Transcript public key
Intrusion Detection and Intrusion Prevention Systems Intrusion Detection System (IDS)—Only detects unauthorized activity. Example: MS Event Viewer Intrusion Prevention System (IPS)—Detects unauthorized activity and performs some function to stop the activity. Example: Most antivirus software IDS and IPS require some form of port monitoring When a particular port on a switch is connected directly to the IDS or IPS and monitors all activity through another port on the same switch. © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Public Key Infrastructure (PKI) Provides encryption and authentication The method of using an algorithm to encode data. Algorithm converts data into ciphertext encrypted data Cryptology—Science of encrypting data Generates key and uses it for encryption Generates certificate to verify authentication © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Key Encryption Methods Symmetric-key encryption—Generally used when large amounts of data need to be encrypted Asymmetric-key encryption—Both the public and private keys are needed to encode and decode data © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Digital Certificate A file that commonly contains data such as the user’s name and e-mail address, the public key value assigned to the user, the validity period of the public key, issuing authority identifier information © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Certificate Authority (CA) 1. Station1 applies for digital certificate from a CA to send an encrypted message to Station2 2. CA issues digital certificate to Station1 3. Station1 uses private key to encrypt message 4. Station1 sends encrypted message to Station2 5. Station2 uses the public key to decode encrypted message © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Details of a VeriSign Digital Certificate © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Security Sockets Layer (SSL) and Transport Layer Security (TLS) Application layer protocols Support VoIP, e-mail, and remote connections Based on public key encryption technology Displays https:// when securing Web site connection Not compatible with each other TLS more secure; SSL more popular © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Secure HTTP (S-HTTP) Uses symmetric, or private, keys for encoding and decoding messages Not supported by all Web browsers © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Virtual Network Connection (VNC) Describes point-to-point connection to a remote device Connection considered “virtual” because user’s network device is not a physical part of remote network © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Internet Protocol Security (IPSec) Collection of security protocols, hashes, and algorithms Authentication can be verified with Kerberos, a preshared key, or digital certificates IPSec VPNs typically use public and private keys for encryption © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. IPSec Modes Transport mode An IPSec mode that only encrypts the payload. Tunnel mode An IPSec mode that encrypts the payload and the header. © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Secure Shell (SSH) Originally designed for UNIX to replace Remote Login (rlogin), Remote Shell (rsh), and Remote Copy (rcp) Uses port 22 Requires a private key, public key, and password Can be used on operating systems that support TCP/IP © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. SSH Example © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Secure Copy Protocol (SCP) Replacement for Remote Copy (rcp) command Does not require password © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Service Set Identifier (SSID) Identifies wireless network Similar to workgroup name All wireless network devices are configured with a default SSID To secure the wireless network, the default SSID should be changed © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Media Access Control (MAC) Filtering To configure MAC filtering, administrator creates an Access Control List (ACL) ACL is located on Wireless Access Point (WAP) ACL contains list of MAC addresses belonging to authorized wireless network devices © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Wired Equivalent Privacy (WEP) First attempt to secure with encryption the data transferred across a wireless network Algorithm not complex and can be easily cracked A VPN can add to the security set in place by WEP © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. Wi-Fi Protected Access (WPA) Developed by the Wi-Fi organization to overcome the vulnerabilities of WEP Compatible with 802.11 devices Wi-Fi Protected Access 2 (WPA2) is an enhanced version of WPA WPA2 is compatible with the 802.11i standard © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. 802.11i IEEE ratified 802.11 standard to remedy original security flaws Specifies the use of a 128-bit Advanced Encryption Standard (AES) for data encryption Generates fresh set of keys for each new connection Downward compatible with existing 802.11 devices © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. 802.1x Authentication Provides port-based, network access control Used for client/server-based networks Supplicant—Wireless network device requesting network access Authenticator—WAP provides authentication Authentication server—Server running Remote Authentication Dial-In User Service (RADIUS) © Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational use only. IN CLASS LAB Roberts Labs 74, 76, 77 NEXT CLASS Labsim Homework 8.3.1–8.3.3