11 configuring tcp/ip addressing and security chapter 11
TRANSCRIPT
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 2
OVERVIEW
Understand IP addressing
Manage IP subnetting and subnet masks
Understand IP security terminology
Manage Internet security features of Windows XP
Configure and troubleshoot Windows Firewall
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 8
PROBLEMS WITH CLASSFUL ADDRESSES
Wasted addresses
Shortage of address blocks
Excessive routing table entries
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 12
SECURING IP COMMUNICATIONS
Internet threats
Protective technologies
Configuring and managing Windows Firewall
Monitoring Internet communications security
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 13
INTERNET THREATS
Viruses (the oldest threat)
Worms (the most persistent threat)
Trojan horses
Spyware
Zombies
Direct hacking
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 14
VIRUSES
Take advantage of gullible users
Infect document, graphics, andexecutable files
Often include mass-mailing components
Can carry destructive payloads
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 15
WORMS
Self-replicating
Network-aware
Use bugs in programs or systems to spread
Can carry viruses or other payloads
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 16
TROJAN HORSES
Usually e-mailed or downloaded
Appear to be a useful program or game
Carry payload or back door application
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 17
SPYWARE
Has attributes of Trojan horses or worms
Spies on its victim
Might transmit marketing data or transmit personal data to the spyware author
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 18
ZOMBIES
Payload of worm or Trojan horse
Remotely controlled to attack network targets
Participate in large-scale assaults on public Web sites
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 19
DIRECT HACKING
Relatively low incidence
Hardest form of attack to defeat
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 20
PROTECTIVE TECHNOLOGIES
Security Center
Windows Firewall
Internet Connection Sharing (ICS)
Third-party utilities
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 22
FIREWALL TERMINOLOGY
Packet filtering
Stateful packet filtering
Exceptions (packet filter rules)
Allowed traffic
Rejected traffic
Logging
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 26
MONITORING INTERNET SECURITY
Windows Firewall monitoring
Service logs
Event logs
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 30
SUMMARY
IP addresses are 32-bit binary addresses.
The network portion of IP addresses determines location.
CIDR allows creation of custom netblocks.
CIDR permits use of variable-length subnet masks.
Windows Firewall blocks unauthorized packets.
Windows Firewall exceptions allow specified traffic to pass through the firewall.
Alerts and logs warn of attempted attacks.