Ch12: Network Security
Pretty Good Privacy (PGP)
Encryption software that can be used for creating secure email messages and encryption of other types of data files
Another means of securing communications is a firewall, a system or combination of systems that supports an access control policy between two networks. Firewalls come in three basic types
(1) packet filters, which examine all incoming and outgoing transmissions and filter out those transmissions that have been deemed illegal; (2) proxy servers, which are computers running at the entrance to a computer network and acting as gatekeepers into the corporate network; and (3) application-based firewalls that follow application-level packets into and out of a site.
Vigenere cipher
Possibly the earliest example of a polyalphabetic cipher, created by Blaise de Vigenere in 1586
pharming
a Web-based attack in which a user seeking to visit a particular company's Web site is unknowingly redirected to a bogus Web site that looks exactly like that company's official Web site
phishing
a Web-based attack that involves sending the victim an email that is designed to look like a legitimate request coming from a well-known company, and thereby lure the victim into revealing private information
surveillance
a common security measure used to monitor key locations to deter vandalism and theft by using video cameras and intrusion detection
Data encryption Standard (DES)
a commonly employed encryption method used by businesses to send and receive secure transactions
proxy server
a computer running proxy server software that acts as the "rare books librarian" into a corporate network; a proxy server can accept or reject access into a network
Trojan horse
a destructive piece of code that hides inside a harmless-looking piece of code, such as an email message or an application macro
monoalphabetic substitution-based cipher
a fairly simple encryption technique that replaces a character or group of characters with a different character or group of characters
application layer firewall
a firewall that accepts or denies access to a network based upon the application layer of the packet
ping storm
a form of attack in which the Internet ping program is used to send a flood of packets to a server to make the server inoperable
symmetric encryption
a form of encryption in which the same key is used to encode and decode the dat; often called private key encryption
spread spectrum technology
a high-security transmission technique that instead of transmitting the signal on one fixed frequency bounces the signal around on a seemingly random set of frequencies
certificate revocation list (CRL)
a list of certificates that have been revoked either before or on their originally scheduled expiration date
email bombing
a malicious hacking technique in which a user sends an excessive amount of unwanted email to someone
denial-of-service attacks
a malicious hacking technique that bombards a computer site with so many messages that the site is incapable of performing its normal duties
frequency hopping spread spectrum
a modulation technique in which data is transmitted over seemingly random frequencies in order to hide the transmissions from the enemy
war drivers
a person who tries to pick up someone else's wireless LAN signals
computer auditing
a process in which a software program monitors every transaction within a system
rootkit
a program, often malicious, that is stored deep within a user's operating system and is capable of redirecting user requests and performing errant operations
keylogger
a program, often malicious, that records each keystroke a user makes on a keyboard at a computer workstation
packet filter
a router that has been programmed to filter out certain IP addresses or TCP port numbers, or allow them to pass
IPSec
a set of protocols, created by the Internet Engineering Task Force, that can provide for secure transmission using the Internet Protocol (IP)
Wi-Fi Protected Access (WPA)
a set of security standards used to protect wireless LAN transmissions that is an improvement over Wired Equivalency Protocol (WEP) in that it provides dynamic key encryption (although it, too, uses a 40-bit key) and mutual authentication for wireless clients
virus
a small program that alters the way a computer operates without the knowledge of the computer's users, and often does various types of damage by deleting and corrupting data and program files, or altering operating system components so that the computer operation is impaired or even halted
worm
a special type of virus that copies itself from one system to another over a network, without the assistance of a human being
IEEE 802.11i (WPA2)
a standard created by IEEE to support security in wireless local area networks
firewall
a system or combination of systems that supports an access control policy between two networks
spoofing
a technique (commonly used by hackers) in which the data sender's identity is disguised, as in the case of an email message that has a return address of someone other than the person sending the email. A modem can also perform spoofing by mimicking older protocols that are rarely used today
digital signature
a technology that uses public key cryptography to assign to a document a code for which only the creator of the document has the key
triple-DES
a temporary solution for the shortcomings of DES security (which has now been replaced with AES) in which data is encrypted using DES three times; in many cases, the first time by the first key, the second time by a second key, and the third time by the first key again
honeypot
a trap that is set by network personnel in order to detect unauthorized use of a network resource
public key cryptography
a two-key system in which one key encrypts the plaintext and another key decrypts the ciphertext
mobile malicious code
a virus or worm that is designed to get transported over the Internet
malware
an abbreviation for malicious software; any type of software code or transaction whose purpose is to interfere with (to the point of rendering useless) the operation of a host computer
Secure Sockets Layer (SSL)
an additional layer of software added between the application layer and the transport (TCP) layer that creates a secure connection between the sender and the receiver
signature-based scanning
an antivirus technique that works by recognizing the unique pattern of a virus
socially engineered attack
an attack that uses malicious software that tries to trick a user into giving up confidential information or clicking on a link, which might result in dangerous software downloaded to the user's computer
Kerberos
an authentication protocol that uses secret key cryptography and is designed to work on client/server networks
certificate
an electronic document, similar to a passport, that establishes your credentials when you are performing transactions on the World Wide Web
direct sequence spread spectrum
an encoding technique that converts a binary 0 or 1 to a larger sequence of 0s and 1s
transposition-based cipher
an encryption technique in which the order of the plaintext is not preserved, as it is in substitution-based ciphers
asymmetric encryption
an encryption technique in which two keys are used: one to encrypt and one to decrypt; often known as public key cryptography
Advanced Encryption Standard (AES)
an encryption technique selected by the US government to replace the aging Data Encryption Standard (DES). AES is based on the Rijndael algorithm and uses 128-.192-. or 256-bit keys
Transport Layer Security (TLS)
an updated version of Secure Sockets Layer (SSL)
terminate-and-stay-resident monitoring
antivirus software that is activated and then runs in the background while users perform other computing tasks
plaintext
data before any encryption has been performed
botnet
malicious programs that take over operations on a compromised computer
HTTPS (Hypertext Transfer Protocol Secure)
not really a single protocol but a collection of protocols that offer a secure connection over a network; in particular creating a secure Internet connection
Public key cryptography uses two keys
one key to encode messages and a second key to decode messages. HTTPS (Hypertext Transfer Protocol Secure) incorporates the Secure Sockets Layer/Transfer Layer Security, a form of public key cryptography, which is used to encrypt data that travels back and forth between Web servers and WEb browsers.
access rights
permissions assigned to a file or device; determine how a user or group of users may access the file or device
biometric techniques
security techniques that use parts of the body, such as fingerprints or iris prints, for verification
In order to secure communications, network administrators and users must be aware of standard computer attacks and viruses that can damage computer systems. They must also be aware of software and hardware that can help to protect a system and its users from computer attacks and viruses. Virus scanners have three basic forms
signature-based scanning, terminate-and-stay-resident monitoring, and integrity checking.
polyalphabetic substitution-based cipher
similar to the monoalphabetic cipher, except that it uses multiple alphabetic strings to encode the plaintext rather than one alphabetic string
intrusion detection
the ability to electronically monitor data flow and system request into and out of a system
public key infrastructure (PKI)
the combination of encryption techniques, software, and services that involves all the necessary pieces to support digital certificates, certificate authorities, and public-key generation, storage, and management
encryption algorithm
the computer program that converts plaintext into an enciphered form
ciphertext
the data after the encryption algorithm has been applied
Wired Equivalency Protocol (WEP)
the first security protocol used to encrypt wireless LAN transmissions; it uses 40-bit-long encryption keys that are static (as opposed to dynamic). Due to the existence of a number of weaknesses, WEP is being replaced
password
the most common form of protection from unauthorized use of a computer system; often a string of letters, numbers, and symbols
smurfing
the name of an automated program that attacks a network by exploiting Internet Protocol (IP) broadcast addressing and other aspects of Internet operation
integrity checking
the process by which a firewall observes transactions and their characteristics for irregularities
certificate authority (CA)
the specialized software issued by a trusted third-party organization or business that issues and manages certificates
cryptography
the study of creating and using encryption and decryption techniques
steganography
the technology of hiding data within another unrelated document
key
the unique piece of information that is used to create ciphertext and then decrypt the ciphertext back into plaintext