Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Security (Intruder Detection and Prevention (Firewalls (Packet…
Network Security
Intruder Detection and Prevention
Preventing Malware Attacks
Firewalls
Packet Filters
simple concept
examine each IP packet
restrict access to services
attacks
-- IP address spoofing
-- Source routing attacks
-- tiny fragment attacks
Stateful Packet Filters
examine each IP packet in context
better able to detect bogus packets out of context
Malicious code
Intruder detection and prevention mechanisms
Identification
Signature based
Anomaly based
behavior based
Heuristics (Used AI)
Switches
bridging done in hardware
Application Specific Integrated Circuit (ASIC)
OSI layer 2 device
Application-level Gateway (Proxy)
HTTP for web
FTP for file transfers
SMTP / POP3 for email
Network Security Protocols
IPSec
Internet Protocol Security
Encryption at OSI layer 3
Open standard
Used between end stations and tunnels between sites
Provides authentication, integrity, confidentiality and encryption
VPN Protocols
PPTP (Point to Point Tunneling Protocol)
PPP (Point to Point Protocol
SSL VPN (Secure Socket Layer VPN)
IPSec (Internet Protocol Security)
SSH (Secure Shell)
encrypted communication link
same as Telnet
Used in firewalls
connecting to routers
Authentication Protocols
PAP (Password Authentication Protocol)
basic authentication method
rare to see singular used
unsophisticated
insecure
non-encrypted password exchange
CHAP
Challenge-Handshake Authentication Protocol
encrypted challenge sent over the network
three way handshake
occurs periodically during the connection
EAP
Extensible Authentication Protocol
based on RFC standards
Used in WPA and WPA2
PEAP
Protected Extensible Authentication Protocol
Created by Cisco , Microsoft, RSA Security
Encapsulates EAP in a TLS tunnel
one certificate on the server
Kerberos
Authenticate once, trusted by the system
developed by MIT
RFC 4120
used SSO (Single Sign On)
Ticket Granting Service
Authentication service
Key Distribution center
Security wireless networks
WEP (Wired Equivalent Privacy)
different levels of encryption key strength
40, 64 bit or 128 bit key size
WPA
RC4 with TKIP (Temporal Key Integrity Protocol
every packet gets a unique encryption
a short term workaround
WPA 2
AES replaced RC4
CCMP replaced TKIP
802.1X and 802.11i
Telnet
Telecommunication network
Login to devices remotely
unencrypted communication