Chapter 6: Understanding Secure and Insecure Protocols Flashcards
refers to the rules required by different applications for the exchange of data, where the application can perform actions such as running commands on remote systems, sending and receiving emails, and downloading files from the internet.
Protocol
what are the 2 types of ports?
- Transmission Control Protocol (TCP)
- User Diagram Protocol (UDP)
connection oriented as it uses a three way handshake
-first packet sent is called the syn packet where sending host informs the receiving host of the number of its next packet
-receiving host sends an SYN/ACK packet, where it says what the next packet is.
-the ACK packet acknowledges both kinds of packets and then the data is sent
Transmission Control Protocol (TCP)
faster but less reliable as it is connectionless
-used for streaming video and gaming where speed is paramount
User Diagram Protocol (UDP)
If I wanted to upload files to web server I would use FTP on port 20, but the more common use is to download files using port 21—downside of FTP is the transfer is done using clear text, so a packet sniffer could view the information—replaced by secure protocols such as SFTP or FTPS
File Transfer Protocol (FTP)–>port 21
Run commands on remote hosts–runs remote commands on devices such as routers–session is in clear text and is not secure–SSH is replacement protocol
Telnet–>port 23
Transport mail between mail servers
Simple Mail Network Protocol (SMNP)–>Port 25
Host name resolution/zone transfer (TCP)/name queries
Domain Name System (DNS)–>UDP Port 56
Automatic IP address allocation–allocates IP addresses dynamically to computers. If a computer cannot obtain the IP address, then there is a faulty cable or no more IP addresses in the database
Dynamic Host Configuration Protocol (DHCP)–>UDP port 67/68
file transfer using UDP–>not as secure
Trivial File Transfer Protocol (TFTP)–>UDP Port 69
used to access websites
Hypertext Transfer Protocol (HTTP)–>port 80
pull mail from mail server, no copy left on mail server
Post Office Protocol 3–>Port 110
Time Syncronization–ensures the clocks of all computers are synced
Network Time Protocol (NTP)–>port 123
NETBIOS to IP address resolution
NETBIOS–>UDP Port 137-139
Pulls mail from mail server
Internet Message Access Protocol (IMAP4)–>Port 143
Notifies status and creates reports on network devices—each network device has an agent installed and is programmed so that if a trigger is met, the ____ management console is notified
Simple Network Management Protocol (SNMP)–>UDP Port 161
Stores X500 Objects, searches directory services for users and groups and other information
Lightweight Directory Access Protocol (LDAP)–>Port 389
the purpose of a ______ is to connect networks, whether they are internal subnets or external networks, and route packets between them.
router
internal device that connects all of the users in a local area network so they can communicate with each other. A computer connects to a wall jack that runs into a patch panel, and then from the patch panel to the switch. The cables are places inside a conduit to protect them.
Switch
the router will have to allow rules at the top of the ACL, but the last rule is to deny all. If traffic that is not on the list arrives, then the last rules of the denial will apply—Implicit Deny
Access Control List (ACL)
used to remotely access the router and runs commands securely
SSH
a managed switch is called ________,
here the switch identifies and authenticates devices connecting to the switch and blocks rogue devices, such as rogue access points.
-can work in conjunction with a Remote Authentication Dial in User Service (RADIUS)
802.1x
where a port in a switch is switched off to prevent someone from plugging their laptop into a wall jack.
port security
is used in a switch to prevent Media Access Control (MAC) flooding, where the switch is flooded with a high volume of fake MAC addresses; this prevents DDoS attacks.
Flood Guard
