Monday, 20 June 2011

CISSP CBK 4 Telecom and Network security

Forth domain as under.

Telecom and Network security

Quarter Inch Cartridge drives (QIC). This format is mostly used for home/small office backups, has a small capacity, and is slow, but inexpensive.

Digital Linear Tape (DLT) is only 0.498 inches (8mm Tape format) in size, yet the compression techniques and head scanning process make it a large capacity and fast tape the QIC and DAT 5Mbps. Digital Audio Tape (DAT)

LTO (Linear Tape-Open) open-format technology and storage in TB

Application: Gateway

Presentation: encryption, compression, formating



Network: Router

Datalink: Bridge, Switch

Physical: Repeater

Amplitude (height of the signal)

Frequency (number of waves in a defined period of time)

Digital signals are more reliable to be used over a longer distance because can easily be extracted from noise and retransmitted and it has only two possible discrete values 1 and 0

ASynchronous communication sender can send data at any time, and the receiving end must always be ready. (Modem use start and stop bit Asynchronous)

Synchronous communication takes place between two devices that are synchronized usually via a clocking mechanism (Remember synchronous Token was time based access control)

Baseband uses the entire communication channel for its transmission, Ethernet is a baseband technology that uses the entire wire for just one channel.

Broadband divides the communication channel into individual and independent channels.

***Important to note that node authentication, by itself, should not be used to establish trustworthiness of a user within the network.

Fast Ethernet uses the traditional CSMA/CD

wireless LAN technology, 802.11, usesCSMA/CA for its media access functionality.

Token Ring IEEE 802.5 standard. Each computer is connected to a central hub, called a Multistation Access Unit (MAU) 16 Mbps Speed

UTP Categories Cat 1 voice grade Cat 2 Data 4 Mbps Cat 3 10 Mbps for Token ring Cat 4 16 Mbps Cat 5 100 Mbps and Cat 5E 1 Gbp.

Polling LAN media access method setup primary and secondary station primary ask secodary if it need to transmit.

MAC to IP address ARP


Attackers alter a system’s ARP table so it contains incorrect information known ARP table poisoning. The attacker’s goal is to receive packets intended for another computer. This is a type of masquerading attack

Wires are encapsulated within pressurized conduits so if someone attempts to access a wire, the pressure of the conduit will change, causing an alarm to sound.

Class D multicast uses IGMP protocol.

DHCP Discover, client searches for the present DHCP Server

DHCP Offer, Server offer a client an available IP address

DHCP Request, Client Confirms accepting allocated setting

DHCP Pack. ack that ip address has been allocated with lease time.

DHCP snooping ensures that DHCP servers can assign IP addresses to only selected systems, identified by their MAC addresses

RARP The diskless machine hold mac adress it broadcast the information for a specific hardware address and RARP Server reponds with IP address

RARP evolved into BOOTP, which evolved into DHCP.

ARP knows the IP address and broadcasts to find the matching hardware address, the MAC address. RARP knows the hardware address and broadcasts to find the IP address

Loki attack ICMP status packet is stuffed with data as well

Routers usually do not pass broadcast information, but bridges do pass broadcast information

e-mail gateway convert the message into a standard that all mail servers understand X.400

phreaker (a phone hacker)

Types of Firewalls

1. Packet filtering simple ACL based (Network Layer)

2. Stateful keep track of every connection state and maintain state table. (Transport Layer 3rd Generation)

3. Proxy 2nd generation firewall, it had 2 types

3.1 application-level (layer 7 make decision on contents of packet) does not understand a certain protocol

3.2 circuit-level Proxy firewalls (session Layer) SOCKS is a circuit-level proxy gateway

4. Dynamic packet filtering 4th Generation firewall, once inside system decide to communicate firewall creates an ACL that allows the external entity to communicate with the internal system via this high port

5. Kernel proxy 5th generation FW uses stacking for packet inspection,.(Application Layer)

Three main FW architecture

• Screened host

• Dual-home

• Screened subnet

legal honeypot Enticement system indicating that free Songs are available to download on the honeypot system is entrapment, because this sets up the user to access the honeypot for reasons other than the intent to harm

DNS Hierarical structure 1992 the National Science Foundation (NSF)

authoritative root DNS server contained 13 files one for each root server.

DNS namespaces are split up administratively into zones and record are called Resource Record

It is recomended to have two DNS servers Primary and secondary and zones are shared via zone transfer.

cyber squatters, individualswho register prominent or established names, hoping to sell these later

Protocol field values TCP 6, UDP 17, ICMP 1, IGMP 2

Diverse routing is a method of providing telecommunication continuity that involves routing traffic through split or duplicate cable facilities. Alternative routing is accomplished via alternative media such as copper cable or wire optics

Transport layer is responsible for reliable data delivery , Congestion Control

IEEE 802.5 standard defines the token ring media access method.

802.3 refers to Ethernet's CSMA/CD,

802.11 refers to wireless communications and

802.2 refers to the logical link control.

NFS allow Different types of file systems to interoperate.

FRDS+ (Failure Resistant Disk System Plus).

The physical layer (layer 1) defines the X.24, V.35, X.21 and HSSI standard interfaces.

Circuit level proxy (Session Layer) does not anayze the application content of the packet in making its decisions, it has lower overhead than an application level proxy

Internet Message Access Protocol, version 4 (IMAP4) as an Internet protocol by which a client workstation can dynamically access a mailbox on a server host to manipulate and retrieve mail messages that the server has received and is holding for the client. IMAP4 has mechanisms for optionally authenticating a client to a server and providing other security services

TLS = (TLS) Handshake Protocol + TLS Record Protocol

Digital Signal level 1 (DS-1) is the framing specification used for transmitting digital signals at 1.544 Mbps on a T1 facility. DS-0 is the framing specification used in transmitting digital signals over a single 64 Kbps channel over a T1 facility. DS-3 is the framing specification used for transmitting digital signals at 44.736 Mbps on a T3 facility.

The Point-to-Point Protocol (PPP) was designed to support multiple network types over the same serial link SLIP only support IP over serial network

A Failure Resistant Disk System provides the ability to reconstruct the contents of a failed disk onto a replacement disk and provides the added protection against data loss due to the failure of many hardware parts of the server.

Data Link layer of the OSI/ISO model provides SLIP, CSLIP and PPP protocol.

DOD Application Layer contains protocols that implement user-level functions, such as mail delivery, file transfer and remote login.

DOD Host-to-Host Layer handles connection rendez vous, flow control, retransmission of lost data, and other generic data flow management between hosts. The mutually exclusive TCP and UDP protocols are this layer's most important members.

DOD Internet Layer is responsible for delivering data across a series of different physical networks that interconnect a source and destination machine. Routing protocols are most closely associated with this layer, as is the IP Protocol, the Internet's fundamental protocol.

DOD Network Access Layer is responsible for delivering data over the particular hardware media in use. Different protocols are selected from this layer, depending on the type of physical network

A differential backup is a partial backup that copies a selected file to tape only if the archive bit for that file is turned on, indicating that it has changed since the last full backup. A differential backup leaves the archive bits unchanged on the files it copies.

A full copy backup (which Microsoft calls a copy backup) is identical to a full backup except for the last step. The full backup finishes by turning off the archive bit on all files that have been backed up. The full copy backup instead leaves the archive bits unchanged.

Structured Query Language (SQL), implemented at the session layer (layer 5)

The Secure Electronic Transaction (SET) protocol requires two pair of asymmetric keys and two digital certificates.(Application Layer)

Hierarchical Storage Management (HSM) is commonly employed in very large data retrieval systems

Write-once, read-many (WORM) optical disk "jukeboxes" are used for archiving data that does not change.

Secure HTTP (S-HTTP) is designed to send individual messages securely. SSL is designed to establish a secure connection between two computers. SET was originated by VISA and MasterCard as an Internet credit card protocol using digital signature

Secure HTTP (S-HTTP), which operates at the application layer. S-HTTP is being overtaken by SSL and TLS works on transport layer#

X.400 is used in e-mail as a message handling protocol. X.500 is used in directory services. X.509 is used in digital certificates and X.800 is used a network security standard

An open network architecture is one that no vendor owns

intranet, a “private” network that uses Internet technologies.

extranet extends outside the bounds of the company’s network to enable two or more companies.

MAN Connects LAN, MANs are Synchronous Optical Networks (SONETs) or FDDI rings

SONET self HEaling network

ATM encapsulates data in fixed cells 53 bytes

T3 = 28 T1

T2 = 4 T1

T4 = 168 T1

T1 1.544 Mbps

T3 44.736 Mbps

OC1 51.84 Mbps

Statistical time-division multiplexing (STDM) determines in real time how much time each device should be allocated for data transmission

Frequency division Multiplexing: in available wireless spectrum Each frequency within the spectrum is used as a channel to move data

CSU/DSU provides a digital interface for Data Terminal Equipment (DTE), such as terminals, multiplexers, or routers, and an interface to the Data Circuit-Terminating Equipment (DCE) device,

circuit Switching Dedicated virtual link.

Packet Switching one connection can pass through a number of different individual devices.X.25 , framerelay

DTE is usually a customer-owned device

DCE is the service provider’s device

Switched Multimegabit Data Service (SMDS) is a high-speed packetswitched technology

Synchronous Data Link Control (SDLC) Dedicated leased lines IBM 1970

High-level Data Link Control (HDLC) protocol is also a bit-oriented link layer protocol used for transmission over synchronous lines (time based)

HDLC is extention of SDLC

High-Speed Serial Interface (HSSI) is an interface used to connect multiplexers and

routers to high-speed communications services

SIP is an application layer protocol that can work over TCP or UDP

isochronous network contains the necessary protocols and devices that guarantee continuous bandwidth without interruption.

voice stream is carried on media protocols such as the Real-time Transport Protocol (RTP).

User Agent Client (UAC) IPhone, SIP Phone

User Agent Server (UAS) SIP Server

New spam for VOIP = SPIT (Spam over Internet Telephony).

WEP only provide system authentication however 802.1X provides User authentication.

supplicant (wireless device),

authenticator (AP),

Authentication server (usually a RADIUS server).

EAP allows for mutual authentication to take place between the authentication server and wireless device and provide flexibility.

802.11i does not specify particular authentication protocols Cisco uses a purely password-based authentication framework called Lightweight Extensible Authentication Protocol (LEAP). Other vendors, including Microsoft, use EAP and Transport Layer Security (EAP-TLS), which carries out authentication through digital certificates. And yet another choice is Protective EAP (PEAP), where only the server uses a digital certificate

WEP Problems

1. static WEP encryption keys on all devices (every one have same pasword in company)

2. how initialization vectors (IVs) + RC4 are used that are XOR with packet to produce cipher text (IV value is used over and over again)

3. integrity assurance issue ICV Integrity check value

802.15 Bluetooth 1 to 3 Mbps 2.4 GHz Bluejacking is a type of attach some one send message to avoid setup ur blouetooth device undiscoverable.range is 10 Meter

For WAP transport layer security protocol called Wireless Transport Layer Security (WTLS) When WTLS data come for Internet service provider have to decrypt and encrypt it back in TLS And SSL so it is in plain taxt for a second whihc is called gap in the WAP

WAP uses an XML-compliant Wireless Markup Language (WML

Imode is same as WAP but target entertainment market , i-Mode works with a slimmed-down version of HTML called compact HTML

“log scrubbers” that remove traces of the attacker’s activities from the system logs

First generation firewall" packet filtering firewalls

"Second generation firewall" Proxy based firewalls. Under proxy based firewall you have Application Level Proxy and also the Circuit-level proxy firewall. The application level proxy is very smart and understand the inner structure of the protocol itself. The Circuit-Level Proxy is a generic proxy that allow you to proxy protocols for which you do not have an Application Level Proxy. This is better than allowing a direct connection to the net. Today a great example of this would be the SOCKS protocol.

"Third generation firewall" Stateful Inspection firewall. This type of firewall makes use of a state table to maintain the context of connections being established.

"Fourth generation firewall" dynamic packet filtering firewall

WAP Stack

Wireless Markup Language (WML)

Wireless Application Environment (WAE)

Wireless Transport Layer Security Protocol (WTLS)

Wireless Application Environment (WAE)

Wireless Session Layer (WSL)

Wireless Transport Layer (WTL)

TCP Wrapper is a program that monitors incomming packets. It is considered open source. TCP Wrappers can be used to control when UDP servers start, but it has no other control over the server once it is started. UDP servers may continue to run after they've finished processing a legitimate request.

Again PPTP operates at Layer 2 of the OSI model.

High-rate Digital Subscriber Line (HDSL) delivers 1.544 Mbps of bandwidth each way over two copper twisted pairs.

SDSL also delivers 1.544 Mbps but over a single copper twisted pair.

IPSec Transport mode is established when the enpoint is a host

10Base2, also known as RG58, or thinnet, is limited to 185 meters. 10Base5, also known as RG8/RG11 or thicknet, is limited to 500 meters

Failure Resistand Disk System (FRDS) is that it enables the continuous monitoring of these parts and the alerting of their failure.

AH (51) provides integrity, authentication, and non-repudiation. Security Associations (SAs) can be combined into bundles to provide authentication, confidentialility and layered communication.

The Well Known Ports are those from 0 through 1023.

The Registered Ports are those from 1024 through 49151.

The Dynamic and/or Private Ports are those from 49152 through 65535.

There are six basic security services defined by the OSI:

Authentication, access control, data confidentiality, data integrity, nonrepudiation and logging and monitoring.

POP 110

Post Office Protocol (POP2) 109

Network News Transfer Protocol 119

NetBIOS 139

The TRANSPORT LAYER establish logical connection between the END POINTS of an internetwork, that is, the originating host and the destination host.

The Land attack involves the perpetrator sending spoofed packet(s) with the SYN flag set to the victim's machine on any open port that is listening

The Boink attack, involves the perpetrator sending corrupt UDP packets to the host. It however allows the attacker to attack multiple ports where Bonk was mainly directed to port 53 (DNS

No comments:

Post a Comment