Security

From Network Security Wiki
Jump to navigation Jump to search

General security related questions are as following:

Basics

  • What is a Zone?
   Paste.png     This section is under construction.
  • What is Screening?
   Paste.png     This section is under construction.
  • What is Syn-Proxy?
   Paste.png     This section is under construction.
  • What is Syn-Cookie?
   Paste.png     This section is under construction.
  • Symmetric vs Asymetric Encryption
A single key is used both to encrypt and decrypt traffic. 
Common symmetric encryption algorithms include DES, 3DES, AES, and RC4. 3DES and AES are commonly used in IPsec and other types of VPNs. 
RC4 has seen wide deployment on wireless networks as the base encryption used by WEP and WPA version 1.
Symmetric encryption algorithms can be extremely fast, and their relatively low complexity allows for easy implementation in hardware. 
They require that all hosts participating in the encryption have already been configured with the secret key through some external means.
Asymmetric encryption differs from symmetric encryption primarily in that two keys are used: one for encryption and one for decryption. 
The most common asymmetric encryption algorithm is RSA.
Imposes a high computational burden, and tends to be much slower. 
Thus, it isn't typically employed to protect payload data. 
Instead, its major strength is its ability to establish a secure channel over a nonsecure medium. 
This is accomplished by the exchange of public keys, which can only be used to encrypt data. 
The complementary private key, which is never shared, is used to decrypt.
Robust encryption solutions such as IPsec implement the strengths of both symmetric and asymmetric encryption. 
First, two endpoints exchange public keys, which allows for the setup of a slow but secure channel. 
Then the two hosts decide on and exchange shared symmetric encryption keys to construct much faster symmetric encryption channels for data.
  • What is a Digital Signature?
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. 
It ensure that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity).
Commonly used for software distribution or financial transactions
Digital signatures employ asymmetric cryptography.

UTM

  • EICAR Standard Antivirus Test File(68 bytes):
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
  • IDS test file:
uid=0(root) gid=0(root) groups=0(root)


GTUBE File

Generic Test for Unsolicited Bulk Email - AntiSpam testing(68 bytes):

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

File:

Subject: Test spam mail (GTUBE)
Message-ID: <GTUBE1.1010101@example.net>
Date: Wed, 23 Jul 2003 23:30:00 +0200
From: Sender <sender@example.net>
To: Recipient <recipient@example.net>
Precedence: junk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

This is the GTUBE, the
	Generic
	Test for
	Unsolicited
	Bulk
	Email

If your spam filter supports it, the GTUBE provides a test by which you
can verify that the filter is installed correctly and is detecting incoming
spam. You can send yourself a test mail containing the following string of
characters (in upper case and with no white spaces and line breaks):

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

You should send this test mail from an account outside of your network.



blog comments powered by Disqus