Dion - Security Protocols pg97 Flashcards
What is S/MIME?
Secure/Mulitpurpose Internet Mail Extensions
- A standard that provides cryptographic security for email!
- Public Key encryption and digital signing
What is SRTP?
Secure Real-Time Transport Protocol is for phone calls or video calls.
Uses AES encryption
Uses HMAC-SHA-1 hashing
What is NTP?
Network Time Protocol
- around since 1985
- vulnerable to DDoS
Trying to make NTPsec, in development since 2015
What is Secure POP and Secure IMAP?
Email security for POP3 or IMAP
- Uses STARTTLS to add SSL to POP3
- Secure IMAP is IMAP with SSL
What is SSL/TLS?
Secure Sockets Layer
Transport Layer Security (the new version!)
HTTPS (Port 443) uses TLS or SSL
For all internet communications - browsing, IM, email, VoIP etc
How does SSL/TLS work?
Use public key encryption
- Private key on the server
- Symmetric session key is transferred using asymmetric encryption
- Very fast and secure
What is FTPS?
FTP over SSL
FTP - File Transfer Protocol
What is SFTP?
SSH File Transfer Protocol
Provides file system functionality
Resume interrupted transfers
Remote file removal
What is LDAP?
Lightweight Directory Access Protocol
- A database reading and writing directories over an IP network.
- Uses X.500 standard from ITU “International Telecoms Union”
- Microsoft’s Active Directory, Apple’s OpenDirectory
- Unencrypted Port 389
- Encrypted Port 636
What is the more secure version of LDAP?
LDAPS - LDAP Secure
or implement
SASL - Simple Authentication and Security Layer
Which adds 2 way authentication - eg. Kerberos (Port 88)
What is SSH?
Secure Shell - Port 22
Encrypted terminal communication between two computers or network devices.
Requires one device to be a server and the other a client
Replaces Telnet
What is SSH 2.0?
Uses Diffie-Hellman key exchange and MACs
What is DNSSEC?
Domain Name System Security Extensions
Prevents DNS poisoning
Validates DNS responses
DNS - Port 53
What is SNMP? What is the secure version?
Simple Network Management Protocol
Port 161 UDP
Use SNMPv3 for better security - encrypted and authentication
What is DHCP?
Dynamic Host Configuration Protocol
NOT secure.
Used to automatically allocate IP addresses
What is a VPN?
Virtual Private Network
Secure connection between 2+ computers that aren’t on the same network
What is PPTP?
A VPN Protocol!
Point-to-Point Tunneling protocol - Port 1723
Protocol that encapsulates and encrypts PPP packets.
Uses CHAP-based authentication which is vulnerable.
What is L2TP?
A VPN Protocol!
Layer 2 Tunneling Protocol - Port 1701
Connection between 2+ computers that aren’t on the same network.
Usually paired with IPSec to provide security
What is IPSec?
A VPN Protocol!
Internet Protocol Security
A TCP/IP protocol that authentications and encrypts IP packets.
Uses hashing and key exchange.
What is IKE?
Internet Key Exchange
Method used by IPSec to create a secure tunnel between authenticated peers.
What is AH?
Authentication Header Protocol
Used in IPSec and provides integrity and authentication
What is ESP?
What are the two modes?
Encapsulation Security Payload
Encapsulated and encrypts packets
Two Modes:
- Transport Mode: Host to host - payload is encrypted, not header, best for private networks.
- Tunnel Mode: Entire packet is encrypted - best transmission with different networks