DOCSLIB.ORG

Qos: NBAR Protocol Library, Cisco IOS XE Release 3.8S

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 C O N T E N T S 3COM-AMP3 through AYIYA-IPV6-TUNNELED 34 3COM-AMP3 35 3COM-TSMUX 36 3PC 37 9PFS 38 914C G 39 ACAP 40 ACAS 40 ACCESSBUILDER 41 ACCESSNETWORK 42 ACP 43 ACR-NEMA 44 ACTIVE-DIRECTORY 45 ACTIVESYNC 45 ADOBE-CONNECT 46 AED-512 47 AFPOVERTCP 48 AGENTX 49 ALPES 50 AMINET 50 AN 51 ANET 52 ANSANOTIFY 53 ANSATRADER 54 ANY-HOST-INTERNAL 54 AODV 55 AOL-MESSENGER 56 AOL-MESSENGER-AUDIO 57 AOL-MESSENGER-FT 58 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S ii Contents AOL-MESSENGER-VIDEO 58 AOL-PROTOCOL 59 APC-POWERCHUTE 60 APERTUS-LDP 61 APPLEJUICE 62 APPLEQTC 63 APPLEQTCSRVR 63 APPLIX 64 ARCISDMS 65 ARGUS 66 ARIEL1 67 ARIEL2 67 ARIEL3 68 ARIS 69 ARNS 70 ARUBA-PAPI 71 ASA 71 ASA-APPL-PROTO 72 ASIPREGISTRY 73 ASIP-WEBADMIN 74 AS-SERVERMAP 75 AT-3 76 AT-5 76 AT-7 77 AT-8 78 AT-ECHO 79 AT-NBP 80 AT-RTMP 80 AT-ZIS 81 AUDIO-OVER-HTTP 82 AUDIT 83 AUDITD 84 AURORA-CMGR 85 AURP 85 AUTH 86 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S iii Contents AVIAN 87 AVOCENT 88 AX25 89 AYIYA-IPV6-TUNNELED 89 BABELGUM through BR-SAT-MON 92 BABELGUM 93 BACNET 93 BAIDU-MOVIE 94 BANYAN-RPC 95 BANYAN-VIP 96 BB 97 BBNRCCMON 98 BDP 98 BFTP 99 BGMP 100 BGP 101 BGS-NSI 102 BHEVENT 103 BHFHS 103 BHMDS 104 BINARY-OVER-HTTP 105 BITTORRENT 106 BL-IDM 107 BLIZWOW 107 BLOGGER 108 BMPP 109 BNA 110 BNET 111 BORLAND-DSJ 112 BR-SAT-MON 112 CABLEPORT-AX through CYCLESERV2 114 CABLEPORT-AX 115 CAB-PROTOCOL 116 CADLOCK 117 CAILIC 118 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S iv Contents CALL-OF-DUTY 119 CAPWAP-CONTROL 120 CAPWAP-DATA 120 CBT 121 CDC 122 CDDBP-ALT 123 CFDPTKT 124 CFTP 125 CHAOS 126 CHARGEN 126 CHECKPOINT-CPMI 127 CHSHELL 128 CIFS 129 CIMPLEX 130 CISCO-FNA 131 CISCO-IP-CAMERA 132 CISCO-NAC 132 CISCO-PHONE 133 CISCO-SYS 134 CISCO-TDP 135 CISCO-TNA 136 CITRIX-STATIC 137 CITRIX 137 CLEARCASE 138 CLOANTO-NET-1 139 CMIP-AGENT 140 CMIP-MAN 141 COAUTHOR 142 CODAAUTH2 143 COLLABORATOR 143 COMMERCE 144 COMPAQ-PEER 145 COMPRESSNET 146 COMSCM 147 CON 147 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S v Contents CONFERENCE 148 CONNENDP 149 CONTENTSERVER 150 COOLTALK 151 CORBA-IIOP 152 CORERJD 152 COURIER 153 COVIA 154 CPHB 155 CPNX 156 CPQ-WBEM 157 CREATIVEPARTNR 157 CREATIVESERVER 158 CRS 159 CRTP 160 CRUDP 161 CRYPTOADMIN 161 CSI-SGWP 162 CSNET-NS 163 CTF 164 CUSEEME 165 CUSTIX 166 CVC_HOSTD 166 CVSPSERVER 167 CVSUP 168 CYBERCASH 169 CYCLESERV 170 CYCLESERV2 171 DANTZ through DWR 172 DANTZ 173 DASP 174 DATASURFSRV 175 DATASURFSRVSEC 176 DATEX-ASN 177 DAYTIME 177 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S vi Contents DBASE 178 DCCP 179 DCLINK 180 DCN-MEAS 181 DCP 181 DCTP 182 DDM-DFM 183 DDM-RDB 184 DDM-SSL 185 DDP 186 DDX 186 DEC_DLM 187 DECAP 188 DECAUTH 189 DECBSRV 190 DECLADEBUG 190 DECVMS-SYSMGT 191 DEI-ICDA 192 DEOS 193 DESKNETS 194 DEVICE 194 DGP 195 DHCP-FAILOVER 196 DHCP-FAILOVER2 197 DHCP 198 DHCPV6-CLIENT 198 DHCPV6-SERVER 199 DHT 200 DICOM 201 DIGITAL-VRC 202 DIRECTCONNECT 203 DIRECTPLAY 204 DIRECTPLAY8 204 DIRECTV-CATLG 205 DIRECTV-SOFT 206 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S vii Contents DIRECTV-TICK 207 DIRECTV-WEB 208 DISCARD 208 DISCLOSE 209 DISTCC 210 DIXIE 211 DLS-MON 212 DLS 213 DMP 213 DN6-NLM-AUD 215 DNA-CML 215 DNP 216 DNS 217 DNSIX 218 DOOM 219 DPSI 219 DSFGW 220 DSP 221 DSP3270 222 DSR 223 DTAG-STE-SB 224 DTK 224 DWR 225 ECHO through EXEC 228 ECHO 229 EDONKEY-STATIC 229 EDONKEY 230 EGP 231 EIGRP 232 ELCSD 233 EMBL-NDT 234 EMCON 234 EMFIS-CNTL 235 EMFIS-DATA 236 ENCAP 237 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S viii Contents ENCRYPTED-BITTORRENT 238 ENCRYPTED-EMULE 239 ENTOMB 239 ENTRUST-AAAS 240 ENTRUST-AAMS 241 ENTRUST-ASH 242 ENTRUST-KMSH 243 ENTRUST-SPS 243 EPMAP 244 ERPC 245 ESCP-IP 246 ESIGNAL 247 ESRO-EMSDP 247 ESRO-GEN 248 ETHERIP 249 EUDORA-SET 250 EXCHANGE 251 EXEC 251 FACEBOOK through FUJITSU-DEV 254 FACEBOOK 255 FASTTRACK-STATIC 255 FASTTRACK 256 FATSERV 257 FC 258 FCP 259 FILEMAKER-ANNOUNCEMENT 260 FILETOPIA 261 FINGER 261 FIRE 262 FIX 263 FLASH-VIDEO 264 FLASHMYSPACE 265 FLASHYAHOO 266 FLEXLM 266 FLN-SPX 267 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S ix Contents FONT-SERVICE 268 FRING-VIDEO 269 FRING-VOIP 270 FRING 271 FTP-AGENT 271 FTP-DATA 272 FTP 273 FTPS-DATA 274 FUJITSU-DEV 275 GACP through GURUGURU 278 GACP 279 GAME-SPY 280 GDOMAP 280 GDS_DB 281 GENIE 282 GENRAD-MUX 283 GGF-NCP 284 GGP 284 GHOSTSURF 285 GINAD 286 GKRELLM 287 GMAIL 288 GMTP 289 GNUTELLA 289 GO-LOGIN 290 GOBOOGY 291 GOOGLE-ACCOUNTS 292 GOOGLE-DOCS 293 GOOGLE-EARTH 294 GOOGLE-PLUS 294 GOOGLE-SERVICES 295 GOPHER 296 GOTODEVICE 297 GOTOMYPC 298 GRAPHICS 299 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S x Contents GRE 299 GRIDFTP 300 GROOVE 301 GROUPWISE 302 GSIFTP 303 GSS-HTTP 304 GSS-XLICEN 304 GTALK-CHAT 305 GTALK-FT 306 GTALK-VIDEO 307 GTALK-VOIP 308 GTALK 309 GTP-USER 309 GURUGURU 310 H323 through HYPERWAVE-ISP 312 H323 313 HA-CLUSTER 314 HAMACHI 314 HAP 315 HASSLE 316 HCP-WISMAR 317 HDAP 318 HELLO-PORT 319 HEMS 319 HEROIX-LONGITUDE 320 HIP 321 HITACHI-SPC 322 HL7 323 HMMP-IND 324 HMMP-OP 324 HMP 325 HOPOPT 326 HOSTNAME 327 HOTMAIL 328 HP-ALARM-MGR 329 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xi Contents HP-COLLECTOR 329 HP-MANAGED-NODE 330 HP-PDL-DATASTR 331 HTTP-ALT 332 HTTP-MGMT 333 HTTP-RPC-EPMAP 333 HTTP 334 HULU 335 HYBRID-POP 336 HYPER-G 337 HYPERWAVE-ISP 337 IAFDBASE through JARGON 340 IAFDBASE 342 IAFSERVER 342 IASD 343 IATP 344 IAX 345 IBM-APP 346 IBM-DB2 346 IBM-DIRECTOR 347 IBPROTOCOL 348 ICLCNET-LOCATE 349 ICLCNET_SVINFO 350 ICMP 351 ICQ-FILETRANSFER 352 ICQ 352 IDFP 353 IDPR-CMTP 354 IDPR 355 IDRP 356 IEEE-MMS-SSL 357 IEEE-MMS 357 IFMP 358 IGRP 359 IIOP 360 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xii Contents IL 361 IMAP 362 IMSP 363 INBUSINESS 364 INFOSEEK 364 INGRES-NET 365 I-NLSP 366 INTECOURIER 367 INTEGRA-SME 368 INTRINSA 368 IP-MESSENGER 369 IPCD 370 IPCOMP 371 IPCSERVER 372 IPCV 372 IPDD 373 IPINIP 374 IPIP 375 IPLT 376 IPP 377 IPPC 377 IPSEC 378 IPV6-FRAG 379 IPV6-ICMP 380 IPV6-NONXT 381 IPV6-OPTS 381 IPV6-ROUTE 382 IPV6INIP 383 IPX-IN-IP 384 IRC-SERV 385 IRC 386 IRTP 386 IS99C 387 IS99S 388 ISAKMP 389 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xiii Contents ISATAP-IPV6-TUNNELED 390 ISCSI-TARGET 391 ISCSI 391 ISI-GL 392 ISIS 393 ISO-ILL 394 ISO-IP 395 ISO-TP0 396 ISO-TP4 396 ISO-TSAP-C2 397 ISO-TSAP 398 ITM-MCELL-S 399 ITUNES 400 JARGON 401 K-BLOCK through LWAPP 402 KALI 403 KAZAA2 404 K-BLOCK 404 KERBEROS-ADM 405 KERBEROS 406 KEYSERVER 407 KIS 408 KLOGIN 408 KNET-CMP 409 KONSPIRE2B 410 KPASSWD 411 KRYPTOLAN 412 KSHELL 412 KURO 413 L2TP 414 LA-MAINT 415 LANSERVER 416 LARP 416 LDAP 417 LDP 418 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xiv Contents LEAF-1 419 LEAF-2 420 LEGENT-1 420 LEGENT-2 421 LINKEDIN 422 LIVEMEETING 423 LIVESTATION 424 LJK-LOGIN 425 LOCKD 425 LOCUS-CON 426 LOCUS-MAP 427 LOGIN 428 LOGLOGIC 429 LOGMEIN 430 LWAPP 430 MAC-SRVR-ADMIN through MYSQL 432 MAC-SRVR-ADMIN 434 MAGENTA-LOGIC 435 MAILBOX-LM 435 MAILQ 436 MAITRD 437 MANET 438 MANOLITO 439 MAPI 440 MAPLESTORY 440 MASQDIALER 441 MATIP-TYPE-A 442 MATIP-TYPE-B 443 MAXDB 444 MCAFEE-UPDATE 445 MCIDAS 446 MCNS-SEC 446 MDC-PORTMAPPER 447 MECOMM 448 MEGAVIDEO 449 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xv Contents MEREGISTER 450 MERIT-INP 450 META5 451 METAGRAM 452 METER 453 MFCOBOL 454 MFE-NSP 454 MFTP 455 MGCP 456 MICOM-PFS 457 MICP 458 MICROMUSE-LM 458 MICROSOFTDS 459 MIKOGO 460 MIT-DOV 461 MIT-ML-DEV 462 MOBILE 462 MOBILEIP-AGENT 463 MOBILIP-MN 464 MOBILITYSRV 465 MONDEX 466 MONITOR 467 MORTGAGEWARE 467 MPLS-IN-IP 468 MPM-FLAGS 469 MPM-SND 470 MPM 471 MPP 471 MPTN 472 MRM 473 MS-DYNAMICS-CRM-ONLINE 474 MS-IIS 475 MS-LIVE-ACCOUNTS 476 MS-NETLOGON 476 MS-OCS-FILE-TRANSFER 477 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xvi Contents MS-OFFICE-365 478 MS-OLAP 479 MS-ROME 480 MS-RPC 481 MS-SHUTTLE 481 MS-SMS 482 MS-SQL-M 483 MS-STREAMING 484 MS-UPDATE 485 MS-WBT 486 MS-WIN-DNS 486 MSDP 487 MSEXCH-ROUTING 488 MSFT-GC-SSL 489 MSFT-GC 490 MSG-AUTH 491 MSG-ICP 491 MSN-MESSENGER-FT 492 MSN-MESSENGER-VIDEO 493 MSN-MESSENGER 494 MSNP 495 MSP 496 MTP 497 MULTILING-HTTP 497 MULTIPLEX 498 MUMPS 499 MUX 500 MY-JABBER-FT 501 MYLEX-MAPD 502 MYSQL 502 NAME through NXEDIT 504 NAME 505 NAMP 506 NAPSTER 507 NARP 508 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xvii Contents NAS 509 NCED 510 NCLD 510 NCP 511 NCUBE-LM 512 NDMP 513 NDSAUTH 514 NEST-PROTOCOL 515 NET-ASSISTANT 516 NET8-CMAN 516 NETAPP-SNAPMIRROR 517 NETBIOS-NS 518 NETBIOS 519 NETBLT 520 NETFLIX 521 NETGW 522 NETNEWS 522 NETOP-REMOTE-CONTROL 523 NETRCS 524 NETRJS-1 525 NETRJS-2 526 NETRJS-3 527 NETRJS-4 527 NETSC-DEV 528 NETSC-PROD 529 NETSHOW 530 NETVIEWDM1 531 NETVIEWDM2 532 NETVIEWDM3 532 NETVMG-TRACEROUTE 533 NETWALL 534 NETWARE-IP 535 NETWORKING-GNUTELLA 536 NEW-RWHO 536 NEXTSTEP 537 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xviii Contents NFS 538 NI-FTP 539 NI-MAIL 540 NICNAME 541 NLOGIN 541 NMAP 542 NMSP 543 NNSP 544 NNTP 545 NOTES 545 NOVADIGM 546 NOVASTORBAKCUP 547 NPMP-GUI 548 NPMP-LOCAL 549 NPMP-TRAP 550 NPP 550 NQS 551 NS 552 NSFNET-IGP 553 NSIIOPS 554 NSRMP 555 NSS-ROUTING 555 NSW-FE 556 NTALK 557 NTP 558 NVP-II 559 NXEDIT 559 OBEX through OSU-NMS 562 OBEX 563 OBJCALL 563 OCBINDER 564 OCS_AMU 565 OCS_CMU 566 OCSERVER 567 ODMR 568 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S xix Contents OHIMSRV
Recommended publications
  • Simulacijski Alati I Njihova Ograničenja Pri Analizi I Unapređenju Rada Mreža Istovrsnih Entiteta

    Simulacijski Alati I Njihova Ograničenja Pri Analizi I Unapređenju Rada Mreža Istovrsnih Entiteta

    SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN Tedo Vrbanec SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Varaždin, 2010. PODACI O MAGISTARSKOM RADU I. AUTOR Ime i prezime Tedo Vrbanec Datum i mjesto rođenja 7. travanj 1969., Čakovec Naziv fakulteta i datum diplomiranja Fakultet organizacije i informatike, 10. listopad 2001. Sadašnje zaposlenje Učiteljski fakultet Zagreb – Odsjek u Čakovcu II. MAGISTARSKI RAD Simulacijski alati i njihova ograničenja pri analizi i Naslov unapređenju rada mreža istovrsnih entiteta Broj stranica, slika, tablica, priloga, XIV + 181 + XXXVIII stranica, 53 slike, 18 tablica, 3 bibliografskih podataka priloga, 288 bibliografskih podataka Znanstveno područje, smjer i disciplina iz koje Područje: Informacijske znanosti je postignut akademski stupanj Smjer: Informacijski sustavi Mentor Prof. dr. sc. Željko Hutinski Sumentor Prof. dr. sc. Vesna Dušak Fakultet na kojem je rad obranjen Fakultet organizacije i informatike Varaždin Oznaka i redni broj rada III. OCJENA I OBRANA Datum prihvaćanja teme od Znanstveno- 17. lipanj 2008. nastavnog vijeća Datum predaje rada 9. travanj 2010. Datum sjednice ZNV-a na kojoj je prihvaćena 18. svibanj 2010. pozitivna ocjena rada Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva koje je rad ocijenilo Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum obrane rada 1. lipanj 2010. Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva pred kojim je rad obranjen Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum promocije SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN POSLIJEDIPLOMSKI ZNANSTVENI STUDIJ INFORMACIJSKIH ZNANOSTI SMJER STUDIJA: INFORMACIJSKI SUSTAVI Tedo Vrbanec Broj indeksa: P-802/2001 SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Mentor: Prof.
  • INTERNET-DRAFT M. Ackermann Intended Status: Informational BCBS Michigan N

    INTERNET-DRAFT M. Ackermann Intended Status: Informational BCBS Michigan N

    INTERNET-DRAFT M. Ackermann Intended Status: Informational BCBS Michigan N. Elkins W. Jouris Inside Products Expires: April 2014 October 3, 2013 Usage of NTP for the PDM DOH IPv6 Extension Header draft-ackermann-tictoc-pdm-ntp-usage-00 Abstract The Performance and Diagnostic Metrics (PDM) Destination Options Header (DOH) for IPv6 defines metrics which are critical for timely end-to-end problem resolution, without impacting an operational production network. These metrics and their derivations can be used for network diagnostics. The base metrics are: packet sequence number and packet timestamp. The timestamp fields require time synchronization at the two end points. This document provides implementation guidelines for implementing Network Time Protocol (NTP) to provide such synchronization. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Ackermann Expires April, 2014 [Page 1] INTERNET DRAFT -ackermann-tictoc-pdm-ntp-usage-00 October 2013 Copyright and License Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors.
  • The Application Usage and Risk Report an Analysis of End User Application Trends in the Enterprise

    The Application Usage and Risk Report an Analysis of End User Application Trends in the Enterprise

    The Application Usage and Risk Report An Analysis of End User Application Trends in the Enterprise 8th Edition, December 2011 Palo Alto Networks 3300 Olcott Street Santa Clara, CA 94089 www.paloaltonetworks.com Table of Contents Executive Summary ........................................................................................................ 3 Demographics ............................................................................................................................................. 4 Social Networking Use Becomes More Active ................................................................ 5 Facebook Applications Bandwidth Consumption Triples .......................................................................... 5 Twitter Bandwidth Consumption Increases 7-Fold ................................................................................... 6 Some Perspective On Bandwidth Consumption .................................................................................... 7 Managing the Risks .................................................................................................................................... 7 Browser-based Filesharing: Work vs. Entertainment .................................................... 8 Infrastructure- or Productivity-Oriented Browser-based Filesharing ..................................................... 9 Entertainment Oriented Browser-based Filesharing .............................................................................. 10 Comparing Frequency and Volume of Use
  • Synology NAS User's Guide Based on DSM 4.3

    Synology NAS User's Guide Based on DSM 4.3

    Synology NAS User's Guide Based on DSM 4.3 Document ID Syno_UsersGuide_NAS_20130906 Table of Contents Chapter 1: Introduction Chapter 2: Get Started with Synology DiskStation Manager Install Synology NAS and DSM ............................................................................................................................................. 8 Log into Synology DiskStation Manager .............................................................................................................................. 8 DiskStation Manager Appearance ........................................................................................................................................ 9 Manage DSM with the Main Menu ..................................................................................................................................... 11 Manage Personal Options ................................................................................................................................................... 12 Chapter 3: Modify System Settings Change DSM Settings .......................................................................................................................................................... 14 Change Network Settings .................................................................................................................................................... 16 Modify Regional Options .....................................................................................................................................................
  • A Framework for Designing Cryptographic Key Management Systems

    A Framework for Designing Cryptographic Key Management Systems

    NIST Special Publication 800-130 A Framework for Designing Cryptographic Key Management Systems Elaine Barker Miles Smid Dennis Branstad Santosh Chokhani C O M P U T E R S E C U R I T Y NIST Special Publication 800-130 A Framework for Designing Cryptographic Key Management Systems Elaine Barker Computer Security Division Information Technology Laboratory Miles Smid Orion Security Solutions Silver, Spring, MD Dennis Branstad NIST Consultant Austin, TX Santosh Chokhani Cygnacom McLean, VA August 2013 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director SP 800-130 August 2013 Authority This publication has been developed by NIST to further its statutory responsibilities under the Federal Information Security Management Act (FISMA), Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A-130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A-130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority.
  • NBAR2 Standard Protocol Pack 1.0

    NBAR2 Standard Protocol Pack 1.0

    NBAR2 Standard Protocol Pack 1.0 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2013 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 1 CHAPTER 2 BGP 3 BITTORRENT 6 CITRIX 7 DHCP 8 DIRECTCONNECT 9 DNS 10 EDONKEY 11 EGP 12 EIGRP 13 EXCHANGE 14 FASTTRACK 15 FINGER 16 FTP 17 GNUTELLA 18 GOPHER 19 GRE 20 H323 21 HTTP 22 ICMP 23 IMAP 24 IPINIP 25 IPV6-ICMP 26 IRC 27 KAZAA2 28 KERBEROS 29 L2TP 30 NBAR2 Standard Protocol Pack 1.0 iii Contents LDAP 31 MGCP 32 NETBIOS 33 NETSHOW 34 NFS 35 NNTP 36 NOTES 37 NTP 38 OSPF 39 POP3 40 PPTP 41 PRINTER 42 RIP 43 RTCP 44 RTP 45 RTSP 46 SAP 47 SECURE-FTP 48 SECURE-HTTP 49 SECURE-IMAP 50 SECURE-IRC 51 SECURE-LDAP 52 SECURE-NNTP 53 SECURE-POP3 54 SECURE-TELNET 55 SIP 56 SKINNY 57 SKYPE 58 SMTP 59 SNMP 60 SOCKS 61 SQLNET 62 SQLSERVER 63 SSH 64 STREAMWORK 65 NBAR2 Standard Protocol Pack 1.0 iv Contents SUNRPC 66 SYSLOG 67 TELNET 68 TFTP 69 VDOLIVE 70 WINMX 71 NBAR2 Standard Protocol Pack 1.0 v Contents NBAR2 Standard Protocol Pack 1.0 vi CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack Overview The Network Based Application Recognition (NBAR2) Standard Protocol Pack 1.0 is provided as the base protocol pack with an unlicensed Cisco image on a device.
  • Introduction to Public Key Infrastructures

    Introduction to Public Key Infrastructures

    Introduction to Public Key Infrastructures Johannes A. Buchmann • Evangelos Karatsiolis Alexander Wiesmaier Introduction to Public Key Infrastructures 123 Johannes A. Buchmann Evangelos Karatsiolis FB Informatik FlexSecure GmbH TU Darmstadt Darmstadt Darmstadt Germany Germany Alexander Wiesmaier AGT International Darmstadt Germany ISBN 978-3-642-40656-0 ISBN 978-3-642-40657-7 (eBook) DOI 10.1007/978-3-642-40657-7 Springer Heidelberg New York Dordrecht London Library of Congress Control Number: 2013954524 © Springer-Verlag Berlin Heidelberg 2013 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.
  • Hash Collision Attack Vectors on the Ed2k P2P Network

    Hash Collision Attack Vectors on the Ed2k P2P Network

    Hash Collision Attack Vectors on the eD2k P2P Network Uzi Tuvian Lital Porat Interdisciplinary Center Herzliya E-mail: {tuvian.uzi,porat.lital}[at]idc.ac.il Abstract generate colliding executables – two different executables which share the same hash value. In this paper we discuss the implications of MD4 In this paper we present attack vectors which use collision attacks on the integrity of the eD2k P2P such colliding executables into an elaborate attacks on network. Using such attacks it is possible to generate users of the eD2k network which uses the MD4 hash two different files which share the same MD4 hash algorithm in its generation of unique file identifiers. value and therefore the same signature in the eD2k By voiding the 'uniqueness' of the identifiers, the network. Leveraging this vulnerability enables a attacks enable selective distribution – distributing a covert attack in which a selected subset of the hosts specially generated harmless file as a decoy to garner receive malicious versions of a file while the rest of the popularity among hosts in the network, and then network receives a harmless one. leveraging this popularity to send malicious We cover the trust relations that can be voided as a executables to a specific sub-group. Unlike consequence of this attack and describe a utility conventional distribution of files over P2P networks, developed by the authors that can be used for a rapid the attacks described give the attacker relatively high deployment of this technique. Additionally, we present control of the targets of the attack, and even lets the novel attack vectors that arise from this vulnerability, attacker terminate the distribution of the malicious and suggest modifications to the protocol that can executable at any given stage.
  • Optimization of Time Synchronization Techniques on Computer Networks Faten Mkacher

    Optimization of Time Synchronization Techniques on Computer Networks Faten Mkacher

    Optimization of Time Synchronization Techniques on Computer Networks Faten Mkacher To cite this version: Faten Mkacher. Optimization of Time Synchronization Techniques on Computer Networks. Operating Systems [cs.OS]. Université Grenoble Alpes [2020-..], 2020. English. NNT : 2020GRALM015. tel- 02988168 HAL Id: tel-02988168 https://tel.archives-ouvertes.fr/tel-02988168 Submitted on 4 Nov 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. THÈSE Pour obtenir le grade de DOCTEUR DE L’UNIVERSITÉ GRENOBLE ALPES Spécialité : Informatique Arrêté ministériel : 25 mai 2016 Présentée par Faten MKACHER Thèse dirigée par Andrzej DUDA et coencadrée par Fabrice GUERY Préparée au sein du Laboratoire d’Informatique de Grenoble (LIG), dans l’École Doctorale Mathématiques, Sciences et Technologies de l’Information, Informatique (EDMSTII). Optimization of Time Synchronization Techniques on Computer Networks Thèse soutenue publiquement le 02 juin 2020, devant le jury composé de : Noel de Palma Professeur, Université Grenoble Alpes, Président Katia Jaffrés-Runser Maître de conférence, Université de Toulouse, Rapporteur Hervé Rivano Professeur, Université INSA de Lyon, Rapporteur Andrzej Duda Professeur, Grenoble INP, Directeur de thèse Fabrice Guery Responsable Innovation, Gorgy Timing, Invité 2 Abstract Nowadays, as society has become more interconnected, secure and accurate time-keeping be- comes more and more critical for many applications.
  • List of TCP and UDP Port Numbers from Wikipedia, the Free Encyclopedia

    List of TCP and UDP Port Numbers from Wikipedia, the Free Encyclopedia

    List of TCP and UDP port numbers From Wikipedia, the free encyclopedia This is a list of Internet socket port numbers used by protocols of the transport layer of the Internet Protocol Suite for the establishment of host-to-host connectivity. Originally, port numbers were used by the Network Control Program (NCP) in the ARPANET for which two ports were required for half- duplex transmission. Later, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) needed only one port for full- duplex, bidirectional traffic. The even-numbered ports were not used, and this resulted in some even numbers in the well-known port number /etc/services, a service name range being unassigned. The Stream Control Transmission Protocol database file on Unix-like operating (SCTP) and the Datagram Congestion Control Protocol (DCCP) also systems.[1][2][3][4] use port numbers. They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[5] However, many unofficial uses of both well-known and registered port numbers occur in practice. Contents 1 Table legend 2 Well-known ports 3 Registered ports 4 Dynamic, private or ephemeral ports 5 See also 6 References 7 External links Table legend Official: Port is registered with IANA for the application.[5] Unofficial: Port is not registered with IANA for the application. Multiple use: Multiple applications are known to use this port. Well-known ports The port numbers in the range from 0 to 1023 are the well-known ports or system ports.[6] They are used by system processes that provide widely used types of network services.
  • Time-Stamp Policy and Time-Stamp Practice Statement

    Time-Stamp Policy and Time-Stamp Practice Statement

    Time-Stamp Policy and Time-Stamp Practise Statement Version 1.1 11 January 2019 MSC Trustgate.com Sdn. Bhd.(478231-X) Suite 2-9, Level 2 Block 4801 CBD Perdana, Jalan Perdana, 63000 Cyberjaya Selangor Darul Ehsan, Malaysia Tel: +603 8318 1800 www.msctrustgate.com [email protected] TrustgateTime-Stamp Policy and Practise Statement ©2018 MSC Trustgate.com Sdn Bhd (478231-X). All rights reserved. Revision date: 11 January 2019 Trademark Notices 9 MSC Trustgate and its associated logos are the registered trademarks of MSC Trustgate.com Sdn Bhd or its affiliates. Other names may be trademarks of their respective owners. Without limiting the rights reserved above, and except as licensed below, no part of this publication may be reproduced, stored in or introduced into a retrieval system, or transmitted, in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), without prior written permission of MSC Trustgate. Notwithstanding the above, permission is granted to reproduce and distribute this MSC Trustgate Time- Stamp Policy and Time-Stamp Practise Statement on a nonexclusive, royalty-free basis, provided that (i) the foregoing copyright notice and the beginning paragraphs are prominently displayed at the beginning of each copy, and (ii) this document is accurately reproduced in full, complete with attribution of the document to MSC Trustgate. Requests for any other permission to reproduce this MSC Trustgate Time-Stamp Policy and Time-Stamp Practise Statement must be addressed to MSC Trustgate.com Sdn Bhd, Suite 2-9, Level 2, Block 4801 CBD Perdana, Jalan Perdana, 63000 Cyberjaya, Selangor Darul Ehsan, Malaysia or via email at [email protected].
  • The Delivery and Evidences Layer

    The Delivery and Evidences Layer

    The Delivery and Evidences Layer Amir Herzberg and Igal Yoffe Computer Science Department, Bar Ilan University, Ramat Gan, 52900, Israel {herzbea,ioffei}@cs.biu.ac.il April 4, 2007 Abstract. Evidences of delivery are essential for resolving (and avoiding) disputes on delivery of messages, in classical as well as electronic commerce. We present the first rigorous specifications and provably-secure implementation, for a communication layer providing time-stamped evidences for the message delivery process. This improves on existing standards for evidences (‘non-repudiation’) services, based on informal specifications and unproven designs. Our work also improves on the large body of analytical works on tasks related to evidences of delivery, such as certified mail/delivery protocols and fair exchange (of signatures). We improve by address- ing practical needs and scenarios, using realistic synchronization and communication assumptions, supporting time-outs and failures, and providing well-defined interface to the higher-layer protocols (application). Furthermore, we use the layered specifications framework, allowing provably-secure use of our protocol, with lower and higher layer protocols, with complete re-use of our analysis (theorems). Keywords: Certified delivery, cryptographic protocol, fair exchange, layered specifications, non-repudiation, secure e-commerce. 1 Introduction Reliable, fair and time-stamped message delivery is central to development of e-commerce. Without a doubt, every business relationship between parties includes provisions, whether implicit or explicit, regarding resolution of disputes and the communication mechanism between the trading parties. In addition, when commercial risk is substantial, typically a notarial entity is introduced for the certification and time-stamping of mail. Currently deployed messaging systems typically do not have a secure, agreed mechanism for fair resolution of disputes regarding communicated messages.