Glossary

802.1x Extensible Authentication Protocol
An advantage of the EAP architecture is its flexibility. EAP is used to select a specific authentication mechanism, typically after the authenticator requests more information in order to determine the method. Rather than requiring the authenticator to be updated to support each new authentication method, EAP permits the use of a backend authentication server, which may implement some or all authentication methods, with the authenticator acting as a pass-through for some or all methods and peers. - (paraphrased and exerpted from the Internet Engineering Task Force's RFC 3748)

802.11a
This is the original 5 GHz standard. It used a different method of transmission known as OFDM allowing it to reach 54 megabits per second under ideal conditions. It requires a radio capable of transmitting in this range. This was ratified by the IEEE in 1999.

802.11b
Channels 1 to 14 (depending on country) in the 2.4 GHz range. Supports transfers up to 11 megabits per second under ideal conditions. Transmission occurs over 20 MHz of bandwidth, but channels are only spaced 5 MHz apart, so you need to leave gaps. This was ratified by the IEEE in 1999.

802.11d
IEEE 802.11d-2001 is an amendment to the IEEE 802.11 specification that adds support for "additional regulatory domains". This support includes the addition of a country information element to beacons, probe requests, and probe responses. The country information elements simplifies the creation of 802.11 wireless access points and client devices that meet the different regulations enforced in various parts of the world. The amendment has been incorporated into the published IEEE 802.11-2007 standard.

802.11g
This 2003 update of the 802.11 standard uses the same channels in 2.4 GHz frequency band of 802.11b, but adopted the OFDM model of 802.11a so it also supports transfers up to 54 megabits per second under ideal conditions. 802.11g equipment can typically operate in 802.11b mode when required to work in 802.11b environments. Like 802.11b, channel spacing is required.

802.11n
This is an extension of both the 2.4 GHz and 5 GHz standard that uses newer technologies to increase both speed (up to 600 Mbs) and range. It requires newer equipment and generally have multiple antennas to take advantage of the MIMO features. Unless configured otherwise, the systems will generally fall back to slower speeds to maintain compatibility with 802.11a/b/g clients. One interesting feature of 802.11n is to double the bandwidth to 40 MHz. For general information on using DD-WRT with 802.11n routers, see Wireless-N Configuration. The specification was finalized in 2009.

802.11s
This is a draft of IEEE Standards for Wireless Mesh Networks. See IEEE 802.11s and Status of Project IEEE 802.11s.

Access Restrictions
(This entry needs your help.) This mode permits you to restrict access on the basis of time, protocol, or destination. Must be configured on the subnets Gateway. DOES NOT WORK WITH CLIENT BRIDGE—USE CLIENT MODE INSTEAD

Ad hoc
Ad hoc mode, one of the least popular modes, allows the router to connect to other wireless devices that are also available for ad hoc connections. Think of this mode as a Client Mode that doesn't connect to infrastructure networks but rather connects to other ad hoc configured devices. Ad hoc networks lack the central management that is typical of an infrastructure type network. Ad hoc mode doesn't use WDS but it does make use of STP.

Advanced Video Coding High Definition
AVCHD (Advanced Video Coding High Definition) is a file-based format for the digital recording and playback of high-definition video.

Afterburner
Afterburner, also known as SpeedBooster, SuperSpeed, TurboG, 125Mbps, HSP125, and G+ is a feature built into some routers that theoretically increase throughput through use of software, or firmware

Main article: Afterburner

Access Point
(AP) The default and probably the most common mode. The Access Point mode allows wireless clients to access the Internet, access each other wirelessly, or access other computers that may be connected to the switch with wires. A router in Access Point mode cannot connect wirelessly to other routers, but it can have other routers connected to it wirelessly as clients or repeaters. Access Point is the mode used when configuring a router to act as a repeater.

All-In-One
(AIO) In itself has various different meanings. In the case of firmware for routers, it means all of the features available by the compiler are included in the build.

Basic Service Set Identifier
The MAC address of an Access Point.

See Also: Extended Service Set Identifier

Boot Wait
Boot Wait is a feature you will hopefully never need. It introduces a short delay while booting (5 seconds). During this delay, you can initiate the download of a new firmware image if the one in the flash ROM is not broken. Obviously, this is only necessary if the installed firmware will not boot. The default and recommended setting is "Enable". You can access the Boot Wait setting by going to "Administration" > "Management".

Border Gateway Protocol
Border Gateway Protocol (BGP) is the core routing protocol of the Internet, generally used by Internet Service Providers to establish routing among each other. It is also used on private networks to "multihome".

Brick

 * 1) Improperly flashing one's WRT54G(S) in a way that renders it unusable
 * 2) To cause to resemble a brick, in mode of operation as well as form
 * 3) To render inert like a rock, or a brick, or ... well you get the general idea

See Also: Recover from a Bad Flash

BSSID
See: Basic Service Set Identifier

Captive Portal
A captive portal is a wireless access point which only permits internet access to authenticated users, utilizing either DNS or HTTP spoofing and redirection to divert any user whose MAC address it has not authenticated to a local login page, or a walled garden.

Once you've logged in, the portal will disable the redirection, permitting whatever traffic it allows to pass unmolested to the actual target servers.

Captive portals work well in an environment where the users are utilizing traditional computing devices like laptops, where a web browser is the primary access software; they can cause problems for less capable devices, like dedicated SIP phones, which have no way to access the authentication screens.

ClickJacking
Clickjacking occurs when a user a user accidently clicks on a invisible link which leads the person to a malicious site without their knowledge. This is possible due to the design feature in HTML which lets websites embed content from other sites. This means that every website is vulnerable.

"See Also:" How to prevent ClickJacking

Chillispot
Chillispot can be used for hotspot management. It requires a separate web server to host the redirect URL and a separate radius server (these may be installed on the same machine, of course).

You can also use a hosted Chillispot portal like http://worldspot.net which is free. It replaces both your radius server and your web server, and brings powerful features. You simply register there and create your hotspot. Then you can get the Chillispot configuration settings to enter in the steps below, and you can get your hotspot working in some minutes.

Main Article: Chillispot

Client
Think of work. Clients would be "regular" employees, and a server would be a supervisor. Clients perform lower level tasks (printers, workstations, etc.) while the server performs higher level tasks like delegating (print jobs, ip addressing, Domain name resolution). So think of if you were at work and need 5,000 nails, 2 hammers, 50 2x4's, and 2 carpenters to make something. You do not have the resources to obtain this (client), so you ask your supervisor (server), and the supervisor has the power to get these resources for you to finish your job.

Clients are end devices. Workstations, printers, pda's, cellphones, and most other end devices are clients. Servers are designed and configured to perform tasks that multiple clients need.

Client Bridge Mode
Client Bridge Mode (CB) is much like Client Mode except the WLAN and the LAN are on the same subnet. Consequently, NAT is no longer used and services (such as DHCP) that are running on the original network will work seamlessly on the bridged network. Just as in Client Mode, a router in Client Bridge Mode will not accept wireless clients and it will not broadcast beacons. (Note: A technical problem exists in client bridge mode. It appears that this mode is not a fully transparent bridge mode as MAC addresses of packets that pass through the Client Bridged router from behind the client bridged router are rewritten to use the MAC address of the client bridged router. (Sorry, I couldn't think of a more confusing way to write it.) If you really need transparent bridging, consider using WDS bridging instead.)

See Also: Wireless Bridge

Client Isolation Mode
Limits the clients to communicate only with the AP and not with other wireless clients (usually set on hotspots).

Client Mode
Client mode (also referred to as 'AP Client' mode) allows the router to connect to other access points as a client. In a nutshell, this turns the WLAN portion of your router into the WAN. In this mode, the router will no longer function as an access point (doesn't allow clients), therefore, you will need wires to use the router and to configure it. The router won't even be visible to your wireless configuration software or Wi-Fi sniffer software such as Netstumbler, since it no longer broadcasts beacons. In client mode, the WLAN and the LAN will not be bridged, thus they will be on two different subnets. Port forwarding (from the WLAN to the LAN) will be necessary for FTP servers, VNC servers, etc. that are located behind the client mode router to function properly. For this reason, most users chose to use client bridge mode instead of client mode. See Also: dd-wrt-wiki:Client Mode Wireless Client Mode Wireless

Common Firmware Environment
Common Firmware Environment (CFE) is a firmware interface and bootloader developed by Broadcom for 32-bit and 64-bit system-on-a-chip (SOC) systems. It is roughly analogous to the BIOS on the IBM PC platform.

Read more...

Computer
A computer is a programmable machine designed to automatically carry out a sequence of arithmetic or logical operations. The particular sequence of operations can be changed readily, allowing the computer to solve more than one kind of problem. An important class of computer operations on some computing platforms is the accepting of input from human operators and the output of results formatted for human consumption. The interface between the computer and the human operator is known as the user interface.

Read more...

Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information.[1] Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network.

Networks may be classified according to a wide variety of characteristics such as the medium used to transport the data, communications protocol used, scale, topology, and organizational scope.

Communications protocols define the rules and data formats for exchanging information in a computer network, and provide the basis for network programming. Well-known communications protocols are Ethernet, a hardware and Link Layer standard that is ubiquitous in local area networks, and the Internet Protocol Suite, which defines a set of protocols for internetworking, i.e. for data communication between multiple networks, as well as host-to-host data transfer, and application-specific data transmission formats.

Computer networking is sometimes considered a sub-discipline of electrical engineering, telecommunications, computer science, information technology or computer engineering, since it relies upon the theoretical and practical application of these disciplines.

Read more...

Connection Watchdog
This is a feature found in most DD-WRT versions, which hopefully you won't need. When configured the router will ping one (or more) other computers and if it can not reach them it will automatically reboot it's self. This provides a crude way to work around situations where the router becomes wedged.

cPanel
cPanel is a Web Hosting Control Panel used to control different aspects of a hosting account. It can also be defined a Graphical interface to manage your hosting account. It is available for both Windows and Linux Server.

"Also see:"How to install cPanel on Linux Server

Cron
Normally called crontab, the cron subsystem is a type of scheduler for Unix/Linux that runs given commands at designated times. The default and the recommended setting is "enabled" since processes such as "Watchdog Scheduler" depend on it. You can access the Cron setting at "Administration" > "Management".

Daemon
In Unix/Linux, a daemon (or dæmon) is a background process. Typically, daemons have names that end with the letter "d". For example, syslogd is the daemon which handles the system log. Another example is sshd, which handles incoming SSH connections.

Demilitarized Zone
A DMZ host is generally one selected device or computer on the network where all incoming traffic without a designated destination defined by PAT or port forwarding, is forwarded to. Using a DMZ host is a lot like turning off the firewall capabilities inside your router and letting the DMZ host device handle all uninvited incoming traffic. For this reason, having a computer as a designated DMZ host can be a security hazard. DMZ is disabled by default in DD-WRT firmware. You can change DMZ settings by going to "Applications & Gaming" -> "DMZ".

Digital Living Network Alliance
The Digital Living Network Alliance (DLNA) is a non-profit collaborative trade organization established by Sony in June 2003, that is responsible for defining interoperability guidelines to enable sharing of digital media between consumer devices such as computers, printers, cameras, cell phones, and other multimedia devices. These guidelines are built upon existing public standards, but the guidelines themselves are private (available for a fee). These guidelines specify a set of restricted ways of using the standards in order to achieve interoperability.

Digital rights management
Digital rights management (DRM) is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that are not desired or intended by the content provider. Copy protection which can be circumvented without modifying the file or device, such as serial numbers or keyfiles are not generally considered to be DRM. DRM also includes specific instances of digital works or devices. Companies such as Amazon, AOL, Apple Inc., the BBC, Microsoft and Sony use digital rights management. In 1998 the Digital Millennium Copyright Act (DMCA) was passed in the United States to impose criminal penalties on those who make available technologies whose primary purpose and function is to circumvent content protection technologies.

Domain Name
A domain name is a human-readable label for an IP address on a computer or device; it is translated into an IP address (usually) by recursively querying DNS servers starting at the root of the Domain Name System.

Domain Name System
DNS converts human readable domain names into a format the computer and network can understand (IP addresses), and vice versa.

DNS Forwarder
Will forward any DNS request, to a DNS server of your choice (i.e. your ISP's); useful, for configuration/speed issues. Also known as a "recursive server".

DNS Server
DNS servers are the servers responsible for resolving names to IP addresses. When you point your browser to yahoo.com, a DNS Server has to resolve yahoo.com, (that is, look up the corresponding IP address) before the page is actually retrieved, since computers and networking equipment communicate using IP addresses instead of domain names. DNS servers are built into routers, but they are only a local caching server that works in tandem with your LAN's DNS server(s) and/or your ISP's DNS servers.

DNSmasq
DNSmasq is a piece of software often bundled into versions of DD-WRT. The name is, presumably, meant to suggest that it does DNS masquerading. DNSmasq provides DNS service to your LAN and like most DNS servers it will look to an up stream DNS servers to resolve questions you ask it. Optionally you can can configure it so it can answer a few DNS queries for a few local machines.

Dynamic DNS (DDNS)
Dynamic DNS is a generic term for a service that is hosted outside of your network to provide valid DNS responses to the Internet at large for your computer, hosted on a consumer IP connection with a dynamic IP address. Dynamic DNS servers are located on server computers with static IP addresses, as all DNS servers must be.

In order to take advantage of this service, devices (such as routers or computers) will require a client "updater" software to be installed to pass authentication and account information, and the network's current Internet IP address, in a timed manner.

Many users want to be able to connect to another network (such as their home or office network) from another location but aren't able to connect unless they know the Internet IP address of that network. Because most ISPs provide IP addresses through DHCP (or charge extra for a static IP address) your IP address may change on occasion. Dynamic DNS is a system that allows you to assign a domain name to your network's Internet IP address. Your Dynamic DNS updater software client will take care of passing the correct Internet IP address to centralized DNS servers on the Internet and will make sure it stays updated. So next time you want to connect to that network using VPN or Remote Access software you'll be able to use a domain name instead of trying to remember the IP address.

Dynamic DNS services (such as www.dyndns.com) will help you choose from a list of available domain names.

Main article: Dynamic DNS

Dynamic Host Configuration Protocol
DHCP is a set of rules used by a communications device (such as a computer, router or networking adapter) to allow client devices to request and obtain an Internet address from a server which has a list of addresses available for assignment. DHCP is also used to pass on DNS Server and Gateway information to DHCP clients. WRT devices generally include DHCP servers in their software suite.

Ethernet
Ethernet is a large and diverse family of frame-based computer networking technologies for Local Area Networks.

Extended Service Set Identifier
A wireless device may broadcast a name (for example: dd-wrt, default, linksys, home, my-wireless, cafe-wireless) at regular intervals. The user interface for selecting a network on each user's machine will enumerate the names of the devices it can hear. Formally this name is known as the extended service set identifier, usually written ESSID, but sometimes as SSID. As a rule you can only have one ESSID per access point. Wireless devices can disable the broadcast of their name while still accepting connections. This hides them but only from unsophisticated users.

See Also: Basic Service Set Identifier

E-commerce
Its a short form for Electronic Commerce. The name says it all, it consists of the buying and selling of products or services over electronic systems such as the Internet and other computer networks.

Firewall
Software or hardware that limits network activity. There are different ways firewalls work. They could block port access, block ip addresses, mac addresses, or filter websites.

See also - Why Firewall

Firmware
This is just software but it runs on your hardware. It's usually delivered as a binary ROM image that has to be copied down onto your hardware (WRT54G) over a cable. The cable is usually an ethernet patch lead but could be a JTAG serial cable or doe some devices an RS232 cable. In the good old days we would burn an EPROM or flash chip in a programmer and then insert the chip physically into a socket. Hence the term firmware being software you can touch in the form of a chip.

FTP
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host or to another host over a TCP-based network, such as the Internet.

FTP is built on a client-server architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that hides (encrypts) the username and password, and encrypts the content, FTP is often secured with SSL/TLS ("FTPS"). SSH File Transfer Protocol ("SFTP") is sometimes also used instead.

The first FTP client applications were command-line applications developed before operating systems had graphical user interfaces, and are still shipped with most Windows, Unix, and Linux operating systems. Dozens of FTP clients and automation utilities have since been developed for desktops, servers, mobile devices, and hardware, and FTP has been incorporated into hundreds of productivity applications, such as web page editors. Read More..

Gateway
Setting the operating mode to "gateway" allows your router to route packets between the LAN/WLAN and the Internet (through the WAN port). This is the default setting and the most common setting when the router is hosting the network's Internet connection through the WAN port

HFSC
Hierarchical Fair Service Curve - Wikipedia

Host
Host is a generic term used when referring to a computer or device that is hosting a specific service or acting as some type of server. For example, if you have a mesh network in place, the "host" router would probably be the one hosting the Internet connection

Host Name
The hostname is unique name for any device on a network. It helps humans because names are easier to remember than numbers. "Router" is easier to remember than 192.168.1.1. Eash device on the network needs to have a unique name.

Hotspot
A location where wireless internet has been provided for people to use. An example of this would be to switch on your laptop in a cafe and associate with the ESSID available there, perhaps CAFE-HOTSPOT. Attempting to view a web site would show the Hotspot landing page (a 'Captive Portal' where you could press a button for free access or create an account and pay by card. This depends on the operator of the Hotspot. Once in, you can simply use the Internet normally

Hotzone
A large Hotspot, perhaps covering a whole town

HTB
Hierarchical token bucket - Wikipedia

HTTP Redirect
This option enables an HTTP redirector for proxy usage

Main article: HTTPRedirect

IEEE
Institute of Electrical and Electronics Engineers&mdash; a professional organization for electrical and electronics engineers hosting a number of special interest societies and standards committees. The IEEE is responsible for creation of standards such as IEEE 802.11.

Interface
a network adapter

See Also: [openwrtwiki:OpenWrtDocs/NetworkInterfaces

IPv6
Internet Protocol version 6&mdash; an extension of Internet Protocol version 4 (IPv4). IPv4 uses an address space of 32 bits, allowing it to support 232 (about 4.3×109) addresses. IPv6 uses an address space of 128 bits, allowing it to support 2128 addresses; this is approximately 5×1028 addresses for each of the roughly 6.5×109 people alive today.

ISP
Acronym for Internet Service Provider

Internet Service Provider
An Internet service provider (abbr. ISP, also called Internet access provider or IAP) is a business or organization that sells to consumers access to the Internet and related services.

Journalling Flash File System (JFFS)
Taken from Jffs

The Journalling Flash File System (JFFS) allows you to have a writable Linux File System on a DD-WRT enabled router. It is used to store user programs like Ipkg and data into otherwise inaccessible flash memory. This allows you to save custom configuration files, host custom Web pages stored on the router and many other things not capable without JFFS.

JTAG
A JTAG cable is a cable that hooks up to a JTAG interface, such as those on Linksys routers. It allows you to communicate with the router using your computer's parallel port. In many cases, a JTAG cable is an invaluable component used to debrick a partially or completely bricked (but not dead) router.

See Also: Recovery by JTAG cable

Kaid
The Kai console daemon (kaid) is a service that provides tunneling for console games that do not have an inherent connection to the Internet. Although the label refers to XBOX, the daemon works well with PS2, and Gamecube consoles as well. It also allows the new Sony Playstation Portable (PSP) to go online with some of their multiplayer wireless games.

Kismet
Kismet is a layer 2 wireless network detector, sniffer, and intrusion detection software that runs on Linux.

See Also: Kismet Server/Drone

Local Area Network
A Local Area Network, or LAN, is your router's switch ports and your router's wireless interface. Most references in the forums and the Wiki are using the term LAN in this manner, although you may need to adjust your thinking according to the context it's used it. For example, the LAN on a WRT in Client mode is only the wired switch ports, because the wireless portion is acting a WAN interface.

Loopback
Loopback is a problem that occurs when multiple routes exist to the same destination. This can happen when a router is connected to an ad hoc network or is configured to function in a mesh network with several WDS-enabled routers. See STP

MAC Address
Media Access Control A MAC address is a unique identifier attached to a network interface. It is stored in hexadecimal and usually appears in the following format: 00:00:00:00:00:00 or 00-00-00-00-00-00.

The first half of the MAC address is the Vendor ID which can be used to determine the Manufacturer of the device.

MAC Filtering
A method of filtering which devices can or cannot connect to a WRT by storing corresponding MAC addresses. MAC filtering is generally only performed on the wireless interface of a WRT.

MAC Number
Migration Authorisation Code number. Not to be confused with MAC Address. This is the number your ADSL ISP gives you when you want to switch to another ISP without a long wait whilst the phone company sends out engineers to move the wires. As you can imagine, this number can be held to ransom until you pay the old ISP bill, which is, of course, a contravention of the Ofcom guidelines

mBSSID
Multiple BSSID - to support a different MAC address for each SSID. Note: Some older devices don't support mBSSID but rather just mSSID (multiple network names, each having the same MAC).

Mesh Network
Taken directly from: http://en.wikipedia.org/wiki/Mesh_network Mesh networking is a way to route data, voice and instructions between nodes. It allows for continuous connections and reconfiguration around broken or blocked paths by “hopping” from node to node until the destination is reached. A mesh network whose nodes are all connected to each other is a fully connected network. Mesh networks differ from other networks in that the component parts can all connect to each other via multiple hops, and they generally are not mobile. Mesh networks can be seen as one type of ad hoc network. Mobile ad-hoc networking (MANet), and mesh networking are therefore closely related, but mobile ad hoc networks also have to deal with the problems introduced by the mobility of the nodes.

Mesh networks are self-healing: the network can still operate even when a node breaks down or a connection goes bad. As a result, a very reliable network is formed. This concept is applicable to wireless networks, wired networks, and software interaction.

N Connector
This is the "good old" and "pro" type of antenna cabling connectors used for economical cabling and third-party high-gain antennas, RG-213 or LMR-400 cabling, cable television, and military uses ;). Converters can be used between these and RP-TNC and RP-SMA connections. Has nothing specifically to do with wireless N.

See also: Connector Photos Wikipedia

NetBIOS
NetBIOS is an acronym for Network Basic Input/Output System. It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. As strictly an API, NetBIOS is not a networking protocol. Older operating systems ran NetBIOS over IEEE 802.2 and IPX/SPX using the NetBIOS Frames (NBF) and NetBIOS over IPX/SPX (NBX) protocols, respectively. In modern networks, NetBIOS normally runs over TCP/IP via the NetBIOS over TCP/IP (NBT) protocol. This results in each computer in the network having both an IP address and a NetBIOS name corresponding to a (possibly different) host name.

Network Address Translation
NAT (Network Address Translation) is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside. Typically, a company maps its local inside network addresses to one or more global outside IP addresses and unmaps the global IP addresses on incoming packets back into local IP addresses. This helps ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP address in its communication with the world.

Network Time Protocol
Network Time Protocol (NTP) is used for automatic updating of time & date. The router will connect to an NTP server to update the time & date.

Some Firmware version have the server address embedded; some do not. For the firmware that need an NTP server address to be entered, you can find one here:

http://support.ntp.org/bin/view/Servers/NTPPoolServers

Neutered
In the world of DD-WRT and Linksys routers, a neutered router is a v5 or v6 router that has reduced RAM and reduced flash memory, in comparison to other supported devices, thus the name neutered.

NoCat
NoCat originally started as a community-supported 802.11b wireless network in Sonoma County, CA and has grown into several projects whose purpose is to encourage the building of wireless community networks.

NoCatAuth is the original "catch and release" wireless captive portal implementation. It provides a simple splash screen web page for clients on the network, as well as a variety of authenticated modes.

Also see: http://nocat.net/

Noise Reference
Noise reference is just for calculating signal/noise ratio (SNR) in AP mode.

Source: A posting by BrainSlayer on the Google-cached LinksysInfo forums

ntop Remote Statistic
ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well.

ntop users can use a a web browser (e.g. netscape) to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status. In the latter case, ntop can be seen as a simple RMON-like agent with an embedded web interface. The use of:

* a web interface * limited configuration and administration via the web interface * reduced CPU and memory usage (they vary according to network size and traffic)

make ntop easy to use and suitable for monitoring various kind of networks.

What ntop can do for me?

* Sort network traffic according to many protocols * Show network traffic sorted according to various criteria * Display traffic statistics * Store on disk persistent traffic statistics in RRD format * Identify the indentity (e.g. email address) of computer users * Passively (i.e. withou sending probe packets) identify the host OS   * Show IP traffic distribution among the various protocols * Analyse IP traffic and sort it according to the source/destination * Display IP Traffic Subnet matrix (who's talking to who?) * Report IP protocol usage sorted by protocol type * Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks) * Produce RMON-like network traffic statistics

NVRAM
Non-Volatile Random Access Memory; a flash memory chip where the router's firmware is stored. Unlike Dynamic RAM (ie. SDRAM/DDR SDRAM), Non-Volatile RAM can hold data for a long period of time even after power is lost.

Note: "nvram" is also used to refer to the portion of flash memory where the firmware's configuration settings are stored. Do not be confused. If someone ever tells you to erase nvram, they probably just mean bring dd-wrt back to default settings (see Hard reset or 30/30/30). To erase the entire NVRAM chip with JTAG would actually require you to reload the unit from scratch (including the bootloader).

OpenVPN
OpenVPN is an open source VPN solution. Unlike most VPN systems, OpenVPN uses SSL/TLS to manage and encrypt the connection's data stream. This makes the solution very conducive to modern networking environments, as the connections can be easily used with NAT (the connections are simple, single port UDP or TCP).

Open Shortest Path First
One of several router protocols known as IGPs, (Interior Gateway Protocol). Using OSPF, a host that obtains a change to a routing table or detects a change in the network will immediately multicast the information to all other hosts in the network so that all will have the same routing table information. This method is more efficient than RIP (Routing Information Protocol) which sends the entire routing table to a neighboring host every 30 seconds. OSPF also uses more advanced algorithms to determine the shortest path, where RIP1 and RIP2 simply use hop counts. If your router is acting as a repeater, OSPF is the recommended protocol to use unless your network has other devices that only support RIP2.

Ping (networking utility)
Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-trip time for messages sent from the originating host to a destination computer. The name comes from active sonar terminology which sends a pulse of sound and listens for the echo to detect objects underwater. With computer operating systems Ping or PING stands for Packet INternet Groper but is ordinarily written as "ping" instead of the proper acronym for which it stands.

Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response. In the process it measures the time from transmission to reception (round-trip time) and records any packet loss. The results of the test are printed in the form of a statistical summary of the response packets received, including the minimum, maximum, and the mean round-trip times, and sometimes the standard deviation of the mean.

Depending on the implementation, the ping command can be run with various command line switches to enable special operational modes. Example options include: specifying the packet size used as the probe, automatic repeated operation for sending a specified count of probes, and time stamping.

Ping may be abused as a simple form of denial-of-service attack in the form of a ping flood, in which the attacker overwhelms the victim with ICMP echo request packets.

Port Forwarding
Port Forwarding is necessary to allow computers outside of the LAN to access services that may be hosted by one or more computers inside the LAN. Since there is a shortage of public IP addresses in IPv4, the issue was conquered using NAT. While NAT isn't all bad (it adds security) it does introduce some complications when a computer inside an LAN is hosting a public service such as a web server, ftp server, or e-mail server. Port forwarding was designed to take care of this problem. Port forwarding can be configured in DD-WRT by going to "Applications & Gaming" > "Port Forwarding". You can also forward ranges of ports instead of single ports by going to "Applications & Gaming" > "Port Range Forwarding". Routers can be configured to listen on one port but forward to a different port. While it isn't foolproof, this can add a measure of security by using obscure ports to listen instead of the default ports that attackers expect you to host common services on.

Port Triggering
Port triggering is a configuration option on a NAT-enabled router which allows a host machine to dynamically and automatically forward a specific port back to itself. In layman's terms port triggering opens an incoming port when your computer is using a specified outgoing port for specific traffic.

Description

Port triggering is a way to automate port forwarding in which outbound traffic on predetermined ports ("triggering ports") causes inbound traffic to specific incoming ports to be dynamically forwarded to the initiating host while the outbound ports are in use. This allows computers behind a NAT-enabled router on a local network to provide services which would normally require the computer to have a fixed address on the local network. Port triggering triggers an open incoming port when a client on the local network makes an outgoing connection to a predetermined port or port-range on an external server.

Example

As an example of how port triggering operates, when connecting to IRC it's common to authenticate your username with the Ident protocol via port 113.

When connecting to IRC the client computer typically makes an outgoing connection on port 6667 (or any port in the range 6660-7000), causing the IRC server to attempt to verify the username given by making a new connection back to the client computer on port 113. When the computer is behind a NAT the NAT silently drops this connection because it does not know which computer behind the NAT to send the request to connect.

In the case of port triggering, you tell the router that when you make a connection out on any port 6660-7000 then it should allow connections in to that particular computer. This gives it more flexibility than static port forwarding because you do not need to set it up for a specific address on your network. You also gain security in a sense that that port is not left open when not actively in use.

Disadvantages

The disadvantage of port triggering is that it only allows one client on the network to supply a particular service that uses a particular incoming port. Port triggering is unsuitable for putting servers behind a NAT router because it relies on the computer to make an outgoing connection before it can receive incoming ones; servers should use port forwarding.

Point-to-Point Protocol over Ethernet (PPPoE)
PPPoE, Point-to-Point Protocol over Ethernet, is a network protocol for encapsulating PPP frames inside Ethernet frames. It is used mainly with ADSL services where individual users connect to the ADSL transceiver (modem) over ethernet. It was developed by UUNET, Redback Networks, and RouterWare and is available as an informational RFC 2516.

Ethernet networks are packet-based and have no concept of a connection or circuit. But using PPPoE, users can virtually "dial" from one machine to another over an ethernet network, establish a point to point connection between them and then transport data packets over the connection.

PPTP
The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. Layer 2 Tunneling Protocol (L2TP) (RFC 2637) or IPSec are the standards-based replacements for PPTP.

Post Office Protocol
In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. POP and IMAP (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval. Virtually all modern e-mail clients and servers support both. The POP protocol has been developed through several versions, with version 3 (POP3) being the current standard. Most webmail service providers such as Hotmail, Gmail and Yahoo! Mail also provide IMAP and POP3 service.

QoS
Quality of Service - dd-wrt - Wikipedia

RADVD
Linux IPv6 Router Advertisement Daemon

The router advertisement daemon (RADVD) is run by Linux or BSD systems acting as IPv6 routers. It sends Router Advertisement messages, specified by RFC 2461, to a local ethernet LAN periodically and when requested by a node sending a Router Solicitation message. These messages are required for IPv6 stateless autoconfiguration.

Also see: Litech's information on RADVD, Linux HQ's information on RADVD

Repeater
While repeater is not a selection in the "Wireless Mode" drop-down menu, it is commonly thought of as a mode that is different from the others listed above. In reality, a router acting as a repeater is configured as an Access Point (AP Mode) and has WDS (Wireless Distribution System) enabled. To use your router as a repeater will also require you to enable and configure WDS in the router you are connecting to (the "host router"). Do not attempt to turn on repeater mode by using the "Site Survey" and then the "Join" button to connect to other routers, as this will actually put your router into Client mode. Also, be aware that using your router as a repeater will reduce the router's wireless throughput since WDS uses wireless bandwidth that would normally be available to wireless clients, to "talk" to other routers. This reduction in wireless bandwidth will probably not be noticeable if the repeater router(s) are used only to share an Internet connection, unless you have more than three routers "daisy-chained" in this manner.

See Also: Linking Routers • Repeating Mode Comparisons

RFlow
The RFlow Collector (download) is a graphical traffic monitoring and management tool.

RIP
(Routing Information Protocol ) RIP1 and RIP2 are both older protocols that are to be used only when an existing network does not have OSPF compliant equipment. In short, RIP2 is slightly more secure and slightly more efficient than RIP1, while OSPF has great advantages over both. It is assumed that RIP2 is in the feature set primarily for backward compatibility reasons.

Router
A router is a device that handles IP addressing. Routers connect LANs and WANs together. Routers link MAC addresses to IP addresses. Interfaces connect to switches in a lan, those switches are connected to routers to communicate beyond their LAN. The router itself does NOT include the Wireless Access Point (WAP) or 5 port switch that "home routers" include (like my wrt-54gs). Most of these devices are actually "3-in-1" devices (router, switch, WAP).

See Also: WRT

RP-SMA Connector
A Reverse Polarity SubMiniature version A Connector is a type of antenna connector used on brands of routers including Buffalo and Asus. Also found on PCI cards.

See also: Connector Photos Wikipedia N Connector

RP-TNC Connector
A Reverse Polarity Threaded Neill-Concelman Connector is a type of antenna connector used on Linksys access points. Designed to make it difficult to add high-gain antennas which breach FCC rules!

See also: Connector photos Wikipedia N Connector

Rx
Abbreviation for receive or receiver

Samba
A free software re-implementation of SMB/CIFS networking protocol in Linux and most UNIX-like systems, allowing Microsoft Windows machines to access files and printers on a Linux or UNIX host over a network.

Simple Network Management Protocol
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.

Two versions of SNMP exist: SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). Both versions have a number of features in common, but SNMPv2 offers enhancements, such as additional protocol operations. Standardization of yet another version of SNMP&mdash; SNMP Version 3 (SNMPv3)&mdash; is pending. This chapter provides descriptions of the SNMPv1 and SNMPv2 protocol operations.

Source Code
This is the software before cross-compilation into firmware. For firmware this is usually written in C. For DD-WRT the source can be downloaded and cross-compiled on the PC to produce firmware that is ready to be uploaded onto the WRT54G. This is not something most people need to do since the compiled binary firmware is usually available.

Secure Shell
SSH clients can access information and make changes to remote systems that are running an SSH daemon. Telnet or SSH can be used as another method of changing settings on your DD-WRT router, as opposed to the Web Interface. Certain changes to your DD-WRT router can only be done using Telnet or SSH.

Main Article: Telnet/SSH and the Command Line

SIPatH
SIPatH is a configurable, free and RFC3261-compliant SIP proxy. SIPatH features a Status web interface, enables individual VoIP provider settings on each IP phone and internal calls among all registered phones within the local network. Main projects objectives are providing a simple solution of the SIP-over-NAT problem and free PBX-like telephony features. According to the last release notes, other features included:
 * NAT-RTP proxying and improved SIP-NAT traversal
 * Aliases for registered URIs, configurable at runtime via a web interface
 * SIP Messaging: Messages can be sent through the web interface to all registered SIP UAs

The SIPatH project is now being continued by the Boozy version of the router software maintained by Milkfish project.

SPI Flash
Serial flash is a small, low-power flash memory that uses a serial interface, typically Serial Peripheral Interface Bus (SPI), for sequential data access. When incorporated into an embedded system, serial flash requires fewer wires on the PCB than parallel flash memories, since it transmits and receives data one bit at a time. This may permit a reduction in board space, power consumption, and total system cost. Read more...

SSID
See: Extended Service Set Identifier

Static DHCP
An extension of the DHCP protocol enabling the server to issue a specific IP address to a client based on its MAC address. This feature effectively guarantees that the client will receive the same IP every time it requests a new lease, yet the configuration is dynamic in all other respects.

STP
(Spanning Tree Protocol) STP needs to be enabled to prevent loopbacks on networks where multiple paths to the same point are possible. A mesh network that uses multiple repeaters where repeaters have WDS configured to work with more than one device should enable STP. STP is known to interfere with the router's DHCP client for users who use Comcast Cable as their ISP.

Main article: Spanning Tree Protocol

Syslog
(System logging)

Syslog is a messaging standard for logging on a network. This term can be used to describe a library or a client/server protocol. Logging is useful to monitor the health of your network, help diagnose problems, intrusion detection, and intrusion forensics. For an excellent white paper on syslog see this pdf from SANS (http://www.sans.org/rr/whitepapers/logging/1168.php - 560KB).

Main Article: Logging with DD-WRT

Telnet
Telnet clients can access information and make changes to remote systems that are running a Telnet daemon. SSH is similar to Telnet and is preferred because Telnet traffic is not encrypted, thus usernames and passwords are passed in plain text and can easily be sniffed by packet sniffing software. Telnet or SSH can be used as another method of changing settings on your DD-WRT router, as opposed to the Web Interface. Certain changes to your DD-WRT router can only be done using Telnet or SSH.

Main Article: Telnet/SSH and the Command Line

TTL
Time To Live

The purpose of the TTL is to prevent chaos. TTL prevents a network packet from existing on the internet indefinitely. If a packet has TTL of 64, it will be discarded after 64 hops. Usually, every router that the packet crosses will decrease the TTL field by one.

The TTL is useful in other ways. It can help us to determine the best time to flash DD-WRT on our routers.

When we first power up the router, the dd-wrt-wiki:bootloader bootloader waits for a brief period and opens up TFTP daemon. This daemon, or background service, listens for network packets which would initiate an emergency firmware recovery/upgrade.

A router's dd-wrt-wiki:bootloader bootloader will typically respond to a ping with a reply having a TTL of 100. However, the dd-wrt firmware itself, which is based on the Linux operating system, will respond with a TTL of 64 once it is up and running.

Therefore, the best time to flash DD-WRT is when TTL equals 100. When the TTL equals 64, it is too late because we are beyond the dd-wrt-wiki:bootloader bootloader's TFTP stage.

Tx
Abbreviation for transmit or transmitter

Universal Plug-n-Play
UPnP (Universal Plug-n-Play) is a Home/SOHO networking standard. It allows for a number of benefits to ease networking setup, such as device discovery and control. In the realm of home/SOHO routers, it is mainly used for automated port forwarding and other simple networking setup.

Connect USB modem to A Game Console

VLAN
(Virtual Local Area Network) A VLAN is, in basic terms, a group of physical interfaces on a switch that behave as if they are a separate standalone switch. While using one physical switch, a VLAN allows you to partition it into multiple LANs, each one completely isolated from the others. The switch must support VLAN configurations&mdash; most cheap switches don't allow this, but high-end manageable switches do, as does the internal switch on DD-WRT compatible routers.

VoIP
(Voice over Internet Protocol) VoIP is a rather new technology for making phone calls using the Internet. Skype is an example of VoIP, but so is Vonage, which allows you to use a real phone directly plugged into your WRT54G rather than needing to fire up your PC.

VPN
(Virtual Private Network) A VPN allows two LANs together over the Internet using a virtual cable, or VPN. You have PPTP, IPSec, OpenVPN. Mostly DD-WRT is not too good at doing this but will allow these service to operate as a pass-through. Hence the term VPN-Passthrough.

VPN Passthrough
The router allows you to run a VPN service on your network. The VPN version of DD-WRT includes this.

VPN Server
This is where the router actually creates a VPN connection to another VPN server. This is the one you really want for VPN. The VPN version of DD-WRT does not seem to do this.

Virtual Private Server - Future of Web Hosting

WAN
See: Wide Area Network

Wardriving
The act of scanning for wireless networks and hotspots whilst traveling. See also Wombling.

WDS
(Wireless Distribution System) A Wireless Distribution System is a system that enables the interconnection of access points wirelessly. In DD-WRT, WDS allows multiple WRTs to communicate with each other wirelessly without the need for a wired backbone. A WRT communicating in this manner is generally referred to as a repeater.

WDS Bridging
WDS bridging is when you setup a repeater router to "talk" to a main/host router and then disable the Access Point function in the repeater so that it will not accept clients. You'll need to run a short script from the shell to achieve this. A WDS bridge is fully transparent. In this configuration the wireless portion of the repeater WRT has bridged the repeater WRT's LAN interface with another WDS enabled wireless device. WDS bridging is done in access point mode.

Main article: WDS Bridging

Wi-Fi Multimedia Technology
WMM gives priority to audio, video and voice applications in a Wi-Fi network so that other applications and traffic are less likely to slow them. for e.g it help you reduce the delay in Phone conversations. Watching video, you are more likely to see smooth action.

WiFi and Wireless Help

Wi-Fi Protected Access 2
WPA2 is the second generation of WPA security and provides a stronger encryption mechanism through Advanced Encryption Standard (AES), which is a requirement for some government users.

Wide Area Network
Wide area network, also referred to as WAN, deals with connections between remote locations. This term often is equivalent to the wider internet or at least the connection to the internet provided by one's ISP.

WISP
Wireless Internet Service Provider&mdash; a company using wireless gear such as WRT54G and DD-WRT to deliver broadband Internet into peoples' homes without using their phone line. The advantage of a WISP is that one is not limited by the speed of one's telephone line and perhaps one doesn't even have a telephone line at the service location. Since there is no telephone line, the WISP is not paying fees to the telephone company, so can often provide a better service at the same cost. You could start your own WISP or at least a hotspot with your DD-WRT.

WLAN
(Wireless Local Area Network)

WOL
(Wake-On-LAN) Wake-on-LAN is an Ethernet computer networking standard that allows a shut-down computer to be booted remotely. The network card of the computer that has WOL enabled will listen for a "Magic Packet", then verify the information in that packet and decide whether or not to boot the computer.

Main Article: WOL

Wombling
Also known as Wardriving, wombling is the act of scanning for wireless networks and hotspots whilst traveling. This was traditionally done with a Proxim ORiNOCO PCMCIA card in a laptop with a Pringles can Yagi antenna. We are talking old school. The connection with the Wombles comes from "Orinoco" who is, of course, one of the Wombles from Wimbledon Common. It is often thought that using someone's Internet connection without their permission is illegal. It seems to be a form of trespass, so if you don't look at any local files or break anything then you're probably OK. However if you bring their connection into disrepute or slow it down significantly or look at their personal files then you are clearly a law breaker and could get prosecuted. If they have taken trouble to secure the connection then you should respect that and not break past the security.

WRT
Wireless Receiver/Transceiver