fiber optic backbones, are used in conjunction with the hot spots to create areas of coverage. IMT-2000 direct spread official name for W-CDMA (Wideband Code-Division Multiple Access): ITU standard derived from Code-Division Multiple Access (CDMA). W-CDMA is a third-generation (3G) mobile wireless technology that promises much higher data speeds to mobile and portable wireless devices than commonly offered in today's market. IrDA : (Infrared Data Association) an industry-sponsored organization set up in 1993 to create international standards for the hardware and software used in infrared communication links. In this special form of radio transmission, a focused ray of light in the infrared frequency spectrum, measured in terahertz, or trillions of hertz (cycles per second), is modulated with information and sent from a transmitter to a receiver over a relatively short distance.

IR WIRELESS : the use of wireless technology in devices or systems that convey data through infrared (IR) radiation. Infrared is electromagnetic energy at a wavelength or wavelengths somewhat longer than those of red light. The shortest-

wavelength IR borders visible red in the electromagnetic radiation spectrum; the longest-wavelength IR borders radio waves. MICROWAVE : electromagnetic energy having a frequency higher than 1 gigahertz (billions of cycles per second), corresponding to wavelength shorter than 30 centimeters. Microwave signals propagate in straight lines and are affected very little by the troposphere. They are not refracted or reflected by ionized regions in the upper atmosphere. Microwave beams do not readily diffract around barriers such as hills, mountains, and large human-made structures. MIMO (multiple input, multiple output): an antenna technology for wireless communications in which multiple antennas are used at both the source (transmitter) and the destination (receiver). The antennas at each end of the communications circuit are combined to minimize errors and optimize data speed. MIMO is one of several forms of smart antenna technology, the others being MISO (multiple input, single output) and SIMO (single input, multiple output). MISO (multiple input, single output): an antenna technology for wireless communications in which multiple antennas are used at the source (transmitter). The antennas are combined to minimize errors and optimize data speed. The destination (receiver) has only one antenna. MISO is one of several forms of smart antenna technology, the others being MIMO (multiple input, multiple output) and SIMO (single input, multiple output). Near Field Communication (NFC): a short-range wireless connectivity standard (Ecma-340, ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they're touched together, or brought within a few centimeters of each other. The standard specifies a way for the devices to establish a peer-to-peer (P2P) network to exchange data. Omni-directional Antenna - A wireless bridge networking device used to achieve extended distances between WLAN locations. Typically used at the central location in a point to multi-point application.

OPTICAL WIRELESS : the combined use of conventional radio-frequency (RF) wireless and optical fiber for telecommunication. Long-range links are provided by optical fiber and links from the long-range end-points to end users are accomplished by RF wireless or laser systems. RF wireless at ultra-high frequencies

(UHF) and microwave frequencies can carry broadband signals to individual computers at substantial data speeds. Point-to-Point Wireless Bridge Networking - A cost-effective means of connecting remote locations to alleviate the need for expensive T1 or Fiber installations. PC Card Client - Plugs into the PCMCIA slot on a laptop computer providing a connection to an Access Point in a Wireless Network. Point to Multi-point Wireless Bridge Networking - A cost-effective means of connecting multiple remote locations back to a central location to alleviate the need for expensive T1 or Fiber installations. Power over Ethernet (PoE) - A method of delivering DC power to Wireless Access Point or Bridge devices through the category 5 Ethernet cabling. Typically used in installations where AC power is not available to achieve optimum positioning of the devices. RADIUS - Remote Authentication Dial In User Service (RADIUS) is an authentication and accounting system used by many Internet Service Providers (ISPs). When users dial in to the ISP they must enter a username and password. This information is passed to a RADIUS server, which checks that the information is correct, and then authorizes access to the ISP system. Router - A device that is used to connect user to a fixed wire local area network through a UTP or Fiber connection. RADIO FREQUENCY (RF): alternating current (AC) having characteristics such that, if the current is input to an antenna, an electromagnetic (EM) field is generated suitable for wireless broadcasting and/or communications. Sector-directional Antenna - A wireless bridge networking device used to achieve extended distances between WLAN locations. Typically used for point-to-point locations or at each remote location in a point to multi-point application.

SWAN (Structured Wireless-Aware Network): a technology that incorporates a WLAN into a wired wide-area network (WAN). SWAN technology can enable an existing wired network to serve hundreds of users, organizations, corporations, or

agencies over a large geographic area. A SWAN is said to be scalable, secure, and reliable. TRANSPONDER : a wireless communications, monitoring, or control device that picks up and automatically responds to an incoming signal. The term is a contraction of the words transmitter and responder. Transponders can be either passive or active. ULTRA WIDEBAND (UWB): (see also: digital pulse wireless) is a wireless technology for transmitting large amounts of digital data over a wide spectrum of frequency bands with very low power for a short distance. Ultra wideband broadcasts very precisely timed digital pulses on a carrier signal across a very wide spectrum (number of frequency channels) at the same time. UWB can carry a huge amount of data over a distance up to 230 feet at very low power (less than 0.5 milliwatts), and has the ability to carry signals through doors and other obstacles that tend to reflect signals at more limited bandwidths and a higher power. USB Client - Plugs into the USB port on an IBM-compatible computer providing a connection to an Access Point in a Wireless Network. VIRTUAL PRIVATE NETWORK (VPN): a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network. A VPN ensures privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol ( L2TP ). Data is encrypted at the sending end and decrypted at the receiving end. VoWLAN (Voice over WLAN, sometimes called wireless VoIP, Wi-Fi VoIP): a method of routing telephone calls for mobile users over the Internet using the technology specified in IEEE 802.11b. Routing mobile calls over the Internet makes them free, or at least much less expensive than they would be otherwise. WAP (Wireless Application Protocol): a specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, can be used for Internet access, including e-mail, the World Wide Web, newsgroups, and instant messaging.

WEP - Wired Equivalent Privacy (WEP) is an optional IEEE802.11 function that offers frame transmission privacy similar to a wired network. Secret shared encryption keys are generated that both

source and destination stations can use to alter frame bits. This provides additional security against unauthorized access to the wireless network. WDS - Wireless Distribution Systems (WDS) allow network administrators to wirelessly connect Access Points and provide access to the wired infrastructure for locations where cabling is not possible or costly to implement. WPA - Wi-Fi Protected Access (WPA) is designed to be available as a firmware upgrade for legacy hardware already running WEP, by adding a layer of security on top of WEP to fix all the known weaknesses in WEP. It is also designed to be compatible with the full 802.11i standard or RSN. WAR DRIVING (also called access point mapping):, the act of locating and possibly exploiting connections to WLANs while driving around a city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a WLAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources. W-CDMA (Wideband Code-Division Multiple Access): officially known as IMT-2000 direct spread; ITU standard derived from Code-Division Multiple Access (CDMA). W-CDMA is a third-generation (3G) mobile wireless technology that promises much higher data speeds to mobile and portable wireless devices than commonly offered in today's market. Wi-Fi (short for wireless fidelity): a term for certain types of WLANs. Wi-Fi can apply to products that use any 802.11 standard. Wi-Fi has gained acceptance in many businesses, agencies, schools, and homes as an alternative to a wired LAN. Many airports, hotels, and fast-food facilities offer public access to Wi-Fi networks.

WiMAX : a wireless industry coalition whose members organized to advance IEEE 802.16 standards for broadband wireless access (BWA) networks. WiMAX 802.16 technology is expected to enable multimedia applications with wireless connection and, with a range of up to 30 miles, enable networks to have a wireless last mile

solution. According to the WiMAX forum, the group's aim is to promote and certify compatibility and interoperability of devices based on the 802.16 specification, and to develop such devices for the marketplace. Wired Equivalent Privacy (WEP): a security protocol specified in 802.11b, designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. Data encryption protects the vulnerable wireless link between clients and access points; once this measure has been taken, other typical LAN security mechanisms such as password protection, end-to-end encryption, virtual private networks (VPNs), and authentication can be put in place to ensure privacy. Wireless : describes telecommunications in which electromagnetic waves (rather than some form of wire) carry the signal over part or all of the communication path. Wireless Abstract XML (WAX): an abstract markup language and associated tools that facilitate wireless application development. The major features of WAX include: the WAX language itself; translation stylesheets, which are used to translate the WAX language into the most suitable language for the requesting device; the device registry, which includes an XML database of device particulars; dynamic image and text selection, which allows content to be written a single time for multiple transformations; and the application foundation, a WAX servlet that creates a foundation for WAX applications. Wireless application service provider (WASP): provides Web-based access to applications and services that would otherwise have to be stored locally and makes it possible for customers to access the service from a variety of wireless devices, such as a smartphone or personal digital assistant (PDA). Wireless ISP (WISP): an Internet service provider (ISP) that allows subscribers to connect to a server at designated hot spots (access points) using a wireless connection such as Wi-Fi. This type of ISP offers broadband service and allows subscriber computers, called stations, to access the Internet and the Web from anywhere within the zone of coverage provided by the server antenna, usually a region with a radius of several kilometers.

Wireless Networking Clients - A wireless networking access point uses client cards to send and receive data with mobile users. Laptop computers typically use a PC Card in the PCMCIA slot, while IBMcompatible PC's use USB clients to connect to the USB port on their

computer. Wireless LAN (WLAN) - A wireless LAN uses a wireless connection, such as a Wireless Access Point and Clients or a Wireless Bridge, to connect mobile users to a local area network. WLANs are frequently some portion of a wired LAN. Wireless Service Provider : a company that offers transmission services to users of wireless devices through radio frequency (RF) signals rather than through end-toend wire communication. Wireless Transport Layer Security (WTLS): the security level for Wireless Application Protocol (WAP) applications, developed to address the problematic issues surrounding mobile network devices - such as limited processing power and memory capacity, and low bandwidth - and to provide adequate authentication, data integrity, and privacy protection mechanisms. Yagi antenna (sometimes called a Yagi-Uda array or simply a Yagi): a unidirectional antenna commonly used in communications when a frequency is above 10 MHz.

E- MAIL & INTERNET


Above the fold: The top part of an email message that is visible to the recipient without the need for scrolling. The term originally comes from print and refers to the top half of a folded newspaper.

Alias: A unique and usually shorter URL (link) that can be distinguished from other links even if they ultimately go to the same Web page. This makes it possible to track which message led viewers to click on the link. Attachment: An audio, video or other data file that is attached to an email message. Autoresponder: A computer program that automatically responds with a prewritten message to anyone who sends an email message to a particular email address or uses an online feedback form. Authentication: A term that refers to standards, such as Sender ID, SPF and DomainKeys/DKIM, that serve to identify that an email is really sent from the domain name and individual listed as the sender. Authentication standards are used to fight spam and spoofing. Bayesian filter: A spam filter that evaluates email message content to determine the probability that it is spam. Bayesian filters are adaptable and can learn to identify new patterns of spam by analyzing incoming email. Blacklist: A list containing email addresses or IP addresses of suspected spammers. Blacklists are sometimes used to reject incoming mail at the server level before the email reaches the recipient. Block: An action by an Internet Service Provider to prevent email messages from being forwarded to the end recipient. Bounces: Email messages that fail to reach their intended destination. "Hard" bounces are caused by invalid email addresses, whereas "soft" bounces are due to temporary conditions, such as overloaded inboxes. Challenge-Response: An authentication method that requires a human to respond to an email challenge message before the original email that triggered the challenge is delivered to the recipient. This method is sometimes used to cut down on spam since it requires an action by a human sender.

Click-through tracking: The process of tracking how many recipients clicked on a particular link in an email message. This is commonly done to measure the success of email marketing campaigns. Click-through rate: In an email marketing campaign, the percentage of recipients who clicked on a particular link within the email message.

Conditional blocks: A text fragment that is pasted into an email message only if certain conditions are met (for instance the recipient lives in a certain area). Conditional blocks allow email marketers to create more personalized mailings. Conversion rate: A measure of success for an email marketing campaign (for instance the number of recipients who completed a purchase). With email marketing, conversion rates are relatively easy to calculate because of the technology's measurable nature. Deliverability: A term that refers to the best practices and authentication techniques of mass email communication that improve the likelihood that opt-in email messages are successfully delivered to end recipients instead of being erroneously blocked by ISPs and spam filters. DomainKeys/DKIM: DKIM is an email authentication protocol that enables the sender to use public-key cryptography to sign outgoing emails in a manner that can be verified by the receiver. The DKIM specification is based on the prior protocols Domain Keys and Identified Internet Mail. DKIM is defined in IETF RFC 4871. The DKIM standard is already being adopted by Gmail and other large corporations to completely eliminate phishing and spoofing from internet mail. Domain name: A name that identifies one or more IP addresses. Domain names always have at least two parts that are separated by dots (for instance wilson.ca). The part on the left is the second-level domain (more specific), while the part on the right is the top-level domain (more general). Domain Throttling: A technique that allows you to limit the number of email messages sent to a domain within a certain time frame. It is used to comply with ISPs and to avoid tripping spam filters. Many ISPs have their own policies and preferred limits. Double opt-in: The recommended procedure for subscribing email recipients to an email list or newsletter. Once a person requests to subscribe to a list, a confirmation email message is automatically sent to the supplied email address asking the person to verify that they have in fact requested to be included in future mailings.

E-mail: Email allows you to send and receive text, HTML, images and other data files over the Internet. Email is one of the most popular online activities and has become a vital tool for electronic commerce.

Email bounces: Email messages that fail to reach their intended destination. "Hard" bounces are caused by invalid email addresses, whereas "soft" bounces are due to temporary conditions, such as overloaded inboxes. Email client: The software that recipients use to read email. Some email clients have better support for HTML email than others. Email harvesting: The disreputable and often illegal practice of using an automated program to scan Web pages and collect email addresses for use by spammers. Email header: The section of an email message that contains the sender's and recipient's email addresses as well as the routing information. Email marketing: The use of email (or email lists) to plan and deliver permission-based marketing campaigns. False positive: A legitimate email message that is mistakenly rejected or filtered by a spam filter. Hard bounces: Email messages that cannot be delivered to the recipient because of a permanent error, such as an invalid or non-existing email address. IMAP: Internet Message Access Protocol A protocol used to retrieve email messages. Most email clients use either the IMAP or the POP3 protocol. ISP: Internet Service Provider A company that provides access to the Internet, including the World Wide Web and email, typically for a monthly fee. Mail-merge: A process that enables the delivery of personalized messages to large numbers of recipients. This is usually achieved using email list management software working in conjunction with a database.

Mail server - A mail server is a computer server which handles email traffic that is, emails being sent and received across a network. Email servers are run by internet service providers (ISPs), and email or webmail providers such as Microsoft (for Hotmail) and Google (for Google Mail). The emails are sent between mail

servers using a protocol called SMTP. Users do not usually interact directly with mail servers; instead, they send and receive emails using an email client, which talks to the mail servers to which it is assigned. This is done using a protocol called POP3. Merge-purge: The act of removing duplicate email addresses from a coalesced list that is composed of two or more existing lists. Message Transfer Agent (MTA) - Any system running SMTP routing software that can take a message, process it, look up destination information in DNS (or other routing table), and deliver to the intended receiving system. MTAs are typically server applications such as Sendmail, Microsoft Exchange, Postfix, Lotus Domino, qmail, PowerMTA, etc. MIME: Multi-Purpose Internet Mail Extensions An extension of the original Internet email standard that allows users to exchange text, audio or visual files. Moderated list: Moderators must approve any message posted to an email list before it is delivered to all subscribers. It is also possible for the moderator to edit or delete messages. A moderated list thus puts the list owner in the equivalent position as an editor of a newspaper. Multi-threading: A process though which a mail server can perform multiple concurrent deliveries to different domains, which greatly speeds up the delivery of large volumes of email. Multipart/alternative: A message format that includes both text and HTML versions. Recipients can then open the message in their preferred format. Offload: To assume part of the processing demand from another device. Open-relay: Open-relay is the third-party relaying of email messages though a mail server. Spammers looking to obscure or hide the source of large volume mailings often use mail servers with open-relay vulnerabilities to deliver their email messages. Out-of-office replies: Automatic email reply messages triggered by incoming email to a user's inbox, typically activated when users are on vacation or otherwise unavailable through email for an extended period.

Plain text: Text in an email message that contains no formatting elements.

POP: Post Office Protocol A protocol used to retrieve email from a mail server. Most email clients use either the POP3 or the newer IMAP protocol. Query: A subset of records in a database. Queries may be used to create highly specified demographics in order to maximize the effectiveness of an email marketing campaign. Reverse DNS Lookup: A Reverse DNS Lookup is the process of looking up and translating an IP address into a domain name. This can be compared to a Forward DNS Lookup, which is the process of looking up and translating a domain name into its corresponding IP address. Rich media: An Internet advertising term for a Web page that uses graphical technologies such as streaming video, audio files or other similar technology to create an interactive atmosphere with viewers. Scalability: The ability of a software program to continue to function smoothly as additional volume, or work is required of it. Secure SMTP - extension to the SMTP service that allows an SMTP server and client to use TLS (Transport Layer Security) to provide private, authenticated communication over the Internet Sender ID: Sender ID is an authentication protocol used to verify that the originating IP address is authorized to send email for the domain name declared in the visible "From" or "Sender" lines of the email message. Sender ID is used to prevent spoofing and to identify messages with visible domain names that have been forged. Sender Policy Framework (SPF) - SPF is a path-based email authentication protocol that allows email receivers to determine if the sender is authorized to use the domains in the messages header by evaluating the IP address of the senders outbound MTA based on information published by the sender in DNS TXT records. SPF is defined in IETF RFC 4408. Shareware: This term refers to software available on public networks. Signature file: A short text file that email users can automatically append at the end of each message they send. Commonly, signature files list the user's name, phone number, company, company URL, etc. S/MIME - S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol that adds digital signatures and encryption to Internet MIME (Multipurpose Internet Mail Extensions) messages. MIME is the standard for Internet mail that

makes it possible to send more than text. A mail message is splits into two parts, the header, which contains the information needed to move the mail from the source to its destination and the body. The MIME structure allows an e-mail body to contain graphics, audio and many other features that improve communication over simple text. Almost all modern e-mail systems support it. SMTP: Simple Mail Transfer Protocol A protocol used to send email on the Internet. SMTP is a set of rules regarding the interaction between a program sending email and a program receiving email. Soft bounces: Email messages that cannot be delivered to the recipient because of a temporary error, such as a full mailbox. Spam: (Also known as unsolicited commercial email) Unwanted, unsolicited junk email sent to a large number of recipients. SPF: Sender Policy Framework An authentication protocol used by recipient sites to verify that the originating IP address is authorized to send email for the domain name declared in the "MAIL FROM" line of the mail envelope. SPF is used to identify messages with forged "MAIL FROM" addresses. Spoofing The disreputable and often illegal act of falsifying the sender email address to make it appear as if an email message came from somewhere else. Streaming media: Audio and video files transmitted on the Internet in a continuous fashion. Subject line: The part of an email message where senders can type what the email message is about. Subject lines are considered important by email marketers because they can often influence whether a recipient will open an email message. Transport Layer Security (TLS) - The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. TLS is an IETF standards track protocol, last updated in RFC 5246. Tracking: In an email marketing campaign, measuring behavioral activities such as click-throughs and open-ups.

User Interface: A set of controls such as buttons, commands and other devices that allow a user to operate a computer program.

Virus: A program, macro or fragment of code that causes damage and can be quickly spread through Web sites or email. Whitelist: A list of pre-authorized email addresses from which email messages can be delivered regardless of spam filters. Worm: Malicious code that is often spread through an executable attachment in an email message.