differs from a DMZ - it is made available to authenticated connections - where DMZ hosts publicly available resources that support unauthenticated connections.
Dynamic Host Configuration Protocol - automatically assigns IP addresses to workstations
replaces normal DHCP messages with authenticated ones.
Internet Control Message Protocol - exchange of control messages between hosts and gateways and is used for diagnostic tools such as ping and traceroute - can be leveraged for man-in-the-middle and denial-of-service attacks.
ping of death
An enormous number of operating systems would crash or become unstable upon receiving an ICMP eco greater than the legal packet limit of 65,536.
Internet Group Management Protocol - manages multicasting groups. Version 1 - periodically sends queries to hosts, Version 2 - two types of queries: general and group-specific. Version 3 - specifies sources
Routing Information Protocol - dynamic routing designed for small networks - uses number of hops for best route less than or equal to 15 hops. cannot be used in a network with different subnet masks, exchange entire route table every 30 seconds, can't verify trustworthiness. Version 2 - allowed different subnet masks and RFC 2082 MD5 authentication.
Virtual Router Redundancy Protocol - supports automatic failover - appears as a physical router.
Domain named services - supports use and resolution of e-mail and WWW addresses. Prominent target of attacks. Port 53. RFC 882,1034, 1035
Lightweight Directory Access Protocol - manages user information loosely based on X.500, front end. Uses backends like NIS, Active Directory, Java System directory. Weak authentication based on host name resolution. Port 389, RFC 1777. Clear text - easily intercepted. Deployment over SSL provides authentication, integrity, confidentiality.
Network Basic Input Output System. Ports 137 and 138 (TCP) and 139 (UDP). 135 for remote procedure calls.
NIS and NIS +
network information service- manages user credentials
common internet file system/ server message block - user level and tree level security - Windows
Network file system - file sharing UNIX
Simple Mail Transfer Protocol & Enhanced Simple Mail Transfer Protocol - used to route email, Port 25/TCP managed thru DNS using mail exchange records - robust, nonexistent authentication and lock of encryption. Enhanced version offers authentication mechanisms
File Transfer Protocol - publishing data over the Internet, Port 20 - data, Port 21 - control, RFC 959. Original clear text simple authentication. Secure FTP with TLS encrypts session RFC 4217; SFTP - not FTP but uses secure shell to transfer files - encrypts both commands and data
Hypertext Transfer Protocol - Port 80 RFC 1945, 2109, 2616 - supports exchange of information in HTML - does not support encryption and fairly simple authentication.
Supervisory Control Data Acquisition - systems designed to operate with several different communication methods including modems, WANS and various networking equipment.
Dual Homed Host
has two network interface cards - each on a separate network
serves as a gateway between a trusted and untrusted network - central host to resist attack
all connected devices will receive each other's broadcasts; single point of failure
Layer 2 devices filter traffic based on MAC addresses. IEEE 802.11
read destination Layer 3 addresses
Cat 1 less than 1Mbps Cat 2 less than 4 Mbps Cat 3 16 Mbps Cat 4 20Mbps Cat 5 100 Mbps Cat 5e 1000 Mbps Cat 6 1000 Mbps Shielded and Unshielded - copper wires twisted together UTP does not require fixed spacing
one thick conductor surrounded by a grounding braid of wire in a protective sheath - greater bandwidth and longer cable lengths, expensive and difficult to bend. Requires fixed spacing
devices are connected to a patch panel instead of directly connecting to other devices
Direct-Sequence Spread Spectrum - wireless technology spreads signal over a wider band
Frequency-Hopping Spread Spectrum spreads signal over rapidly changing frequencies
Code Division Multiple Access - wireless mostly used for cellular technology. CDMA 200 - Rate of 153.6 Mbps.
Global Service for Mobile Communications most popular cellular technology