Saturday, October 19, 2019

CST 311 W 8


This week, we learned about securing TCP, network layer security IPSEC and VPN, securing wireless LANs, and operational security firewalls and intrusion detection.

TCP connections can be secured with Secure Sockets Layer (SSL). SSL is widely used by e-commerce and web-server authenticators to ensure confidentiality, integrity and authentication of the site. It is supported by almost all web servers and browsers and is identified as HTTP but with an S at the end. It is available to all TCP applications and sits between the Application and TCP. It involves a handshake, key derivation, data transfer, and connection closure. A and B use their certificates to authenticate each other and exchange the shared secret, then use the secret to make keys to exchange messages with. The data is transferred in parts and then the connection is closed.

Virtual Private Networks (VPN) are used to provide more security for private networks when using public WIFI or less secured home WIFI. The data is encrypted before it enters the public internet.

WIFI Each packet is separately encrypted and can be decrypted even if previous packets are lost. This can be implemented in hardware and software.  WEP can be broken however, so WEP2 is used.

Firewalls are used to isolate an organization from the internet by filtering packets. Firewalls are used to prevent DOS attacks, modification/access of data, and only allows authenticated users to use their network. Stateless packet filtering involves an internet network with a router firewall. The router filters packets by source/destination IP, TCP/UDP source and destination port numbers, ICMP message types, and TCP SYN and ACK bits. Stateless packet filtering may block IP protocol 17 and the entirety of port 23 resulting in UDP and telenet connections being blocked. If an organization doesn’t want TCP connections from the outside, they would drop all TCP SYN packets except to their web server.  Stateful packet filtering tracks the status of every TCO connection and drop packets that don’t make sense and won’t admit packets if they created inactive connections at the firewall.

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

cst 499 week 8

This week, we finished writing the paper in order to do the best job possible even if it was a little bit late. Now that everything is done,...

  • Week 4
    o    Part One: Set Your Educational Goals o    I want to gain skills that are useful in the current industry. I want to be able to build...
  • Week 3
    Part I: Visit Time Management and Study Strategy       Outlining Textbooks is an area of improvement I need to work on. A note taking te...
  • Week 5
    ·        Part One: Support and Comment on Teammates' Goals (30 min) o    Visit at least two of your team members' blogs on edu...