Index

A5 algorithm 780
AAA security model 872
accounting 873
address allocation 131
Address Resolution (ATMARP and InATMARP) 47
Address Resolution Protocol (ARP)
algorithm 122
BOOTP 126
cache 119
Ethernet 31, 120
Frame Relay 44
IEEE 802.2 standard 31
IEEE 802.x standards 120
IPv6 354
packet 120, 125
Proxy-ARP 123
reply 119
request 119
algorithm
block 779
Diffie-Hellman 784
digital signature 790, 837
key-exchange 783
public-key 781783
RSA 783
stream 779
symmetric 779780
anycast 86
application-level gateway 796
arithmetic, modular 783
ARPANET 14
Network Working Group 13
Assigned Numbers RFC 814
Asynchronous Transfer Mode 47
ATM 47, 51, 53, 56, 58
atm 50
ATM LAN emulation 56
ATMARP 47
ATM-Attached Host Functional Group (AHFG) 62
attacks 772
Authentication 773
authentication 36, 777, 779, 781, 786787, 800,

Copyright IBM Corp. 1989-2006. All rights reserved.

848, 854, 872, 881

IP Control Protocol (IPCP) 37
IPCP 37
Authentication Header (AH)
Authentication Data 815
Authentication Data field 788
combinations with ESP 823
Flags field 813
Fragment Offset 813
header checksum 813
header format 814
HMAC-MD5-96 815
HMAC-SHA-1-96 815
Integrity Check Value (ICV) 815
IP fragment 813
IPv6 environment 817
Keyed MD5 815
mutable fields 813, 816
Next Header field 814
Payload Length 814
replay protection 815
Reserved field 814
Security Parameter Index (SPI) 814
Sequence Number 815
Time To Live (TTL) 813
transform 810
transport mode 815, 824
tunnel mode 815, 824
Type of Service (TOS) 813
authentication method 834
authorization 773, 872
autoconfiguration 363

Berkeley Software Distribution (BSD) 13

block algorithm 779
Bluetooth 27
BOOTP forwarding 129
BOOTP server 125
Bootstrap Protocol (BOOTP) 126
ARP 126
BOOTPREQUEST message 129
BOOTREPLY message 128

963

DHCP interoperability 140

forwarding 84, 129
message format 127
TFTP 126
Border Gateway Protocol (BGP)
Version 4 (BGP-4) 98
bridge 11
broadcast
description 84
reverse path forwarding algorithm 85
brute-force attack 772, 780
bulk encryption 783

cache
ARP cache 119
ICMPv6 neighbor cache 356
CBC 779
CCITT 13
Cell 51
certificate 773, 832, 859
certificate authority 837, 881
certification authority (CA) 791
checksum
IPv6 333
chicken and egg problem 127
cipher 778
restricted 778
Cipher Block Chaining (CBC) 779
ciphertext 782
circuit-level gateway 796
Classical IP over ATM 50, 61
classless inter-domain routing (CIDR)
IP prefix 97
cleartext 777
client/server model 10
CLNP 40, 42
codebook 779
collision-resistant 785
combined tunnel 826
Commercial Internet Exchange (CIX) 17
Connections
ATM 47
FDDI 33
Frame Relay 41
ISDN 38
MPC+ 46
MPOA 60

964

PPP 35
SLIP 34
SONET 45
X.25 39
cryptanalysis 773, 777
cryptanalyst 793
cryptographic algorithm 778
cryptography 777, 785
strong 777
cryptography, strong 777
cryptosystem 783, 792

TCP/IP Tutorial and Technical Overview

DARPA 13
Data Encryption Standard (DES) 779, 865
Data Link Connection Identifier (DLCI) 41
data-link layer 8
DCA 14
decryption 777778
Default Forwarder Function Group (DFFG) 63
default router 63
Defense Advanced Research Projects Agency
(DARPA) 13
Defense Communication Agency (DCA) 14
Demilitarized Zone (DMZ) 808
denial-of-service attack 772773, 813, 830, 879
Department of Defense (DoD) 14
DES 779, 783, 792, 865
destination options extension header 817, 822
DHCPv6 371
dictionary attack 772
Diffie-Hellman 783784, 793, 835836, 839840,
842, 844845
digital certificate 791
digital envelope 787
digital signature 781, 787, 838839
Digital Signature Standard 788, 831
discrete logarithms 783, 785
diskless host 126
Distributed Computing Environment (DCE) 469
DOI 833834
Domain Name System (DNS) 24
IPv6 381
IPv6 extensions 368
IPv6 inverse lookups 368
resource record (RR)
format 368
resource record for IPv6 368

Domain of Interpretation (DOI) 833834

DSA 790
DSS 788, 790
Dynamic Host Configuration Protocol (DHCP) 126,
130
address allocation 131
BOOTP forwarding 129
BOOTP interoperability 140
BOUND state 137
client/server interaction 134, 137138
DHCPACK message 134
DHCPDECLINE message 134
DHCPDISCOVER message 134
DHCPINFORM message 134
DHCPNACK message 134
DHCPRELEASE message 134
DHCPREQUEST message 134
DHCPv6
DHCP Advertise 372
DHCP Reconfigure 372
DHCP Release 372
DHCP Reply 372
DHCP Request 372
DHCP Solicit 371
ICMPv6 364
INIT state 135
lease time 137
message format 132
message types 134
REBINDING state 137
RENEWING state 137
timer 137

e-business 862
ECB 779
Edge Device Functional Group (EDFG) 62
Electronic Codebook Mode (ECB) 779
Encapsulating Security Payload (ESP)
authentication 818, 824
Authentication Data 820
CDMF 819
combinations with AH 823
DES-CBC transform 819
encryption 818
ESP authentication data 818
ESP header 818
ESP trailer 818

HMAC-MD5 820
HMAC-SHA-1 820
integrity check 818
Integrity Check Value (ICV) 820
IP fragment 818
IPv6 environment 822
Next Header field 820
Pad Length 820
Padding 820
Payload Data 819
replay protection 819
Security Parameter Index (SPI) 819
Sequence Number 819
transform 810
transport mode 820, 824
tunnel mode 820, 824
encapsulation 812
encryption 777778, 787, 848
773
encryption algorithm 834
encryption key 778
ephemeral port 10
Ethernet
802.2 Logical Link Control (LLC) 31
ARP 31, 120
DIX 30, 120
DSAP 31
frame formats 30
header fields 30
IEEE 802.3 standard 30, 32
IEEE 802.4 standard 32
IEEE 802.5 standard 32
IEEE 802.x standards 127
IPv6 354
LSAP 31
protocol-type number 30
SNAP 31
SSAP 31
Subnetwork Access Protocol (SNAP) 31
Extended TACACS 873

factoring 782
FDDI 33
File Transfer Protocol (FTP)
normal mode 801
passive mode 801
proxy server 800801

Index

965

fingerprint 785
firewall 12, 776, 811, 829
advanced filtering 798
application-level gateway 807, 848
authentication 800
bastion host 807808
circuit-level gateway 803, 846
demilitarized zone 808
DMZ 808
dual-homed gateway 806
filter rules 797
FTP normal mode 801
FTP passive mode 801
FTP proxy 800801
HTTP proxy 800
IBM Firewall 800
inbound connections 804
introduction 12
logging 800
non-secure network 795
outbound connections 804
packet-filtering 797
packet-filtering firewall 805
packet-filtering router 808
packet-filtering rules 797
policy 776, 797
proxy 799, 804, 806
screened host firewall 807
screened subnet firewall 808
secure network 795
security ID cards 800
service level filtering 798
SOCKS 804
source/destination level filtering 798
TELNET proxy 801
Flags field 813
For Your Information (FYI) document 25
forwarding capacity 61
Fragment Offset 813
fragmentation 104
fragmentation extension header 817, 822
Frame Relay
ARP 44
Data Link Connection Identifier (DLCI) 41
Network Level Protocol ID (NLPID) 42
protocol data unit (PDU) 41
Subnetwork Access Protocol (SNAP) 42
virtual circuit 41

966

TCP/IP Tutorial and Technical Overview

gateway 1112, 125

gateway address 125

hacker 772, 777

hash function 785786, 789, 840
hash value 785, 788789
Hashed Message Authentication Code (HMAC)
789
header checksum 813
High Performance Data Transfer (HPDT) 46
HMAC 789
hop limit 332
hop-by-hop extension header 817, 822
HTTP
proxy 800

IAB 22
IASG Coordination Functional Group (ICFG) 62
ICMPv6 352
IDEA 780
IEEE 802.11 27
IEEE 802.x standards 31
IESG 21
impersonation 772
InATMARP 47
initialization vector 792
initialization vector (IV) 779
integrity check 779, 786
integrity checking 773
International Data Encryption Algorithm (IDEA) 780
Internet 1314
Acceptable Use Policy (AUP) 16
Advance Network and Services (ANS) 16
ANS CO+RE 16
Commercial Internet Exchange (CIX) 16
Commercial use of 16
Internet Architecture Board (IAB) 2122
Internet Assigned Numbers Authority (IANA) 21,
25, 86, 814
Internet Control Message Protocol (ICMP) 109
Address Mask Reply 117
Address Mask Request 117
Destination Unreachable 111
Echo 111
Echo Reply 111

Parameter Problem 115

Path MTU Discovery 109
Ping 117
Redirect 113
Router Advertisement 113
Router Discovery 109
router discovery protocol 114
Router Solicitation 113
Source Quench 112
Time Exceeded 115
Timestamp Reply 116
Timestamp Request 116
Internet Control Message Protocol (ICMPv6) 371
address resolution 354
autoconfiguration 363
DHCP server 364
message format 352
MTU 359
multicast group 365
Multicast Listener Discovery (MLD) 365
multicast listener done message 367
multicast listener report 367
neighbor advertisement message 356
neighbor cache 356
neighbor discovery 353
neighbor solicitation message 354, 364
neighbor unreachability detection (NUD) 363
prefix discovery 357
redirect message 361
router advertisement message 357, 364
router discovery 357
router solicitation message 360, 364
stateful autoconfiguration 363, 371, 380
stateless autoconfiguration 363, 371
tentative address 364
Internet Engineering Steering Group (IESG) 21
Internet Engineering Task Force (IETF) 2122, 863
internet gateway 11
Internet Group Management Protocol (IGMP) 119,
352
Multicast Listener Discovery (MLD) 365
internet layer 8
Internet Network Information Center (InterNIC) 69
Internet Protocol (IP) 8, 131
datagram 98
datagram header 99
fragmentation 104
IP prefix 97
Loose Source Routing option 105

MTU 104
Record Route option 107
routing options 105
Strict Source Routing option 106
timestamp 107
TTL 101
Internet Service Providers (ISPs) 17
Internet Society (ISOC) 21
Internet2
participants 19
Internet2 mission 18
Internetwork Address Sub-Group (IASG) 62
internetworking 13
internetwork-layer protocol 60
IP 50
protocol stack 125
IP address
exhaustion 86, 329
IP address exhaustion 329
IP datagram 98
introduction 8
IP datagram header 99
IP gateway 11
IP prefix 97
IP Security Architecture (IPSec)
combinations of AH and ESP 823
combined tunnel 826
concepts 810
cryptographic concepts 777
Diffie-Hellman algorithm 784
Diffie-Hellman key exchange 784
Digital Signature Algorithm 790
encapsulation 812
Hashed Message Authentication Code (HMAC)
789
HMAC 789
IPSec module 811
iterated tunneling 823
modulus 783784
nested tunneling 823
private exponent 784
private key 784
processing sequence 824
public exponent 784
public key 784
RSA algorithm 783
SA bundle 811, 823
Security Association (SA) 810
Security Association Database (SAD) 811

Index

967

Security Parameter Index (SPI) 810

Security Policy Database (SPD) 811
transform 810
transport adjacency 823, 826
tunneling 812
IP stack 125
IP Version 6 (IPv6) 352353, 357, 363
address space 339
anycast address 345
automatic tunneling 381
configured tunneling 385
DNC extensions 368
dual stack 380
extension headers 333
authentication 339, 347
destination options 339
ESP 339
fragment 351
hop-by-hop 335
redid=ipv6ext.type-length-value (TLV) option
format 333
routing 337
type-length-value (TLV) option format 335
flow 346
flow labels 346
format prefix 340
fragment header 339, 351
header checksum 333
header translation 387
Hop-by-Hop header 335
inverse DNS lookups 368
IPv4-compatible address 341
IPv4-mapped address 341
IPv6 addresses 339
link-local unicast address 341
options 333
packet sizes 350
site-local unicast address 341
solicited node multicast address 345
transition from IPv4 379
tunneling 335, 381
automatic 381
configured 385
tunneling over IPv4 networks 381
VPN 863
IP6.INT domain 368
IP-FDDI 33
IPv6 863
IPX 812

968

TCP/IP Tutorial and Technical Overview

ISAKMP/Oakley
application-layer security 839
authentication 783, 839840
authentication key 837
authentication mechanism 831, 839
authentication method 834
certificate 832, 837, 846
certificate authority 837
certificate payload 837, 839
Certificate Request message 838
certificates 840
composite value 836
cryptographic key 831
cryptographic keys 835, 837, 840
denial-of-service 830
destination port 833
Diffie-Hellman 832, 835836, 838840, 842,
845
Diffie-Hellman algorithm 784
digital signature 838839
Digital Signature Algorithm 790, 837
Digital Signature Standard 831
DOI 833834
Domain of Interpretation (DOI) 833834, 842
encryption 839
encryption algorithm 834
Encryption Bit 838
Encryption Flag 841
encryption key 837
exponent 835
Flags field 838
hash function 840
Hash Payload 842844
identity 835
identity payload 837839
Identity Protect exchange 832
Initiator Cookie 833834, 836
ISAKMP header 833834, 838839, 844
Key Exchange attribute 840
Key Exchange field 836
Key Exchange Payload 843
KEY_OAKLEY 834835
keying material 830, 836837, 844845
LDAP 838
man-in-the-middle 830
master key 832
master secret 831
Message 1 833, 841, 845
Message 2 834, 843, 845

Message 3 835, 844

Message 4 836
Message 5 837
Message 6 839
Message ID 833834, 841, 843844
Message ID field 839
nonce 835836, 841842, 844845
Nonce field 836
Nonce Payload 843
Oakley Main Mode 832, 839
Oakley Quick Mode 840
Perfect Forward Secrecy (PFS) 831, 840
permanent identifier 832, 846
PFS 831, 840
Phase 1 831
Phase 2 831
pre-shared keys 831
private value 835836
Proposal Payload 833, 835, 842
protection suites 833, 845
PROTO_ISAKMP 833, 835
protocol code point 844
proxy negotiator 841
pseudo-random function 834, 842
public key 831832
public value 835836, 838840, 842, 844845
remote access 845
remote host 832, 845
Responder Cookie 833834, 836
revised RSA public key authentication 835
RSA algorithm 783
RSA public key authentication 835
RSA public key encryption 831
secure DNS server 838
secure local cache 838
Security Association 831832, 835, 839840
Security Association field 833834
Security Association Payload 842, 845
Security Payload 843
security protection suite 831
signature payload 837
SKEYID 832, 836, 838, 844
SKEYID_a 837, 842
SKEYID_d 837
SKEYID_e 837
SPI 838, 844846
Transform Payload 834835, 842
ISDN
Basic Rate Interface (BRI) 38

B-channel 38
D-channel 38
maximum transmission unit (MTU) 39
NRZ encoding 38
PPP encapsulation 38
Primary Rate Interface (PRI) 38
ISO 13
ISP 829
iterated tunneling 823
ITU-T 13
IV 779

KAS 868
KDBM 870
Kerberos Authentication Server (KAS) 868
Kerberos Database Manager (KDBM) 870
Kerberos Key Distribution Server (KKDS) 871
Kerberos System
assumed goals
accounting 864
authentication 864
authorization 864
assumptions 864
authentication process 866, 870
authorization model 871
database management 870
naming 865
instance name 865
principal name 865
realm name 865
key length 782
key management 780, 848, 884
key refresh 773
keyed algorithm 778
key-exchange 780
key-exchange algorithm 783
keying material 830, 836, 844845
keyspace 778
KKDS 871

LAN emulation (LANE) 61

LAN emulation server 58
LAN replacement 50
LAN segment 125
LANE
layer 62

Index

969

latency 61
Layer 2 Forwarding (L2F) 875
Layer 2 Tunneling Protocol (L2TP) 875
Access Concentrator 876
LAC 876
LNS 876
NAS 876
Network Access Server 876
Network Server 876
security features 879
session 876
tunnel 876
LDAP 838
link layer 8
LIS 48
Logical IP Subnetwork (LIS) 53
long-term key 790
Loose Source Routing 105
Lotus Notes 792
LSAP 31

MAC 786, 789

man-in-the-middle 830
man-in-the-middle attack 791, 879
master key 860
master secret 831
maximum transmission unit (MTU) 34, 104
ICMPv6 359
ISDN 39
Path MTU Discovery 350
MD5 788789
message authentication code 773
message authentication code (MAC) 786, 860
Metropolitan Area Ethernet (MAE) 17
Metropolitan Fiber Systems (MFS) 17
MILNET 14
modular arithmetic 783
MPOA 6061, 63
benefits 60
client 61
functional group layer 62
logical components 61
operation 63
server 61
multicast 85
host group 85
multicast group 365

970

TCP/IP Tutorial and Technical Overview

Multicast Listener Discovery (MLD) 365

multicast listener done message 367
multicast listener report 367
server (MCS) 63
multicast address resolution server (MARS) 63
multi-homed 77, 9798
multi-homing 68
Multi-Path Channel+ (MPC+) 46
Multiprotocol Encapsulation 53
mutable fields 813

NAS 873
National Institute of Standards and Technology
(NIST) 788
National Science Foundation (NSF) 15
National Science Foundation Network (NFSNET)
15
National Security Agency (NSA) 788
neighbor discovery 353
nested tunneling 823
NetBIOS 812
Network Access Points (NAPs) 17
network access server 873
Network Control Program (NCP) 13
network interface layer 8
network layer 8
Next Generation Internet (NGI) initiative 18
NIST 788
nonce 835836, 841842, 844845
non-repudiation 773, 779, 782
NSA 788

Oakley Main Mode 839

Oakley Quick Mode 840
one-time password 773
one-way function 785
overlapping fragment attack 813

packet-filtering 796
packet-filtering router 796
Path MTU Discovery 109
Perfect Forward Secrecy (PFS) 831, 840
per-session key 791
PFS 831, 840

PGP 780
physical layer 62
Ping 117
point of presence 875
Point-to-Point Protocol (PPP) 874
authentication 36
IP Control Protocol (IPCP) 37
IPCP 37
L2TP tunnel 877
LCP 36
Link Control Protocol (LCP) 36
NCP 36
Network Control Protocol (NCP) 36
Synchronous Digital Hierarchy (SDH) 45
Synchronous Optical Network (SONET) 45
Synchronous Payload Envelope (SPE) 46
Van Jacobson Header Compression 37
Point-to-Point Tunneling Protocol (PPTP) 875
prefix discovery 357
Pretty Good Privacy (PGP) 780
prime factor 790
prime number 782
principal identifier 865
private IP address 812
private key 780, 790
protocol number
in an IPv6 header 331
protocol virtual LAN (PVLAN) 60
proxy 796
proxy server 846
proxy-ARP 82
concept 123
pseudo-header
IPv6 333
pseudo-random function 834
pseudorandom generator 793
public key 780, 790791, 831, 860
public-key algorithm 782783
public-key algorithms 781
PVC 48

RADIUS 873
random function 793
random-number generator 792
RC2 794
RC4 794
Real-Time Transport Protocol 756

Reconfigure, DHCP 372

Record Route 107
Redbooks Web site 961
Contact us xxiii
refresh keys 840
remote access 845
remote access server (RAS) 776
Remote Authentication Dial In User Service 873
remote dial-in 872
Remote Forwarder Functional Group (RFFG) 63
remote host 829, 832
replay attack 772
replay protection 815
Request for Comments (RFC)
Internet Standards Track 22
purpose 22
RFC 0791 68
RFC 0792 109110
RFC 0826 47, 51, 119120
RFC 0877 39
RFC 0894 31
RFC 0903 124
RFC 0906 126, 129
RFC 0919 68
RFC 0922 68, 85
RFC 0925 123
RFC 0948 32
RFC 0950 68, 109110
RFC 0951 22, 126, 128
RFC 1010 32
RFC 1027 123
RFC 1034 24
RFC 1035 24
RFC 1042 32, 53
RFC 1055 34
RFC 1112 119
RFC 1122 25, 56
RFC 1123 25
RFC 1144 35, 37
RFC 1149 22
RFC 1166 6869
RFC 1191 109, 350
RFC 1206 25
RFC 1256 109, 113
RFC 1325 25
RFC 1349 68, 100
RFC 1356 39
RFC 1437 22
RFC 1466 89

Index

971

RFC 1483 53
RFC 1492 873
RFC 1510 864
RFC 1518 9596
RFC 1518 - 1520 95
RFC 1519 95
RFC 1520 95, 98
RFC 1542 22, 126
RFC 1577 61
RFC 1579 803
RFC 1594 25
RFC 1618 38
RFC 1619 45
RFC 1661 35
RFC 1662 35
RFC 1700 25, 40, 48
RFC 1755 55
RFC 1809 346
RFC 1812 25
RFC 1827 818
RFC 1886 367368, 390
RFC 1905 640
RFC 1906 640
RFC 1918 89
RFC 1928 847848
RFC 1929 847
RFC 1961 847
RFC 2026 21
RFC 2050 89
RFC 2058 873
RFC 2131 130
RFC 2132 126, 129130, 134, 137
RFC 2138 873
RFC 2181 25
RFC 2185 379
RFC 2223 22
RFC 2225 50, 53
RFC 2236 119
RFC 2246 861
RFC 2341 875
RFC 2362 261
RFC 2373 339, 345, 390
RFC 2374 342
RFC 2375 344
RFC 2400 25, 50
RFC 2402 814, 817
RFC 2406 818, 822
RFC 2427 41
RFC 2460 346, 390

972

TCP/IP Tutorial and Technical Overview

RFC 2461 352, 363, 390

RFC 2462 364365, 390
RFC 2463 352
RFC 2579 640
RFC 2661 875
RFC 2664 25
RFC 2800 25
RFC 2888 879
RFC 2893 379, 390
RFC 922 85
state 23
draft standard 23
experimental 23
historic 23
informational 23
proposed standard 23
standard 23
status 24
elective 24
limited use 24
not recommended 24
recommended 24
required 24
Rseaux IP Europens (RIPE) 86
Resource Reservation Protocol (RSVP) 346
restricted cipher 778
Reverse Address Resolution Protocol (RARP)
operation code field 125
packet format 125
reply 125
request 125
Route Server Functional Group (RSFG) 63
router 11
router discovery protocol 114
Router Discovery 109
router discovery 357
router discovery protocol 114
routing 77
direct 78
indirect 78
partial routing information 77
routing extension header 817, 822
routing table 79
routing table explosion 95
RSA 782783
RSA algorithm 783
RTCP 762
RTP 756
Control Protocol 762

header format 758

SA bundle 811, 826

secret, shared 783
secure DNS server 838
Secure Electronic Transactions (SET) 787
acquirer 880
cardholder 880
certificate authority 881
issuer 880
key management 884
merchant 880
payment gateway 880
transactions 881
Secure Hash Algorithm 1 (SHA-1) 788
secure local cache 838
Secure Sockets Layer (SSL) 854
certificate 859
change CipherSpec protocol 857
compatibility 856
connection state 857
generate encryption key 860
handshake phase 855
Handshake Protocol 854, 858
master key 860
message authentication code (MAC) 860
public key 860
Record Layer 858
Record Protocol 854, 860
security issues 855
session 856
session state 857
states 856
symmetric-key 860
TCP port 443 855
Security Association Database (SAD) 811
security exposures 773
security ID cards 800
Security Parameter Index (SPI) 810, 814, 819
security policy 776
Security Policy Database (SPD) 811
security solutions 773, 775
Serial Line IP (SLIP) 874
addressing
35
implementations 35
overview 34

Van Jacobson Header Compression 35

SET 792
SHA-1 788
shared keys 782
shared secret 783, 785, 788789
Simple Internet Transition (SIT) 379
SKEYID 836, 844
SKEYID_a 837, 842
SKEYID_d 837
SKEYID_e 837
SNA
LCP 36
Link Control Protocol (LCP) 36
NCP 36
Network Control Protocol (NCP) 36
SOCKS
authentication methods 848
circuit-level gateway 846
encapsulation method 850
encryption standards 848
firewall 804, 846
key management systems 848
method options 849
request detail message 851
SOCKS server 846
SOCKS-enabled client 847
SOCKS-enabled TCP/IP stack 847
SOCKSv4 847
SOCKSv5 847
TCP connection 849
tunneling protocols 848
UDP connection 852
UDP port 852
UDP relay server 853
UDP support 848
version identifier 849
spoofing attack 879
Standard Protocol Numbers (STD) 24
STD 01 25, 36
STD 02 25
STD 03 25
STD 04 25
STD 05 68, 109
STD 51 35
stream algorithm 779
Strict Source Routing 106
strong cryptography 823
subnet mask 73
determining 77

Index

973

subnet number 73
subnets 72
subnetting
static 74
variable length 74
Subnetwork Access Protocol (SNAP) 31, 40, 42
supernetting 96
SVC 48
symmetric algorithm 779780
symmetric-key 860
Synchronous Digital Hierarchy (SDH) 45
Synchronous Optical Network (SONET) 45
Synchronous Payload Envelope (SPE) 46

TACACS 873
TACACS+ 873
tapping the wire 772
TCP
SOCKS-enabled stack 847
TELNET
proxy server 801
Terminal Access Controller Access Control System
873
TGS 868
Ticket-Granting Server (TGS) 868
time stamp 782
time-to-live
IP 101
IPSec Authentication Header (AH) 813
IPv6 hop limit 332
Token-Ring LAN 33
transform 810
transparent subnetting 123
transport adjacency 823, 826
triple-DES 780
Trivial File Transfer Protocol (TFTP)
BOOTP 126
trust chain 792
tunnel 876
tunneling 381, 812, 848
two-way random number handshake 773
Type of Service (TOS) 813
type-length-value (TLV) 335

unicast
address 84

974

TCP/IP Tutorial and Technical Overview

University Corporation for Advanced Internet Development (UCAID) 19

value, hash 788

virus 772

well-known port 10
Wireless Application Protocol (WAP) 27

X.25
Call Request packet 39
Call User Data (CUD) 39
network-layer protocol identifier (NLPID) 39
Organizationally Unique Identifier (OUI) 41
Protocol Data Unit (PDU) 39
Protocol Identifier (PID) 41
Subnetwork Access Protocol (SNAP) 40
Subsequent Protocol Identifier (SPI) 39
virtual circuits 39
X.509 certificates 861
XTACACS 873