download it
DESCRIPTION
TRANSCRIPT
![Page 1: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/1.jpg)
Network Security
AttacksTechnical Solutions
![Page 2: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/2.jpg)
AcknowledgmentsMaterial is from: CISA Review Manual, 2009 Many other Network Security sources http://www.csrc.nist.gov/publications/drafts/800-118/draft-sp800-118.pdf
Author: Susan J Lincke, PhDUniv. of Wisconsin-Parkside
Reviewers:
Funded by National Science Foundation (NSF) Course, Curriculum and Laboratory Improvement (CCLI) grant 0837574: Information Security: Audit, Case Study, and Service Learning.
Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and/or source(s) and do not necessarily reflect the views of the National Science Foundation.
![Page 3: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/3.jpg)
The Problem of Network Security
The Internet allows an attacker to attack from anywhere in the world from their home desk.
They just need to find one vulnerability: a security analyst need to close every vulnerability.
![Page 4: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/4.jpg)
Crackers
Cracker:Computer-savvy programmer createsattack software
Script Kiddies:Know how toexecute programs
Hacker Bulletin BoardSql Injection
Buffer overflowPassword Crackers
Password Dictionaries
Successful attacks!Crazyman broke into …CoolCat penetrated…
Criminals:Create & sell botnets -> spamSell credit card numbers,…
System AdministratorsSome scripts are usefulto protect networks…
Malware package=$1K-2K1 M Email addresses = $810,000 PCs = $1000
![Page 5: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/5.jpg)
Hacking NetworksPhase 1: Reconnaissance Physical Break-In Dumpster Diving Google, Newsgroups,
Web sites WhoIs Database & Sam
Spade Social Engineering Domain Name Server
Interrogations
Registrant: Microsoft Corporation One Microsoft Way Redmond, WA 98052 US
Domain name: MICROSOFT.COM
Administrative Contact: Administrator, Domain [email protected] One Microsoft Way Redmond, WA 98052 US +1.4258828080 Technical Contact: Hostmaster, MSN [email protected] One Microsoft Way Redmond, WA 98052 US +1.4258828080
Registration Service Provider: DBMS VeriSign, [email protected] 800-579-2848 x4 Please contact DBMS VeriSign for domain updates,
DNS/Nameserver changes, and general domain support questions.
Registrar of Record: TUCOWS, INC. Record last updated on 27-Aug-2006. Record expires on 03-May-2014. Record created on 02-May-1991.
Domain servers in listed order: NS3.MSFT.NET 213.199.144.151 NS1.MSFT.NET 207.68.160.190 NS4.MSFT.NET 207.46.66.126 NS2.MSFT.NET 65.54.240.126 NS5.MSFT.NET 65.55.238.126
![Page 6: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/6.jpg)
Social EngineeringI need a
password reset. What is the
passwd set to?
This is John, the System
Admin. What is your password?
Email:
ABC Bank has
noticed a
problem with
your account…
I have come to repair
your machine…and have
some software patches
What ethnicity are you? Your
mother’s maiden name?
![Page 7: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/7.jpg)
Logic Bomb
Logic Bomb= Malware has malicious purpose in addition to functional purpose
Software which will malfunction if maintenance fee is not paid
+ Social Engineering: “Try this game…it is so cool” Game also emails password
file.
![Page 8: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/8.jpg)
ABC BANKYour bank account password is about to expire.Please login…
Phishing = Fake Email
The bank has found problems with your
account. Please contact …”
![Page 9: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/9.jpg)
Pharming = Fake web pages
Pharming: A fake web page
may lead to a real web page
The fake web page looks like the real thing Extracts account
information
LoginPasswd
WelcomeTo ABC
Bank
www.abc.com www.abcBank.com
![Page 10: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/10.jpg)
Hacking NetworksPhase 2: ScanningWar Driving: Can I find a wireless network?
War Dialing: Can I find a modem to connect to?
Network Mapping: What IP addresses exist, and what ports are open on them?
Vulnerability-Scanning Tools: What versions of software are implemented on devices?
![Page 11: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/11.jpg)
Passive Attacks
Eavesdropping: Listen to packets from other parties = Sniffing
Traffic Analysis: Learn about network from observing traffic patterns
Footprinting: Test to determine software installed on system = Network Mapping
B
Packet A
C
Bob
JennieCarl
![Page 12: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/12.jpg)
Hacking Networks:Phase 3: Gaining Access
Network Attacks: Sniffing
(Eavesdropping) IP Address Spoofing Session Hijacking
System Attacks: Buffer Overflow Password Cracking SQL Injection Web Protocol Abuse Denial of Service Trap Door
Login: Ginger Password: Snap
![Page 13: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/13.jpg)
Some Active Attacks
Denial of Service: Message did not make it; or service could not run
Masquerading or Spoofing: The actual sender is not the claimed sender
Message Modification: The message was modified in transmission
Packet Replay: A past packet is transmitted again in order to gain access or otherwise cause damage
Denial of Service Joe
Ann
Bill SpoofingJoe (Actually Bill)
Ann
Bill
MessageModification Joe
Ann
Packet Replay Joe
Ann
Bill
Bill
![Page 14: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/14.jpg)
Man-In-The-Middle Attack
Real AP
Trojan AP orRogue Access Point
Victim
Login
Login
Also implements SPOOFING
![Page 15: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/15.jpg)
Man-in-the-Middle Attack
1.1.1.1
1.1.1.2
1.1.1.3(1) Login
(3) Password
(2) Login
(4) Password
![Page 16: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/16.jpg)
SQL Injection Java Original: “SELECT * FROM
users_table WHERE username=” + “’” + username + “’” + “ AND password = “ + “’” + password + “’”;
Inserted Password: Aa’ OR ‘’=’ Java Result: “SELECT * FROM
users_table WHERE username=’anyname’ AND password = ‘Aa’ OR ‘ ‘ = ‘ ‘;
Inserted Password: foo’;DELETE FROM users_table WHERE username LIKE ‘%
Java Result: “SELECT * FROM users_table WHERE username=’anyname’ AND password = ‘foo’; DELETE FROM users_table WHERE username LIKE ‘%’
Inserted entry: ‘|shell(“cmd /c echo “ & char(124) & “format c:”)|’
Login:
Password:
Welcome to My System
![Page 17: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/17.jpg)
Virus
A virus attaches itself to a program, file, or disk
When the program is executed, the virus too is executed
When the program is given away (floppy/email) the virus spreads
The virus may be benign or malignant but executes its load pay at some point (often upon contact)
CoughCough!Don’t come
close!
ProgramA
Extra Code
ProgramA
infects
![Page 18: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/18.jpg)
Worm
Worm: Independent program which replicates itself and sends copies from computer to computer across network connections. Upon arrival the worm may be activated to replicate.
To Joe
To AnnTo Jill
Email List:[email protected]@[email protected]
![Page 19: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/19.jpg)
NIST SP 800-118 Draft
Password Cracking:Dictionary Attack & Brute Force
Pattern Calculation
Result Time to Guess(2.6x1018/month)
Personal Info: interests, relatives 20 Manual 5 minutes
Social Engineering 1 Manual 2 minutes
American Dictionary 80,000 < 1 second
4 chars: lower case alpha 264 5x105
8 chars: lower case alpha 268 2x1011
8 chars: alpha 528 5x1013
8 chars: alphanumeric 628 2x1014 3.4 min.
8 chars alphanumeric +10 728 7x1014 12 min.
8 chars: all keyboard 958 7x1015 2 hours
12 chars: alphanumeric 6212 3x1021 96 years
12 chars: alphanumeric + 10 7212 2x1022 500 years
12 chars: all keyboard 9512 5x1023
16 chars: alphanumeric 6216 5x1028
![Page 20: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/20.jpg)
Hacking Networks:Phase 4: Exploit/Maintain Access
Backdoor
Trojan Horse
SpywareBots
User-Level Rootkit
Kernel-Level Rootkit
Replaces systemexecutables: e.g. Login, ls, du
Replaces OS kernel:e.g. process or filecontrol to hide
Control system:system commands,log keystrokes, pswd
Useful utility actuallycreates a backdoor.
Slave forwards/performscommands; spreads,list email addrs, DOSattacks
Collect info:keystroke logger,collect credit card #s,insert ads,filter search results
![Page 21: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/21.jpg)
Root Kit
Root Kit Upon penetrating a
computer, a hacker installs a root kit
May enable: Easy entrance for the hacker
(and others) Keystroke logger
Eliminates evidence of break-in
Modifies the operating system Backdoor entry Keystroke Logger Hidden user
![Page 22: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/22.jpg)
Botnets
AttackerHandler
Bots: Host illegal movies, music, pornography, criminal web sites, … Forward Spam for financial gain
China Hungary
Botnets: Bots
Zombies
![Page 23: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/23.jpg)
Distributed Denial of Service Zombies
VictimAttacker Handler
Can barrage a victimserver with requests,causing the networkto fail to respond to anyone
China Hungary UnitedStates
Zombies
![Page 24: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/24.jpg)
Network Security
Network Defense
Encryption
![Page 25: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/25.jpg)
Security: Defense in Depth
Border RouterPerimeter firewallInternal firewallIntrusion Detection SystemPolicies & Procedures & AuditsAuthenticationAccess Controls
![Page 26: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/26.jpg)
Bastion Host
Computer fortified against attackers
Applications turned off
Operating system patched
Security configuration tightened
![Page 27: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/27.jpg)
Attacking the Network
The Internet
De-MilitarizedZone
Private Network
Border Router/Firewall
Commercial Network
Private Network
![Page 28: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/28.jpg)
Filters
Content Filter: Scans contents of packets and discards if ruleset failed (e.g., Intrusion Prevention System or firewall)
Packet Filter: Scans headers of packets and discards if ruleset failed (e.g., Firewall or router)
Route Filter: Verifies sources and destination of IP addresses
The good, the bad &the ugly…
Filter
The bad &the ugly
The Good
![Page 29: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/29.jpg)
FirewallConfigurations
A A
terminal
firewall
hostRouter Packet Filtering:Packet header is inspectedSingle packet attacks caughtVery little overhead in firewall: very quickHigh volume filter
A A
terminal
firewall
host
A
Stateful InspectionState retained in firewall memoryMost multi-packet attacks caughtMore fields in packet header inspectedLittle overhead in firewall: quick
![Page 30: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/30.jpg)
FirewallConfigurations
A B
terminal
firewall
hostCircuit-Level Firewall:Packet session terminated and recreated via a Proxy ServerAll multi-packet attacks caughtPacket header completely inspectedHigh overhead in firewall: slow
A B
terminal
firewall
host
A
Application-Level FirewallPacket session terminated and recreated via a Proxy ServerPacket header completely inspectedMost or all of application inspectedHighest overhead: slow & low volume
A B
B
![Page 31: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/31.jpg)
Path of Logical AccessHow many logical access checks are required?
The Internet
De-MilitarizedZone
Private Network
Border Router/Firewall
Router/FirewallWLAN
How could access control be improved?
![Page 32: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/32.jpg)
Protecting the Network
The Internet
De-MilitarizedZone
Private Network
Border Router: Packet Filter
Bastion Hosts
Proxy server firewallWLAN
![Page 33: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/33.jpg)
Router
External DNS
IDS Web Server
E-Commerce VPNServer
Firewall
IDS
Protected Internal NetworkZone
IDSDatabase/File Servers
Internet
Multi-Homed Firewall:Separate Zones
Demilitarized ZoneWith ProxyInterface
ScreenedHost
The router serves as a screen for theFirewall, preventing Denial of Serviceattacks to the Firewall.
ScreeningDevice
![Page 34: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/34.jpg)
Writing Rules
Policies Network Filter Capabilities
Write Rules
Protected Network
Audit Failures
Corrections
![Page 35: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/35.jpg)
Intrusion Detection Systems (IDS) Intrusion Prevention Systems (IPS)
Network IDS=NIDS Examines packets for attacks Can find worms, viruses, org-
defined attacks Warns administrator of attack IPS=Packets are routed
through IPS
Host IDS=HIDS Examines actions or resources
for attacks Recognize unusual or
inappropriate behavior E.g., Detect modification or
deletion of special files
Router
Firewall
IDS
![Page 36: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/36.jpg)
IDS Intelligence Systems
Signature-Based: Specific patterns are recognized
as attacks
Statistical-Based: The expected behavior of the
system is understood If variations occur, they may be
attacks (or maybe not)Neural Networks: Statistical-Based with self-learning
(or artificial intelligence) Recognizes patterns
Attacks:
NastyVirusBlastWorm
NastyVirus
NIDS:ALARM!!!
0
10
20
30
40
50
60
70
80
90
Mon. Tues. Wed. Thurs.
Sales
Personnel
Factory
Nor
mal
![Page 37: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/37.jpg)
Remote Access Security
Virtual Private Network (VPN) often implemented with IPSec Can authenticate and encrypt data through Internet (red line) Easy to use and inexpensive Difficult to troubleshoot, less reliable than dedicated lines Susceptible to malicious software and unauthorized actions
The Internet
Firewall
VPN Concentrator
![Page 38: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/38.jpg)
Network Access Server
NAS: Network Access Server Handles user authentication, access control and accounting Calls back to pre-stored number based on user ID Prone to hackers, DOS, misconfigured or insecure devices
RADIUS: Remote Access Dial-in User ServiceTACACS: Terminal Access Control Access
1. Dial up and authenticate
2. Call back
RADIUS orTACACS
3. Connect
![Page 39: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/39.jpg)
Honeypot & HoneynetHoneypot: A system with a special software application
which appears easy to break intoHoneynet: A network which appears easy to break into Purpose: Catch attackers All traffic going to honeypot/net is suspicious If successfully penetrated, can launch further attacks Must be carefully monitored
External DNS
IDS Web Server
E-Commerce VPNServerHoney
Pot
Firewall
![Page 40: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/40.jpg)
Data Privacy
Confidentiality: Unauthorized parties cannot access information (->Secret Key Encryption
Authenticity: Ensuring that the actual sender is the claimed sender. (->Public Key Encryption)
Integrity: Ensuring that the message was not modified in transmission. (->Hashing)
Nonrepudiation: Ensuring that sender cannot deny sending a message at a later time. (->Digital Signature)
Confidentiality Joe
Ann
Bill AuthenticityJoe (Actually Bill)
Ann
Bill
Integrity Joe
Ann
Non-Repudiation Joe
Ann
Bill
![Page 41: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/41.jpg)
Secure Hash FunctionsExamples: SHA1, SHA2, MD2, MD4, MD5
Message
H H E
Message HMessage H
D
H H
H
Compare
Message Authentication Code
Message
H
Message Message
H
H H H
H
Compare
One Way Hash
K K
K K
Ensures the message was not modified during transmission
NIST Recommended: SHA-1, SHA-22011: SHA-2
![Page 42: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/42.jpg)
Encryption – Secret KeyExamples: DES, AES
EncryptKsecret
DecryptKsecret
plaintextciphertext
plaintext
P = D(Ksecret, E(Ksecret,P))
NIST Recommended: 3DES w. CBC AES 128 Bit
![Page 43: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/43.jpg)
Public Key EncryptionExamples: RSA, ECC, Quantum
Encrypt(public)
Decrypt(private)
Key ownerJoe
Encryption(e.g., RCS)
Decrypt(public)
Encrypt(private)
Message, private key
Digital Signature
Key owner
Authentication,Non-repudiation
Joe
P = D(kPRIV, E(kPUB,P))
P = D(kPUB, E(kPRIV,P))NIST Recommended: RSA 1024 bit2011: RSA 2048 bit
![Page 44: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/44.jpg)
Encrypted K(Sender’s Private)
Digital Signature
Electronic Signature Uses public key
algorithm Verifies integrity of
data Verifies identity of
sender: non-repudiation
Message
Msg Digest
![Page 45: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/45.jpg)
Public Key Infrastructure (PKI)
DigitalCertificate User: Sue
Public Key:2456
1. Sue registers withCA through RA
Certificate Authority(CA)
Register(Owner, Public Key) 2. Registration Authority(RA) verifies owners
3. Send approvedDigital Certificates
5. Tom requests Sue’s DC 6. CA sends Sue’s DC
Sue
Tom
4. Sue sendsTom messagesigned withDigital Signature
7. Tom confirmsSue’s DS
![Page 46: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/46.jpg)
Web Page Security
SQL Filtering: Filtering of web input for SQL Injection
Encryption/Authentication: Ensuring Confidentiality, Integrity, Authenticity, Non-repudiation
Web Protocol Protection: Protection of State
![Page 47: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/47.jpg)
Vulnerability Assessment
Scan servers, work stations, and control devices for vulnerabilitiesOpen services, patching, configuration
weaknesses Testing controls for effectiveness
Adherence to policy & standards Penetration testing
![Page 48: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/48.jpg)
Summary of Controls
Authentication & Access Policy-compliance system:
Rule-based access or auditing Identity mgmt system: DB for
authentication & access Handheld token
(authentication) Biometrics Single sign-on (SSO) Certificate Authority: PKI Digital Signature Entitlements=role-based
access
Network Protection Firewalls Proxy server Demilitarized Zone (DMZ) Intrusion Detection Intrusion Prevention Encryption or Masking Virtual Private Network (VPN):
Secure communications tunnelApplication Protection SSL: Secure web SSH: Secure telnet/rlogin or
file transfer S/MIME: Secure email Secure Information Mgmt: Log
mgmt
![Page 49: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/49.jpg)
Question
The filter with the most extensive filtering capability is the
1. Packet filter
2. Application-level firewall
3. Circuit-level firewall
4. State Inspection
![Page 50: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/50.jpg)
Question
The technique which implementing non-repudiation is:
1. Hash
2. Secret Key Encryption
3. Digital Signature
4. IDS
![Page 51: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/51.jpg)
Question
An attack where multiple computers send connection packets to a server simultaneously to slow the firewall is known as:
1. Spoofing
2. DDOS
3. Worm
4. Rootkit
![Page 52: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/52.jpg)
Question
A man in the middle attack is implementing which additional type of attack:
1. Spoofing2. DoS3. Phishing4. Pharming
![Page 53: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/53.jpg)
Question
Anti-virus software typically implements which type of defensive software:
1. Neural Network
2. Statistical-based
3. Signature-based
4. Packet filter
![Page 54: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/54.jpg)
Question
MD5 is an example of what type of software:
1. Public Key Encryption
2. Secret Key Encryption
3. Message Authentication
4. PKI
![Page 55: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/55.jpg)
Question
A personal firewall implemented as part of the OS or antivirus software qualifies as a:
1. Dual-homed firewall2. Packet filter3. Screened host4. Bastion host
![Page 56: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/56.jpg)
Vocabulary to Study
Attacks: Script kiddy, social engineering, logic bomb, Trojan horse, phishing, pharming, war driving, war dialing, man-in-the-middle attack, SQL Injection, virus, worm, root kit, dictionary attack, brute force attack, DOS, DDOS, botnet, spoofing, packet replay
![Page 57: Download It](https://reader033.vdocument.in/reader033/viewer/2022061109/5451cd04af795911068b863a/html5/thumbnails/57.jpg)
Vocabulary to Study
Defenses: Defense in depth, bastion host, content filter, packet filter, stateful inspection, circuit-level firewall, application-level firewall, de-militarized zone, multi-homed firewall, IDS, IPS, NIDS, HIDS, signature-based IDS, statistical-based IDS, neural network, VPN, network access server (RADIUS/TACACS), honeypot, honeynet, hash, secret key encryption, public key encryption, digital signature, PKI, vulnerability assessment
Techniques: SHA1/SHA2, MD2/MD4/MD5, DES, AES, RSA, ECC, Quantum
Security Goals: Confidentiality, authenticity, integrity, non-repudiation