Security Plus Grouped Notes

thunderingaardvarkAI and Robotics

Nov 18, 2013 (3 years and 4 months ago)

60 views

Tom’s
Security Plus Group
ed

Notes

Adapted from
http://www.nedatanet.com/certification/comp
-
tias
-
security
-
certification
-
exam
-
notes/



Security Design Goals

-

CIA
-

C
onfidentiality,
I
ntegrity and
A
vailability

(
A
ccountability)

-

Confidentiality
-
prevent unauthorized access.

-

Integrity
-

t
he data is true and trustworthy.

-

Availability
-

p
rotect data and prevent its lost.

-

Accountability

-

w
ho owns data and making sure
it is accurate.


Access Control Models

-

MAC

Mandatory Access Control


An Administrator
creates

a predefined set of permissions and assigns them to
users and objects (labels)

-

DAC

Discretionary
Access

Control


The resource owner established who or what has
rights to an object (ACL)

-

RBAC

Role Based Access Control


Rights are assigned per user role,
usually

based on organizational structure.


Authentication and Identification

-

Kerberos

uses a KDC Key Distribution Center to manage authentication. The KDC issues a ticket to a principle
;

the
principle can use the ticket to authenticate against other principles.

-

CHAP

Challenge Handshake Authentication Protocol


Client sends logon request.
Server returns a challenge. The
Client returns the challenge, encrypted. If the Server sees a match, authentication is granted.

-

MS CHAP

Microsoft’s implementation of CHAP.

-

Certificates

A Certificate authority issues a certificate to a client. Certificates
can be revoked using a CRL

-

PAP

Password Authentication Protocol


Username and Pass are clear text.

-

Tokens

A token contains the rights of the token holder.

-

Multi
-
Factor Authentication

Two or more access methods used in concert.

-

Biometri
cs

use physical cha
racteristics
-

retina scanning, fingerprint reading
,

face recognition or hand scanners.


Algorithms Symmetric

-

Both sender and receiver must have the same key.

-

DES
-
Data Encryption Standard, 56 bit key

-

AES
-
Advanced Encryption Standard


Rijnadel

algorithm
-

Key sizes are 128,192,and 256 bits

-

3DES
-
Triple DES. Harder to break then DES

-

CAST
-
Carlisle Adams and Stafford Tavares 40 to 128 bit key

-

RC
-
Rivest Cipher Key up to 2048 bits

-

Blowfish
-
64 bit block cipher

-

Twofish
-
128 bit block cipher

-

IDEA
-

I
nternational Data Encryption Algorithm.


Algorithms Asymmetric
-

Use public/private key pair to encrypt.

-

RSA works for encryption and digital signatures. SSL uses RSA

-

Diffie
-
Hellman used to transmit keys securely

-

ECC Elliptic Curve Cryptography
-
smaller, l
ighter
than

RSA. Leveraged by mobile devices.


Attack Types

-

Access

Attacks
-
the attacker’s goal is to gain unauthorized access to information or services.

-

Back Doors

-
allows the attacker a ‘back door’ into a system or application for purposes of control

-

Dumpster Diving

-
l
iterally picking the corporate dumpster for information. Also called Information Diving

-

Eavesdropping

-
s
imply listening in in an effort to gain knowledge.

-

Interception

-
t
he attacker positions himself covertly, either physically or in a di
gital sense, in the middle of a
transaction or conversation.

-

Man In The Middle

-
t
his interception attack relays communications between hosts who have a legitimate connection
and the attacker may insert, delete or gather information. Wireless access is a co
mmon vector for this attack.

-

M
odification

Attacks
-
t
he attacker’s goal is to alter information for gain.

-

Repudiation

Attacks
-
m
odifying with the purpose of discrediting or invalidating information.

-

Replay Attack

-
t
he attacker attempts to capture packets
on its way from one host to another, and then replay them to
a targeted host in an attempt to impersonate a legitimate user or system.

-

Snooping

-
p
eeking around for information.

-

Spoofing

-
t
he attacker attempts to appear to be someone else, usually a
legitimate user.




Denial Of Service
a
ttacks

-

DOS

-
Denial of Service

-

DDOS

-
Distributed Denial of Service

-

SYN Flood

-
attempting to tie up resources with incomplete TCP connections

-

Smurf Attack
-

a

broadcast is sent to multiple machines with a forged source request


all the machines reply to the
victim host, inundating it with responses.

-

Ping Flood

-
t
he victim host is sent an overwhelming amount of ping traffic

-

Fraggle Attack

-
a

flood of UDP traffi
c is sent to a victim host.

-

Application Flood

-
t
he attacker leverages a weakness in at the application level
.

IRC floods are a common example.


Corporate Policies

-

Auditing

-

m
aking sure that policies and procedures are followed with regards to
organizational policies.

-

Acceptable Use

-

l
ays out what can and cannot be done with services and equipment.

-

Best Practices
-

s
et

of recommendations on how to implement or use a practice or product.

-

Certificate Policy

-

for issuing and management of certifi
cate, including use, storage

-

Change Documentation

-

l
og file that records changes to the computing environment

-

Data Retention

-

d
efines life of data and how to properly dispose of data.

-

Human Resource



H
iring policy, Termination Policy, Ethics policy.

-

Inc
ident Response

-

h
ow to respond to a security incident, including logging, notification chain of custody, information
gathering, and contact lists.

-

Need to Know

-

limits information to those who require it for duties

-

Privacy/Confidentiality

-

s
tate
s

what information can or cannot be disclosed

-

Separation Of Duty

-

d
esigned to reduce risk of fraud

-

Security

Controls
-

implemented to maintain security of systems users and networks


Business Continuity
/
Disaster Recovery/

-

Business Continuity Plan

-
p
rocesse
s and methods to minimize business disruption (proactive)
s
hould contain
information about specific events, contracts and a contact list.

-

Disaster Recovery Plan

-
a

corporate plan to re
-
implement services in the event of an outage (reactive) Test (and
document test) at least yearly. The DR plan should include a complete inventory of all devices.

-

Clustering Strategy

-
for redundancy and load balancing

-

Fault Tolerance O
peration

-
is continued if a fault occurs

-

Reciprocal Agreement

-
t
wo entities agree to do best effort to provide services in the event of an emergency.

-

Redundancy

-
m
ultiple components designed for fail
-
over

-

Working Copy Backups

-
maintained onsite (shadow cop
ies)

-

Onsite Storage

-
l
ocal information store

-

Alternate Site

-
a

secondary site for restoring network operations

-

Hot Site

-
a

fully equipped and operational data processing facility
-

ready to go. Very expensive. Active backup model.

-

Warm Site

-
c
onditioned spa
ce with communications, environmental controls and power, Equipment is in place. Data
may be near line or brought in via
removable

media such as tape.(active/active model)

-

Cold Site

-
c
onditioned space, possibly with communications, environmental controls a
nd power. No live data.

-

MTBF

-
Mean Time Between Failures


anticipated time before a failure occurs.

-

MTTR

-
Mean Time To Repair
-
h
ow long to repair a system

-

Code Escrow

-
a

third party holds code written in escrow to assure availability


Cryptography

-

Cipher



a method used to encode information

-

Ciphertext

-
encoded information

-

Cryptanalysts

-
t
hose who break crypto

-

Hashing

-

using mathematical functions to encode information

-

Keyspace

-

a representation of the amount of possible combinations of key
transformations supported by a cipher

-

Perfect

Secrecy

-

t
he number of possible keys is the same as the number of possible messages.

-

Plaintext

-

unencrypted information

-

Quantum

Cryptography

-

e
ncrypting data based on the properties of photons
-

fiber optic
transmission of secret keys

-

Steganography

-

hiding information in other information (such as a picture)

-

Substitution

C
ipher

-

changes one thing into another

-

Transposition

Cipher

-

scrambling information in a certain manner


Code breaking techniques

-

Algorit
hm

Errors

-
t
he crypto output becomes predictable and leads to compromise

-

Brute

Force

-
trying every combination until one works

-

Codebook

-

Attacker attempts to build a book of all possible transformations between ciphertext and plaintext.

-

Frequency

Analysis

-
Looking for patterns in the encrypted information

-

Human

Error

Attack
-

the weakest link


Forensic Investigation Method (3A’s
)
.

-

Acquire the Evidence
, gather data from machines

-

Authenticate the evidence

p
roving that the evidence is factual and
not t
ampered
.

-

Analyze the evidence

look for the trail of actions and operations related to the incident.

-

Bit for bit copy



making an exact copy of computer media, which is created in a manner which is non
-
destructive to
the source. The bit for bit copy will be analyze
d, leaving the original unchanged.

-

Chain Of Custody



log of the possession of evidence
-
should catalog every event since the time of evidence
collection.

(
Who, how and where
)
. Date and time stamps are critical.

-

Preservation Of Evidence

(bag and tag)


mak
e sure that physical control of evidence exists and is logged.

-

Root Cause Analysis

The most basic cause or situation that allowed an incident to happen


Hardening

The process of securing a computing environment from attackers.

-

OS hardening can be
achieved

by removing unn
ee
ded protocols and services, installing security patches

-

MS OS items of interest here are IIS, FTP and installing service packs.

-

Novell needs to have a properly configured NDS (Novell Directory Service) or eDirectory, remove unneeded NLMs

NetWare Loadable Modules, and install Support Packs, the Novell version of service packs.

-

Unix/Linux
-

Install Patches, remove unneeded services.

-

Apple Mac systems
-

Ensue login at startup, remove unneeded protocols.


Hash

-

One Way Hash Message cannot be dec
oded back to the original value

-

Two Way Hash Message can be decoded back to original value

-

Digital Signature Hash process using a key from the sender, who provides a copy to the receiver.

-

MDA Message Digest Algorithm

-

SHA Secure Hash Algorithm

-

Message Integ
rity The message has not been altered from its original content

-

Message Authentication The message is verified to be from the sender

-

MAC Message Authentication Code


Verifies message integrity and authentication, using a key and the data with a
hashing
algorithm.


Honey Pots


-

T
arget machine designed for the purpose of bait for an attacker or to trap the attacker.

-

Should misrepresent its purpose to an attacker as well.

-

Honey Net

a network of honey pot computers, designed to fool the attacker.

Can be run
in software on a single host
or be distributed over several hosts.

-

Enticement

luring into a plan or trap.

-

Entrapment

encouragement to commit a crime.


Intrusion Detection:

-

AD
-
IDS Anomaly detection IDS looks for patterns that do not match normal traffic
baselines.

-

H
-
IDS Host Based IDS runs on a host system and protects that system. Examines log files. Exposure to attacked log
files, costly deployment. Can use checksums on files.

-

MD
-
IDS Misuse IDS evaluates attacks on signatures and audit trails.

-

N
-
IDS Net
work Based IDS Sits on the network, at choice points looking at all traffic that passes by

-

Active Response


Kill processes or sessions, change network configuration, implement deceptive responses

-

Passive Response
-
logging, notification and shunning (ignor
e)

-

Incident Response

-

The process of identifying, investigating, repairing and documenting procedures to understand
and prevent an incident.

-

Escalation



using a predetermined path of responsibilities, moving ‘up the chain’.

-

IDS Intrusion Detection

System monitors the system or network for anomalies.

-

IPS Intrusion Prevention

System uses active responses to malicious traffic.


PKI Public Key Infrastructure

-
Asymmetric system that attempts to provide a framework for end to end security covering
messag
es and transactions, across different infrastructures.

-

CA Certificate Authority
-
issues, distributes and revokes certificates.

Certificate associates a public key with a user

-

RA Registration Authority Works with a CA to offload work, can do everything exce
pt issue certificates.

-

LRA Local Registration Authority Can identify users and proxy to the CA

-

CRL Certificate Revocation List


Process to expire a certificate early. Published by CA.

-

X.509 ITU standard certificate format. Version 2 for CRL and version 3
for certificates.

-

CMP Certificate Management Protocol
-
allows PKI entities to communicate.

-

XMKS XML Key Management Specifications allows XML programs to access PKI. Built on CMP

-

SSL establishes session using asymmetric and the session is in symmetric encry
ption. Clients must be able to accept
the level of encryption (40 bit, 56 bit,128 bit,256 bit). Older browsers are limited.

-

TLS Transport Layer Security.
Updated version of SSL, also called SSL 3.1, inoperable with regular SSL

-

PGP Pretty Good Privacy


pop
ular system for public domain crypto. Seen often in email.

-

S/MIME Secure Multipurpose Mail Extensions
-

Secure MIME for email. Uses asymmetric encryption and certificates
for authentication.

-

SET Secure Electronic Transaction


Visa/MasterCard protocol for
secure card transactions

-

PKIX Public Key Infrastructure X.509 IETF working group for X.509

-

PKCS Public Key Cryptography Standards Voluntary standards for vendors to implement PK crypto


PBX security

-

Make sure remote access for
maintenance

is strong
authentication. Turn

off if possible when not in use

-

Insist on strong user passwords, do not contain the extension, repeating or sequential digits


Policy Types

-

Administrative Policies

Corporate guidelines for
upgrades, monitoring

backups and audits.

-

Softw
are Design Requirements

Policies that cover the requirements for functionality and auditing of custom code.

-

DRP Disaster Recovery Plan



Corporate document that explains the course of action for a business during a crisis.

-

Information Policies
-

Documentati
on about access to information, confidentiality, storage and destruction of data.

-

Security Policies
-

configuration of systems and networks.

-

Usage Policies
-

Spells out what is acceptable use of company equipment, data and resources. Consequences,
monitoring

and incident handling is also considered.

-

User Management

Policies new user creation and deletion policy. Includes password changes.


RADIUS

(
Remote Authentication Dial In USer Service
)



open standard. Central administration and authentication of
remote
users. Supports auditing and accounting over multiple systems.

-
TACACS+
Terminal Access Controller Access Control System. Accepts credentials from multiple sources to
authenticate

connections.

Risk Identification

-

Asset Identification Places a value on info
rmation

-

Risk
Assessment

Evaluating the
likelihood

of specific threats

-

Threat Identification Identifying specific threats


Security Topologies

-

DMZ Demilitarized Zone


Area for public servers


keeps the local network unavailable to external requesters.

-

Intranet Private internal network

-

Extranet Including external partners in the Intranet Zone

-

Security Zones design system that isolates systems.

-

NAT Network Address Translation

-

VLAN Virtual Local Area Network


segments

the local LAN to
control

access.

-

VPN
Virtual Private Network


Security Types

-

Physical Security items that can be seen, touched or stolen

-

Operational Security of the business’ workflow; access control and authentication.

-

Management And Policies outline what is approved access to resources. Man
agement enforces the corporate policy.


Site Surveys

listening in on a wireless network for data and signal intelligence.

-

Packet Sniffing monitoring data on the wire.

-

Signal analysis and Intelligence capturing and analyzing electronic signals
-

identify and

evaluate a target, track
communication patterns.

-

Footprinting/Fingerprinting Using signal analysis and intelligence to understand a network and its topology, its hosts
and host operating systems. Common tools from Google searches or running nmap against a
n IP range are
examples.

-

Vulnerability Scanning
-
runs a set of queries against a target looking for the signature of a known or unknown
vulnerability in a service or system.


Security Baseline

A level of security that is expected

-

CC

Common Criteria A standard developed by multiple nations. Breaks down into 7 EAL Evaluation Assurance
Levels
-

these range from EAL1 where there are assurances the system operates correctly, security threats are not
serious. The highest level is EAL7, for
extreme levels of security. To
achieve

this level requires testing, measurement
and independent auditing. Commercial systems should have a rating of EAL4. The Common Criteria can be found at

www.commoncri
teriaportal.org
.

-

TCSES
Trusted Computer Systems Evaluation Criteria


the CC’s forefather. Has been replaced.


Password Cracking

Attempting to gain a valid credential given a login prompt. Defense is to use account lockout,
expiring passwords and to protec
t password hashes.

-

Brute Force trying a large amount of character combinations to break a password scheme.

-

Dictionary Attack Attempting to crack a password scheme using wordlists.

-

Guessing The

attacker simply tries to guess a password, either using inside knowledge or commonly used
passwords.


Virus Attack

Malicious code designed to further the attacker’s goals. May be custom written for the target. Antivirus
software is the commonly employed d
efense.

-

Polymorphic Viruses The code can change to avoid signature based detection

-

Stealth Virus Code may attach itself to legitimate code in order to hide

-

Retrovirus Code attacks antivirus defense software

-

Multiparite Virus Code is designed to use multipl
e techniques to cause its havoc

-

Armored Virus Code is designed to stop the removal of the virus by stealth, encryption or obfuscation.

-

Companion Virus Code attaches itself to legitimate applications.

-

Phage Virus


This virus attempts to change other progra
ms.

-

Macro Virus This code is written in Macro programming, common in Microsoft Office
-
like applications.

-

Trojan Horse A malicious program that misrepresents its true intentions, and attempts to trick the user as to its
purpose.

-

Logic Bomb Malicious code th
at executes when a criteria is met, such as a date or a specified action is performed.

-

Worm Self replicating virus


the goal is to propagate.


Social Engineering

The attacker attempts to con the victim into belief. The goal may be to obtain information or

access
to further the attacker’s cause. May occur over the Internet, email, phone or even in person. Almost impossible to defend
against given the salesmanship of the perpetrator. Education of users is the most commonly cited defense strategy for
Social E
ngineering attacks.

-

-
Phishing Type of social engineering that attempts to ruse the target by presenting a false link to a compromised or
bogus login.

-

-
Spearphishing Using a Phishing attack on a very specific target.

-

-
Joe Job Spamming using a forged email
address, that of the target. Spam recipients are fooled by the forgery and
either target or discredit the victim.


Wireless

-

-
802.11 is the wireless standard (Wi
-
Fi) established by the IEEE (Institute of Electrical and Electronics Engineers).
There are thre
e types of common Wi
-
Fi technology in use today, and research and development continuously
improves both bit rate and range.


-

802.11a

Operates in the 5 GHz spectrum, at speeds up to 54 Mbits/s. 802.11a was adopted by corporations
specifically because of it
s better ability to use fewer access points for more users and speed boost was also a factor.
Another factor that helped high
-
end technology adopt the standard was the use of the 5Ghz spectrum, which does not
trip over other devices. 802.11a equipment carr
ied an additional price increase, perhaps because of economies of
scale. It also suffers from a shorter range then the 802.11b standard.


-

802.11b

uses the 2.4 Ghz spectrum. rates range 1 to 11 Mbits/s dependent on range and interference.. Sometimes
interfe
rence is incurred by other devices in consumer environments. This was the first widely available consumer level
wireless technology. Enhanced versions use techniques such as channel bonding and burst transmission to increase
rates, but these are not part o
f the official standard


interoperability between vendors may suffer.


-

802.11g

2.4
-
GHz radio spectrum. Transfer for 11g is rated up to 54 Mbits
/s. 802.11g is the current consumer level
choice because of availability, compatibility with existing 802.11b equipment and price. The range at which 802.11g
equipment can maintain its highest speeds is smaller then 802.11b.


-

When 802.11g and 802.11b clien
ts share a network, 802.11g clients suffer because the two standards use different
types of modulation. 802.11g clients use the same type of modulation as 802.11a clients, OFDM (Orthogonal
Frequency
Di
vision
) Multiplexing. OFDM Breaks data into subsignals
and transmits them simultaneously across
different frequencies. 802.11b clients use DSSS Direct Sequence Spread Spectrum multiplexing. Direct Sequence
Spread Spectrum sends a
separate

high speed transmission contain
in
g the data in addition to the data
-

thi
s allows
reconstruction in case of a disruption.


-

802.11n

Speeds are in the neighborhood of 100 to 540 Mbits/s. Early adopters may pay the price with incompatible
hardware once a standard is ratified. The Pre
-
n is not limited to using the 2.4Ghz range, but

commonly does for cost
considerations. This technology typically uses a multiple path scheme called MIMO (Multiple In Multiple Out) to
increase available bandwidth between clients and an access point. Some Pre
-
n equipment interferes with other
wireless ge
ar, rendering it inoperable in the Pre
-
n unit’s range.


Securing a 802.11x wireless network

-

Use a MAC filter
-

only registered and recognized MAC addresses are allowed to join the network.

-

Don’t broadcast the SSID, after setting it to be something unique.

-

U
se RADIUS for centralized authentication.

-

Set the connection to require the strongest encryption available to both client and access point, with a key unique to
the network.

-

Use a VPN for access over Wi
-
Fi.

-

Use a gateway/firewall between wireless clients a
nd local LAN.


802.11 Encryption

-

WEP Wireless Equivalency Privacy


encryption with shared 40
-
bit or 128
-
bit keys. Very quickly crackable. Supported
by legacy equipment.

-

WPA Wi
-
Fi Protected Access
-

Uses TKIP Temporal Key Integrity Protocol and MIC Message
Integrity Check. TKIP
changes the base key used to encode data after a set number of frames have been sent. As time passes, so does the
key.

-

TSC TKIP Sequence Counter


blocks replay attacks

-

IV
Initialization

Vector


allows key changes.

-

WPA2 802.1x securi
ty and key
-
exchange to strengthen data encryption using AES.


Future Standards

-

RSN Robust Security Network

-

802.11i Uses AES Advanced Encryption Standard and CCMP Counter Mode CBC MAC Protocol. Addresses key
management issues, using a master key to generate

other keys, which are then used by clients.

-

Intrusions & prevention



Backup Technologies

-

Backups should be performed regularly, in accordance with the corporate disaster recovery plan. Popular backup
strategies include:

-

GFS Grandfather
-

monthly tape,
stored offsite. Father weekly tape. Son 4 daily tapes

-

Full Every file is backed up. Archive bit reset
-

offers the fastest restore, at the expense of time required to back up.

-

Incremental Backs up only files that have changed since the most recent Full back

up was done. Resets the archive
bit.

-

Progressive Incremental Assumes all backups, including the first full, are incremental.

-

Differential Backs up any files that are determined to have changed since the performance of the most recent full back
up. Does no
t clear the archive bit.

-

Straight Copy Does not clear archive bit


Server Room Physical Security

-

Secure access to the server room and backup tapes

-

All doors should lock either by key of card, two factor locks if possible.

-

Server rack doors should lock

-

Remo
ve trashcans from the server room (no need for cleaning personnel in there)

-

Access Control limiting access to computing environments, physically or logically.

-

Examples of biometrics include retina scanning, fingerprint reading and palm scanning. Good for t
wo factor
authentication.

-

Man Trap a two door system with a gap space between. May include a window for observation.

-

Physical Barriers Items such as perimeter walls, locking doors, motion detectors and
burglar

alarm systems.


Routing Protocols

-

-
RIP Routing

Information Protocol
-
broadcast, shortest path

-

-
BGP Border Gateway Protocol
-
ISP/intrasystem use, allows groups of routers to share information

-

-
OSPF Open Shortest Path First

-

-
IGRP Cisco’s Interior Gateway Routing Protocol

-

-
EIGRP Cisco’s Enhanced Interior
Gateway Routing Protocol


S
ervices and Ports Used

-

AH, ESP ports 50 and 51

-

DNS Domain Name System 53

-

FTP File Transfer Protocol 20,21

-

HTTP 80

-

HTTPS 443

-

IMAP 143

-

LDAP 389

-

LDAP SSL 636


-

NetBIOS 137,138,139

-

NNTP Network News Transfer Protocol 119

-

POP3 Post
Office Protocol 110

-

SMTP Simple Mail Transfer Protocol 25

-

SNMP Simple Network Management Protocol 160,161

-

SSL Secure Sockets Layer 443

-

TELNET 23

-

TACACS authentication 49

-

SSH Secure Shell 22


Connectivity Terms

-

CGI Common Gateway Interface

-

CO Central
Office

-

CPE Cutomer Premise Equipment

-

L2TP Layer 2 Tunneling Protocol

-

Modem


Modulate Demodulate

-

NIC Network Interface Card

-

NOC Network Operations Center

-

POTS Plain Old Telephone Service

-

PSTN Public Switched Telephone Network

-

PBX Private Branch Exchange

-

RA
S Remote Access Service

RRAS Routing and Remote Access Service


Microsoft

-

SSID Service Set Identifier

-

VNC Virtual Network Computing

-

VoIP Voice Over IP

-

WAP Wireless Access Point (transceiver)

-

WEP Wired Equivalent Privacy

-

VPN Virtual Private Network

-

PPTP Po
int to Point Tunneling Protocol

-

RF Radio Frequency

-

SSH Secure Shell

-

TLS Transport Layer Security



-

IPSec Internet Protocol Security. Used on other tunneling protocols for encryption of both data
&

headers.

Transport
mode only encrypts
data;

tunneling mode gets both the data and headers.

Uses AH Authentication Header and ESP
Encapsulating Security Payload

-

IPSEC IP Security Architecture

-

L2F Layer 2 Forwarding

-

L2F Layer 2 Forwarding


Authenticates, but no encryption. port 1701 on TCP

-

L2TP Laye
r 2 Tunneling Protocol


mix of PPTP and L2F. can be used with TCP and other protocols, therefore can
be used to bridge networks. Information not encrypted. uses port 1701 on UDP.

-

PPP Point to Point Protocol
-
works with a range of connectivity from POTS to

a T1. No data security. Can use CHAP
for authentication. Encapsulates traffic in NCP Network Control Protocol. Authentication provided by LCP Link Control
Protocol

-

PPTP Point to Point Tunneling Protocol


encapsulates and encrypts PPP packets. Uses port 1
723 on TCP.

-

SLIP Serial Line Internet Protocol
-
No security, legacy remote access protocol

-

SSH Secure Shell
-

Encrypted. Can tunnel apps such as telnet ftp ,etc. Port 22 on TCP.


File Systems

-

FAT32
-
File Allocation Table Win 95/98/ME

-

NTFS
-
New Technology Fi
le System. Win NT/2K/XP/03

-

NFS
-
NetWare File System Novell NetWare Specific

-

NSS

-
NetWare Storage Services Novell NetWare Specific version 6 on

-

HFS
-
Hierarchical File

system Unix

-

NFS
-
Network File System
-
Unix can mount remote locations

-

AFS
-
Apple File Shar
ing
-
Uses AppleTalk protocol