Network Protocols and System Identification Flashcards
Network Protocols
A set of rules used by two or more devices on a network to describe the order of delivery and structure of the data
Hypertext Transfer protocol (HTTPS)
provides secure connection between client and server
Domain Name System (DNS)
Converts domain names to IP addresses
Transmission Control Protocol (TCP)
Allows a connection to be formed between 2 devices
Simple Network Management Protocol (SNMP)
lsed for monitoring and managing devices on a network.
can reset a password on a network device or change its baseline configuration.
can also send requests to network devices for a report on how much of the network’s bandwidth is being used up
Internet Control Message Protocol (ICMP)
used by devices to tell each other about data transmission errors across the network.
used by a receiving device to send a report to the sending device about the data transmission.
commonly used as a quick way to troubleshoot network connectivity and latency by issuing the “ping” command on a Linux operating system.
IEEE 802.11
standards for wireless LAN
WPA
Wireless security protocol for devices to connect to the internet
Wired equivalent privacy (WEP)
s a wireless security protocol designed to provide users with the same level of privacy on wireless network connections as they have on wired network connections.
WEP was developed in 1999 and is the oldest of the wireless security standards.
Difference between WEP and WPA
WPA encryption algorithm uses larger secret keys than WEPs
WPA includes a message integrity check that includes a message authentication tag with each transmission. If a malicious actor attempts to alter the transmission in any way or resend at another time, WPA’s message integrity check will identify the attack and reject the transmission.
Vulnerabilities of WPA
a key reinstallation attack (or KRACK attack) to decrypt transmissions using WPA.
Attackers can insert themselves in the WPA authentication handshake process and insert a new encryption key instead of the dynamic one assigned by WPA.
If they set the new key to all zeros, it is as if the transmission is not encrypted at all.
Firewall
A security device that monitors traffic to and from your network.
Port filter
A firewall blocking or allowing certain port numbers to limit unwanted communication
Hardware firewall
Inspects each data packet before allowing it to enter the network
Software Firewall
Same as hardware, but it’s a software
Cloud-based firewalls
self-explanatory, duh
Stateful
Firewall that proactively filters out threats by keeping track of every data packet
Stateless
Lets things in based on rules, but doesn’t track everything
Next Generation Firewalls
In addition to being stateful, they do deep packet inspection, intrusion protection, and tap into threat intelligence platforms
VPN
Changes your virtual location and public IP address so your data doesn’t get stolen. Data gets wrapped in other data packets
Security Zone
A segment of a network that protects the internal network from the internet
Network Segmentation
The division of a network into segments to make it safer
Uncontrolled Zone
Anything a network doesn’t/can’t control
Controlled Zone
A subnet that protects the internal network from the uncontrolled zone
Demilitarized Zone
Public Facing Services that can access the internet
(Web Servers, Proxy Servers, File Servers)
Restricted Zone
Highly confidential information only for employees.
Proxy server
Forwards client requests to another server
Forward Proxy Server
Regulates and restricts a user’s access to the internet
Forward Proxy Server
regulates and restricts a person’s access to the internet. Hide a user’s IP address and approve a person’s outgoing traffic
Reverse proxy server
regulates and restricts the external servers’ access to the network