Scribd
Upload
4 views

security

IPSec consists of two protocols, AH and ESP, which provide authentication and confidentiality, respectively, and can operate in transport or tunnel modes. A good security policy must be implementable, enforceable, clearly defined, communicated, and adaptable to changes. Firewalls, including proxy-based, packet filtering, stateful inspection, and bastion hosts, are crucial for network security, while symmetric and public key cryptosystems like DES and RSA are used for encryption.

Uploaded by

May Zaw Hlaing
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views

security

IPSec consists of two protocols, AH and ESP, which provide authentication and confidentiality, respectively, and can operate in transport or tunnel modes. A good security policy must be implementable, enforceable, clearly defined, communicated, and adaptable to changes. Firewalls, including proxy-based, packet filtering, stateful inspection, and bastion hosts, are crucial for network security, while symmetric and public key cryptosystems like DES and RSA are used for encryption.

Uploaded by

May Zaw Hlaing
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

IPSec is made up of two protocols, which can be used separately or together:

AH (Authentication Header)
o adds digital signature to packet to protect against spoofing
o verifies that packet headers have not been modified
o no encryption, nor confidentiality
o signs whole packet

ESP (Encapsulating Security Payload)


o provides confidentiality by encrypting the data
o encrypts packet headers and data

There are two modes of operation for both AH and ESP

Transport mode
o is used to encrypt data inside a tunnel
o provides end-to-end security, all the way from the sending computer to the
final destination

Tunnel mode
o is used to create a virtual private network
o provides gateway protection

Below is summary of some jargon of security protocols.

plain-text - the original message

clear-text - the original message

cipher-text - the coded message

cipher - algorithm for transforming plaintext to ciphertext

key - info used in cipher, known only to sender/receiver

encipher (encrypt):- converting plaintext to ciphertext

decipher (decrypt): reconverting ciphertext to plaintext

cryptography: study of encryption methods

cryptanalysis:- the study of methods of deciphering ciphertext without knowledge


of enciphering details

cryptology: the field of both cryptography and cryptanalysis

authenticity: verification of the identity of the sender

integrity: assurance that the data was not changed in transit

confidentiality: secrecy, encryption of the data so that it can’t be read by anyone


who doesn’t have the correct key

The purpose of a DMZ is to add an additional layer of security to an organization's Local


Area Network (LAN) so that an external attacker only has access to equipments in the
DMZ, rather than the whole of the network. ( TRUE or FALSE)

A good security policy must:

Be able to be implemented through system administration procedures, publishing of


acceptable use guidelines, or other appropriate methods

Be able to be enforced with security tools, where appropriate, and with sanctions,
where actual prevention is not technically feasible

Clearly define the areas of responsibility for the users, the administrators, and the
managers

Be communicated to all once it is established

Be flexible to the changing environment of a computer network since it is a living


document

Risk
1.Assets

2.Threats

3.Vulnerabilities

Types of attack
1.Disclosure of data (DOD)
2.Corruption of data(COD)
3.Denial of service(DOS)
Strategy Function
1.Prevention expiry date are not exceeded

2.Detection Provide a Signal

3.Reaction Repair Recovery


–--------------- includes all the hardware and software items including PCs, servers,
network
devices, accessories, software licenses, updates, and in-house developed software

________ can make web sites temporarily unavailable and is designed to bring the
network to its knees by flooding it with useless traffic.

_______ can be malicious or non-malicious, physical, technical or operational, and may


even originate from inside an organization.

Vulnerabilities are weakness of a system that could be accidentally or intentionally


exploited to damage _______.

Operating system security


OS software integrity
User access control
Authorized users have sufficient privileges to perform their work and nothing more
Block unnecessary services (e.g. finger, telnet)
To run mail server and web server, better to put them on different computers
Avoid OS with lots of defaults and options
The more complex, the more likely to be abused by user
Network infrastructure security

Service-blocking (e.g. port)


Encryption
Authentication protocol

Digital watermarking which is protect information on web sites from unauthorized


use, prevent users from downloading the information and sharing it with others

Terminology
Firewall

Trojan Horse
Virus
Worm

At the root prompt, encrypt the password using grub2-mkpasswd-pbkdf2:

Firewall is a system designed to prevent unauthorized access to or from a private


network.
Firewalls can be implemented in both hardware and software, or a combination of both.

Firewall types

1.Proxy-based firewall
2.Packet filtering firewall
3.Stateful inspection firewall
4.Bastion host

1.Proxy-based firewall

A proxy is a process that sits between a client process and a server process.

A company wants to make some pages of its web server accessible to all external users
but it wants to restrict certain of the pages to corporate users at one or more remote sites.
Which types of firewall can be implemented in this case.?

2.Packet filtering firewall

An IP packet filter firewall allows you to create a set of rules that either discard or
accept
traffic over a network connection.

a packet filter can only discard traffic

Packet filtering firewalls operate on Layer3 of the OSI model, the Network layer.

Packet filters usually permit or deny network traffic based on:


1.Source IP address
2.Source ports
3.Destination IP addresses
4.Destination ports
5.IP protocols such as TCP, UDP or ICMP

Common “iptables –L”

3.Stateful inspection firewall

A stateful firewall is a firewall that keeps track of the state of network connections (such
as
TCP streams, UDP communication) traveling across it.

“keepalive” messages are sent periodically in order to stop a firewall from dropping the
connection during periods of no user-activity.

4.Bastion host
A bastion host is a computer on the network that provides a single entrance and exit
point to
the Internet from the LAN and vice versa.

bastion host is a mail gateway which is located in DMZ and the mail server is
located in LAN.

Symmetric key – DES

A symmetric key (sometimes called private, secret key, or single key) system uses a
single
key. That key is used both to encrypt and to decrypt information. A symmetric key
cryptosystem uses the one key to encrypt and decrypt messages.

The DES - Data Encryption Standard is a symmetric key algorithm

Public key – RSA


1.Public key cryptosystem
2.RSA
1.Public key cryptosystem
A public key (sometimes called asymmetric key or two key) system uses two keys: a
public
key and a private key

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy