Exam 2 Flashcards
(28 cards)
SYN FLOOD solutions
micro blocks, bandwidth throttling, SYN cookies, RST cookies, stack tweaking, stateful packet inspection firewall
micro blocks
minimize requests
bandwidth throttling
limit from same IP
SYN cookies
not kept in memory
RST cookies
legit users TRY AGAIN
Stack Tweaking
shorten time in buffer
stateful packet inspection firewall
packet CONTEXT and CONTENT
HTTP
content transferred slowly
Network Host-Based Firewall
software based solution that runs on top of OS
Dual-Homed Host
DMZ
Router-base firewall
inspect/control traffic;easy
Screened Host
Bastion Host and Screened Host
network address translation
masks internal IP; supersedes proxy servers
preemptive blocking
detects intrusions through foot printing but can block legitimate traffic
infiltration
goes into hacker world
intrusion deflection
honey pot
intrusion deterrence
not worth it
anomaly detection
normal use is logged
- threshold monitoring
- resource profiling
- user/group work profiling
- executable profiling
Specter
software honeypot solution
- open
- secure
- failing
- strange
- aggressive
historic types of encryption
- single alphabet substitution
- multi-alphabet substitution
- rail fence
- Vigenère
- enigma
- binary operations
symmetric encryption
one key
- DES (data encryption standard)
–> blowfish
–> AES (advanced encryption standard)
–> IDEA (international data encryption algorithm)
–> serpent
–> twofish
key stretching
making key stronger and longer
- password-based key derivation function 2
- bcrypt
pseudo-random number generator (PRNG)
makes cipher keys for symmetric encryption
- uncorrelated sequences
- long period
- uniformity
public key encryption
public key to encrypt, private key to decrypt
- RSA (rivest, shamir, and adleman)
