Guide to Network Security Flashcards
What are protocols
Forms of ceremony and etiquette
Most common protocol used by LANs and internet
TCP /IP or Transmission Control Protocol / Internet Protocol
What protocol is TCP/IP
TCP/IP comprises several protocol that function together. They are called protocol suite.
Basics TCP/IP protocols that relate to Security
ICPM SNMP DNS File transfer and storage Telnet
What does ICMP do
ICMP : Internet Control Message Protocol
It handles communication between devices.
ICMP messages are divided into two classes
- Informational and query messages
- Error messages
Informational and query messages
These messages are used for devices to exchange information and perform testing
Error messages
provide feedback to another device about an error that has occurred
Attack of ICMP
- *Network discovery - reconnaissance to discover information about host
- *Smurf attack - broadcast a ping request to all computers on the network causing crash
- *ICMP redirect attack - redirect packet is sent to the victim asking the host to send its to another router (malicious device)
- *Ping of death - Malformed ICMP sent to victim’s computer causing the host to crash
What does SNMP do
A popular protocol used to manage network equipment
It allows network administrators to remotely monitor, manage, and configure devices on the network
community string
protected password that agents that managed devices used
Types of Community Strings
** A read -only string : which allows information from the agent to be viewed
** Read-Write String : Allows settings on the device to be changed
Default SNMP community strings for read only and read-write
Public and Private
What does DNS do
Domain Name System - It resolves a symbolic name with its corresponding IP address
Attack toward DNS
- DNS poisoning : Substitutes addresses so that computer is redirected to another device
- DNS transfer : ask valid DNS server for zone transfer
File Transfer Protocol FTP
Transferring files can be done using FTP; WHICH IS INSECURE.
Used to connect to an FTP server, much in the same way that HTTP links to a web server.
How to use FTP on a local computer
- From a command prompt - at the operating system
- Using a web browser - by entering preface ftp://
- Using a FTP client
Security vulnerabilities associated with using FTP
FTP does not use encryption ; so usernames, password could be accessed by using protocol analyzer
Secure transmission over FTP
**FTP secure (FTPS) uses SSL or TLS to encrypt commands sent over port 21
** Secure FTP(SFTP) - an entire protocol
NetBIOS - Network Basics Input/output System
A transport protocol used by Microsoft Systems to allow applications on separate computers to communicate over a LAN
Information to gather when NetBios
- *Computer Names
- *Contents of the remote name cache including IP addresses
- *List of local NetBios
- *List of resolved names
a rule-based management approach,
The process of administration that relies on following procedural and technical rules, instead of creating security elements “on the fly.”
What is included in a device security
Establishing a secure configuration and implementing safe guards
Logs
**A log record of events that occur.
** Security logs : Reveals the types of attacks that are being directed at the network and if any of the attacks were successful.
** Security access log : can provide details regarding requests for specific files on a system.
**Audit log : used to record which user performed an action and what that action was.
**System event logs : document any unsuccessful events and the most significant successful events (some system event logs can be tailored to specify the types of events that are recorded).
Network Design Management should consider what
Network separation to prevent bridging, loop protection, and VLAN management.
