InfoSec Europe 2009
It was a pleasure attending InfoSec Europe 2009, this year as a guest and not having to man a booth. 1) Dan Kaminsky Inducted to the Infosec Hall of fame
News
Rootkits & Web Application Security
Hi All, I’ve complied a list of interesting articles and tools you might be interested in checking out. I’ve added some web application testing software as well as Dictionary Files
M14
Few important links and information The free version of netstalker is now in the lab. Webgoat is a vunerable server created and maintained by OWASP, it contains the latest vunerabilites,
Risk Assessment
Risk assessment, “Assess The harm that is likely to result from a significant breach of information security and its potential consequences on significant breaches, and the realistic likelihood of a
SSL/TLS
SSL/TLS: is an application independent layer that works between the app and transport layers of the TCP/IP stack SSL/TLS can provide. 1) Authentication of the server to the client from
SSH
SSH: Secure Shell is a low level secure protocol. Its meant to replace telnet, rlogin, rsh and rcp also ssh2 as a replacement for ftp:sftp. It encrypts passwords and other
IPSEC
IPSEC: with IPsec you can provide privacy integrity and authenticity for network traffic in the following situations 1) End t end security for IP unicast traffic using IPsec trasport mode
L2TP
L2TP: L2TP encapsulates PPP frames to be sent over IP, X.25, frame relay or ATM. Its widely implemented by IEFTF (port UDP 1701). It takes advantage of IPsec and encapsulates
PPTP
PPTP: when a PC is connected to the internet a control connection (tunnel) to the server using TCP is established working with PPP Characteristics of PPTP 1) It’s a layer
VPN
VPN: is a secure connection between remote computer and a server on a private network that uses the internet as its medium by having the network permeantly connected to the
CHAP
Challenge Hand Shake Authentication Protocol is used when a remote client needs to authenticate himself to a network server, or for 2 routers to begin a point-to-point protocol (PPP) session.
Authentication Mechanisms
PAP = Cleartext SPAP = Shiva incorporates a reversible encryption mechanism Chap = 3-way hand shake MD5 MS-Chap = MS network domain lgin MD4 hashed password challenge string, session ID
RADIUS
RADIUS: Provide AAA = Authentication Authorization and Accounting services for remote access server. The separation of a remote access server and a RADIUS (USER authentication server) Allows: The RADIUS Client
TACACS/+
TACACS/+ Provides a way to centrally validate users attempting to gain access to a router or access server. TACAS+ provides a standard Method for managing dissimilar network access servers (NAS)
DOS/DDOS
DOS/DDOS: They are attacks that consume or disable resources in an attempt to hinder or disrupt some operation or function. There are two types: 1. Flaw exploitation attacks. 2. Flooding
Factors of Authentication
1. Something a user knows. 2. Something a user has. 3. Something a user is.
Certificates
Certificates provide the third party trust in a mutual authentication scheme. It is a block of data containing information used to identify a user. This information includes: 1. Users public
Mutual Authentication
Mutual Authentication is when the user and service validate each other. Kerberos allows this (client becomes validated to service, and vice versa). A Certificate Authority trusted third party could also
Kerberos Authentication
Kerberos Authentication: Kerberos is a network authentication protocol that provides strong authentication for client/server applications by using symmetric key cryptography. When a user signs onto the local OS, a local
Access Control
MAC/DAC/RBAC • Discretionary Access Control (DAC): The owner of an object manages access control at his own discretion enforced through ACL’s • Mandatory Access Control (MAC): Access to an object