Securing TCP/IP Flashcards
Integrity
Process that Guarantees that the data received is the same as originally sent.
Nonrepudiation
A person cannot deny he or she took a specific action
Authentication
Verify that whoever is trying to access the data is the person you want accessing it.
Authorization
What an authenticated person can do with the data.
Ciphertext
When you run cleartext through a cipher algorithm using a key.
Symmetric Key Algorithm
When you use the same key to encrypt and decrypt the encryption
Asymmetric Key Algorithm
When you use different keys for encrypting and decrypting
Block Ciphers
Encrypt data in chunks of a certain length at a time
DES
Data Encryption Standard
DES Definition
used 64 bit block and 56 bit key. Outdated form of block cipher.
Stream Sipher
Takes a single bit at a time and encrypts on the fly.
RC4
Rivest Cipher 4 - very fast stream cipher that was used mostly in wireless. Stopped being used around 2013 due to weakness.
AES
Advanced Encryption Standard
AES definition
Used by almost all TCP/IP applications and is a block cipher that uses 128bit block size and 128, 192, or 256 bit key size.
Public Key Cryptography
Primary Asymmetric implementation of security, most common in RSA
Integrity Hash Function
mathematical function that you ru n on a string of binary digits of any length that results in a value of some fixed length.
File Hashing
Hashing the contents of a file
MD5
Message Digest Algorithm version 5, creates a 128 bit message digest
SHA
Secure Has Algorithm is the primary family of cryptographic hash functions
SHA 224
SHA-2 with a 224 bit message digest
SHA-256
SHA-2 with a 256 bit message digest
SHA-384
SHA-2 with a 384 bit message digest
SHA-512
SHA-2 with a 512 bit message digest
CRAM-MD5
Challenge-Response Authentication Mechanism Message Digest, which is used in SMTP servers as a tool for authentication.
Digital Signature for Nonrepudation
A hash of the public key encrypted by the private key.
PKI
Public Key infrastructure
ACL
Access Control list; Clearly defined list of permissions that specifies what an authenticated user may perform on a shared resource.
MAC
Mandatory Access Control; Every resource is assigned a label that defines its security level.
DAC
Discretionary Access Control; based on the idea that a resource has an owner who may at his or her discretion assign access to that resource.
RBAC
Role based access Control; Defines a users access to a resource based on the roles the user plays in the network environment.
PPP
Point to Point protocol; enables 2 endpoints to connect, authenticate with a user name and password and negotiate the network protocl the two devices will use.
PAP
Password Authentication Protocol; simply transmits username and password in cleartext
CHAP
Challenge Handshake Authentication Protocol; Relies on hashes based on a shared secret, usually a password that both end of the connection know
MS-CHAPv2
The most common auth method for the few of using dial up connections
AAA Protocol
Authentication, Authorization and Accounting; designed for the idea of port authentication
Authentication from AAA
A computer first needs to provide some form of credential for access to the network.
Authorization from AAA
Once Authenticated against a database the computer determines what it can or cannot do on the network.
Accounting from AAA
The authenticating server should do some form of auditing such as logging data traffic, session action and so on.
Two Standards of AAA
RADIUS and TACACS+
RADIUS
Remote Authentication Dial-In Services; was created to support ISPs with hundreds if not thousands of modems in hundreds of computer to connect to a single central database.
What 3 devices does radius consist of?
- Radius Server that has access to database of user names and password
- NAS (Network Access Servers)
- and a group of systems that in some way connect to the network
IAS
Internet Authentication Service; Microsoft version of Radius that come pre-installed on windows server
Ports that Radius uses
UDP ports 1812 and 1813 or 1645 and 1646
TACACS+
Terminal Access Controller Access Control System Plus; used in a system with many routers and switches and it stores the ACL for all devices in a single location.
Kerberos
An Authentication protocol that has no connection to PPP. Auth protocol for TCP/IP networks with many clients all connected to a single authenticating server. Microsoft adopted it as the authentication protocol for all windows networks using a domain controller.
KDC (Kerberos)
Key distribution Center which has two processes
- Authentication Server
- Ticket Granting service
IPsec
Internet Protocol Security is an authentication and encryption protocol suite that works at the internet/network layer.
2 Modes of IPsec
- Transport Mode
2. Tunnel Mode
SCP
Secure Copy Protocol; one of the first protocols used to transfer data securely between 2 hosts.
SNMP
Simple Network Management Protocol; can tell you a number of settings on SNMP capable devices, such as CPU usage, network utilization, and detailed firewall hits.
MIB
Management Information Base; an agent used to collect network infromation.
LDAP
Lightweight Directory Access Protocol; tool that programs use to query and change a database used by the network.
