networking chapter 11
DESCRIPTION
TRANSCRIPT
CompTIA Network+CompTIA Network+in a Nutshellin a Nutshell
Chapter ElevenChapter Eleven
• Discuss the standard methods for securing TCP/IP networks
• Compare TCP/IP security standards • Implement secure TCP/IP applications
ObjectivesObjectives
TCP/IP and SecurityTCP/IP and Security
The “inventors” of TCP/IP did not include any real security
• User names and passwords on FTP, Telnet, etc. do not begin to protect TCP/IP applications
• Today every device with a public IP address on the Internet is targeted
• Data moving between two hosts is intercepted and read
• TCP/IP in its original form does not stop the bad guys
• Making TCP/IP Secure • The four areas of securing TCP/IP A. Encryption -To scramble, mix up, change data
It can be unscrambled by the person receiving it
B. Non-repudiation - Process that guarantees that the data is as originally sent and came from the source you think it came from
C. Authentication -Verifying that whoever accesses the data is the person you want accessing the data/ Classic form: user name and password combination
D. Authorization- Defines what a person accessing the data can do with it
Example: Windows permissions assigned to a user account
• Encryption A. Plaintext and Cleartext
-Two names for same thing Data in easily read or viewed industry-wide standard format -Does not mean that it is just “text”
B. Cipher -series of complex and hard-to-reverse mathematics (an algorithm) -You run the cipher on a string of ones and zeroes to make a new set of ones and zeroes
• Asymmetric-Key Algorithm Standards - Serious drawback to symmetric-key algorithms- Anyone who has the key can encrypt or decrypt data - Forces us to somehow send the key to the other
person • Asymmetric-key algorithms developed as a method
for the encryptor to safely send a key to the decryptor
• 3. Use two different keys (a key pair)
• Secure TCP/IP Applications A. The applications that use the above standards
and tools B. HTTPS [Introduced in Chapter 9] - HTTPS documents page addresses begin with
https:// -Most browsers also show a lock icon somewhere - HTTPS uses SSL/TLS for authentication/encryption