Professional Documents
Culture Documents
PORTS
20 and 21 FTP (TCP) (20 is for data, 21 is for
connection/command/control)
22 (TCP) SSH, SCP, and SFTP (all of these are secure/encrypted)
23 Telnet
25 SMTP (TCP) - Outgoing E-mail
49 TACACS/TACACS+ (TCP)
53 DNS (UDP for queries, TCP for zone-transfers)
69 TFTP (UDP)
80 HTTP (TCP)
88 Kerberos
110 POP3 - Incoming E-mail
123 NTP (Network Time Protocol. NTP-UDP-123)
137, 138, 139 NetBIOS (file, folder, and printer sharing)
143 IMAP - also for incoming E-mail
161 SNMP (version 3 is the most secure so use this version if all
possible.)
389 LDAP (non-secure)
443 SSL and HTTPS (TCP) (SSL is used for a secure connection via a
web browser.)
636 Secure LDAP, secured with SSL or TLS
1433 MS-SQL Database
1812 1813 RADIUS (UDP)
3389 RDP (TCP) Remote Desktop
6667 IRC (Internet Relay Chat)
Confidentiality includes:
Encryption
Access Controls
Steganography
Integrity includes:
Hashing
Digital Signatures
Certificates
Non-repudiation
Availability includes:
Redundancy, Load Balancing, Clustering
Fault-tolerance, RAID-1, RAID-5, RAID-6
Patching
Safety includes:
Fencing & Lighting
Locks & CCTV
Escape Plans & Drills
Escape Routes
K-rated fencing (crash-resistant)
1 - Network Security
1. Port Security and 802.1x (port authentication) will only allow
authorized devices to connect to the network. 802.1x can also be
configured to only allow authorized USERS.
2. Port Security only grants access to the network if your MAC
address (Physical/Hardware address) is on the allowed list.
3. A MAC address can be in the format: 24-0A-64-0E-01-21 or
24:0A:64:0E:01:21.
4. PAT allows many internal devices to share one public IP address.
5. WEP and WPA both use RC4 for encryption. WPA is stronger,
however, because it uses TKIP to keep rotating the encryption
key.
6. WEP uses IVs (Initilization Vectors) that are too short to be
secure. An attacker simply needs to replay the same IVs enough
times and then he can deduce the WEP key to connect to the
wireless network.
7. WPA2-CCMP is the best security choice for wireless (even better
than WPA-TKIP). Remember that CCMP = AES.
8. Disable your SSID broadcast if you dont want your wireless
network name to be easily discovered.
9. To ensure your wireless signal does not extend all the way out to
the parking-lot, lower the power level of the WAP.
10.
Isolation mode on an access point will segment each
wireless user from the other wireless users.
11.
Use open authentication for public wireless.
12.
Wireless (or wired) MAC filtering can be circumvented by
spoofing your MAC address to clone a valid MAC.
13.
Perform a wireless site-survey if your wireless network is
dropping packets during certain times of day.
14.
A Yagi is a high-gain directional antenna that uses a narrow
beam to connect WiFi over long distances.
15.
WPS (Wi-Fi Protected Setup) is a feature found on wireless
access points that makes configuring and connecting to a
wireless network quick and easy. You press the WPS button on
the WAP, then connect to it with your wireless device, input the
PIN number, and connect.
16.
The WPS PIN feature has been shown to be weak, as it is
vulnerable to WPS PIN brute-force attacks that would allow an
attacker to connect to your network, and even decipher your
wireless traffic. It is recommended to disable WPS on your WAP if
possible.
17.
If you want to have control over exactly who can have
access to your servers, put them on their own VLAN. Next, create
an ACL to explicitly identify who is allowed to access that VLAN.
6 - Cryptography
1. SSL was a huge achievement in providing worldwide internet
security with the signing of certificates.
2. TLS is a competitor to SSL. It is actually better than SSL.
3. Using a wildcard certificate reduces the certificate management
burden.
4. A single wildcard certificate can be used for many different
devices/computers/web-pages within the same domain.
5. Subject Alternative Name (SAN) certificates can be used with
multiple different domains. For example, one cert can be used to
protect www.mycompany.com and www.mycompany.net. This is
different from a wildcard certificate. A wildcard cert can protect
Acronyms
3DES
Exposure Factor
Encrypting File System
Electromagnetic Interference
Encapsulating Security Payload
File Transfer Protocol
GNU Privacy Guard
Group Policy Object
Global Positioning System
Graphics Processing Unit
Generic Routing Encapsulation
Hard Disk Drive
Host-based Intrusion Detection System
Host-based Intrusion Prevention System
Hashed Message Authentication Code
Hardware Security Module
Hypertext Markup Language
Hypertext Transfer Protocol
Hypertext Transfer Protocol over SSL
Heating, Ventilation, Air Conditioning
Infrastructure as a Service
Internet Control Message Protocol
Identification
Internet Key Exchange
Instant Messaging
Internet Message Access Protocol v4
Internet Protocol
Internet Protocol Security
Internet Relay Chat
Interconnection Security Agreement
Internet Service Provider
Initialization Vector
Key Distribution Center
Layer-2 Tunneling Protocol
Local Area Network Manager
Software as a Service
Security Assertion Markup Language
Supervisory Control And Data Acquisition
Security Content Automation Protocol
Secure Copy Protocol
Small Computer System Interface
Software / System Development Life Cycle
Software Development Life-cycle Methodology
Structured Exception Handling
Secure File Transfer Protocol
Secure Hashing Algorithm
Secure Hypertext Transfer Protocol
Subscriber Identity Module
Session Initiation Protocol
Service Level Agreement
Single Loss Expectancy
Simple Mail Transfer Protocol
Simple Network Management Protocol
Synchronous Optical Network Technologies
Spam over IM
Secure Shell
Service Set Identifier
Secure Socket Layer
Single Sign-On
Shielded Twisted Pair
Terminal Access Controller Access Control System
WIDS
WIPS
WPA
XSRF
XSS
Virtual Machine
Voice over Internet Protocol
Virtual Private Network
Video Teleconferencing
Virtual Teletype Terminal
Web Application Firewall
Wireless Access Point
Wired Equivalent Privacy / Wireless Encryption
Protocol
Wireless Intrusion Detection System
Wireless Intrusion Prevention System
Wi-Fi Protected Access
Cross-Site Request Forgery
Cross-Site Scripting