2.5 - Summarise the properties and purposes of services provided by networked hosts. Flashcards
2.0 - Networking SERVERS
Web Server
Respond to browser requests
Using standard web browsing protocols - HTTP/HTTPS
Pages are built with HTML, HTML5
Web pages are stored on the server
Downloaded to the browser
Static pages or built dynamically in real-time
File Server
Centralised storage of documents, spreadsheets, videos, pictures, and any other files.
Standard system of file management
SMB (Server Message Block),
Apple Filing Protocol (AFP), etc.
The front-end hides the protocol
Copy, delete, rename, etc.
Print Server
Connect a printer to the network
Provide printing services for all network devices
May be software in a computer
Computer is connected to the printer
May be built-in to the printer
Network adapter and software
Uses standard printing protocols
SMB (Server Message Block),
IPP (Internet Printing Protocol),
LPD (Line Printer Daemon)
DHCP server
Dynamic Host Configuration Protocol
Automatic IP address configuration
Very common service
Available on most home routers
Enterprise DHCP will be redundant
Usually running on central servers
DNS server
Domain Name System
Convert names to IP addresses.
Distributed naming system.
The load is balanced across many different servers.
Usually managed by the ISP or enterprise IT department.
A critical resource.
Proxy server
An intermediate server
Client makes the request to the proxy
The proxy performs the actual request
The proxy provides results back to the client
Useful features:
Access control, caching, URL filtering, content scanning.
Mail Server
Store your incoming mail
Send your outgoing mail
Usually managed by the ISP or the enterprise IT department.
A complex set of requirements.
Usually one of the most important services.
24 x 7 support.
Authentication server
Login authentication to resources
Centralised management
Almost always an enterprise service
- Not required on a home network
Usually a set of redundant servers
Always available
Extremely important service
Syslog
Standard for message logging
Diverse systems, consolidated log
Usually a central logging receiver
Integrated into the SIEM.
You’re going to need a lot of disk space
WORM drive technology
Write Once Read Many - DVD-R
Protect important security logs
SIEM
Security Information and Event Management
Logging of security events and information.
Security alerts
Real-time information
Log aggregation and long-term storage
Usually includes advanced reporting features
Data correlation
Link diverse data types
Forensic analysis
Gather details after an event
All-in-one security appliance
Next-generation firewall, Unified Threat Management (UTM) / Web security gateway.
URL filter / Content inspection.
Malware inspection, spam filter, CSU/DSU, router, switch, firewall, IDS/IPS, bandwidth shaper, VPN endpoint.
IDS
Intrusion Detection System.
Network based.
Intrusions:
- Exploits against operating systems, applications, etc.
- Buffer overflows, cross-site scripting, other vulnerabilities.
Detection – Alarm or alert
IPS
Intrusion Prevention System.
Network based.
Intrusions:
- Exploits against operating systems, applications, etc.
- Buffer overflows, cross-site scripting, other vulnerabilities
Prevention – Stop it before it gets into the network
Embedded System
Purpose-built device
Not usual to have direct access to the operating system
Alarm system, door security, timecard system
Legacy System
Another expression for “really old”
May also be “really important”
Learning old things can be just as important as learning the new things
