Security Plus Cheat Sheet

FTP , DMZ

SSH

SMTP

TACACS

DNS

HTTP

POP3

IMAP4

SNMP

LDAP

HTTPS/SSL

L2TP

PPTP

1-27, 10.0.0.0 255.0.0.0

128-191, 172.16.0.0-172.31.0.0, 255.255.0.0, 65,00

192-223, 192.168.0.0, 255.255.255.0

actions, objects, users

(internet security association and key management protocol)used to negotiate and provide authenticated keying material for security associations in a protected manner

the secure sockets layer protocol has two parts. First, the SSL Handshake protocol establishes the secure channel. Next, the SSL Application data protocol is used to exchange data over the channel. 6 steps in the handshaking process

users public key, the CA distinguished name and the type of symmetric algorithm used for encryption

exchange of hashed values

used w/i a PKI for asymmetric key

requires possession of token

authentication

a public key pair is created and held by the CA

the CA creates a certificate signed by its own digital certificate

the CA publishes the generated certificate

the receiving entity is authorized to use the certificate only for its intended use

If needed a new key pair can be generated and the cert renewed

possible if a verifying key is compromised but the holder is still valid and trusted

Based on the icmp echo reply

smurf like attack based on UDP packets

repeated SYN requests w/o ack

exploits TCP/IP stacks using spoofed SYNS

an attack using overlapping, fragmented UDP packets that cant be reassembled correctly

an attack of port 53 using fragmented UDP packets w/ bogus reassembly information

bonk like attack but on multiple ports

process of making data look like it was from someone else

intercepting traffic between 2 systems and using a third system pretending to be one of the others

key guessing, password guessing, brute force, dictionary attacks

infect systems and spread copies of themselves

disguise malicious code within apparently useful applications

trigger on a particular condition

self replicating forms of other types of malicious code

automatically executes when sent via e-mail

scrambling information so it appears unreadable to the attackers

Hides the existence of data

changing original text into a secret message

changing secret message back to original form

data stored or transmitted without encryption

data to be encrypted

data that has been encrypted

mathematical value entered into the algorithim to produce ciphertext

process for creating a unique digital fingerprint for a set of data

uses secret key possessed by sender and receiver. receiver uses key to decrpy the hash

MD, SHA, Whirlpool, RIPEMD, Password hashes

creates 128 bit hash

has flaws not widely accepted

creates 512 bits

more secure than MD

512 bit hash

two different and parallel chains of computation

used by Microsoft Windows operating systems

takes a character and replaces it with a character. Substitution cipher

Single plaintext character mapped to multiple cipher text character

rearranges letters without changing them

creates a truly random key to combine with the plaintext

works on entire block of plaintext at a time

based on product originally designed in early 1970's. Adopted as a standard by U.S government

Uses three rounds of encryption

symmetric cipher approved by NIST 2000 as replacement for DES

Block cipher operating on 64-bit blocks with key lengths from 32-448 bits

available to everyone and freely distributed

known only to individual to whom it belongs

verifies the sender, prevents sender from disowning the message, Proves message integrity

MIT

users share one elliptic curve and one point on the curve. Uses less computing power, used for mobile and wireless devices

exploits the properties of microscopic objects such as photons.

uses lattice based cyptography

used for files and e-mails on windows systems

runs on windows, unix and linux

cryptography scrambles a message so that it cannot be viewed