SlideShare uma empresa Scribd logo

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

•Transferir como PPT, PDF•
•
Eric Vanderburg
Eric Vanderburg

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

Tecnologia
1 de 30
Information Security Chapter 5 Securing the Network Infrastructure Information Security Š 2006 Eric Vanderburg
Cabling • Cable Plant – Network infrastructure • Cable Characteristics – – – – – – – – – Bandwidth Rating Max Segment Length Segments per network Devices per segment Interference Susceptibility (EMI & RFI) Connection Hardware Cable Grade (PVC or Plenum Grade Teflon) Bend radius Cost (Material, Installation, & Maintenance) Information Security © 2006 Eric Vanderburg
Coaxial Cable (Coax) • Thicknet (10base5) – – – – ½ inch thick RG-11 or RG-8 Vampire tap AUI (Attachment Unit Interface) - 15 pin DB-15 • Thinnet (10base2) – BNC (British Naval Connector) – 50 ohms impedance – RG-58 • Coax for Broadband (RG-59, 75 Ohm) Information Security © 2006 Eric Vanderburg
Twisted Pair • Twists reduce crosstalk • UTP (Unshielded Twisted Pair) 10baseT • STP (Shielded Twisted Pair) – Foil wrapped around wires • Phone line (RJ-11) • TP Network cable (RJ-45) • 100 Meter max length Information Security © 2006 Eric Vanderburg
Twisted Pair Categories • • • • • • • • Cat1 – voice only, before 1982 Cat2 – 4 wires, 4Mbps Cat3 – 4 wires, 10Mbps, 3 twists/foot Cat4 – 8 wires, 16Mbps Cat5 – 8 wires, 100Mbps Cat5e – 8 wires, 1Gbps, full-duplex, 100MHz* Cat6 – 8 wires, 1Gbps, 250MHz*, larger, more sensitive Cat7 – 8 wires, shielded, 1Gbps, 600MHz*, individually shielded pairs • *Easier to detect defects with higher frequencies Information Security © 2006 Eric Vanderburg
Fiber Optic • • • • • • • • • Signal sent by light No eavesdropping No interference Two cables needed for full duplex Surrounded by Kevlar Max length: 2-100 km 1Gbps & 10Gbps implementations Difficult to install Expensive (Cable, Install, Maintenance) Information Security © 2006 Eric Vanderburg
Fiber Optic Connectors ST (Straight Tip) SC (Straight Connection) LC (Link Control) MIC (Medium Interface Connector) MT-RJ two cables in one RJ-45 clone SMA (Subminiature Type A) Information Security Š 2006 Eric Vanderburg
Fiber Optic cable types • Single mode – – – – Laser based Spans longer distance One piece of glass Core: 2-9 microns • Multi-mode – – – – LED based Shorter distance Multiple pieces of glass Core: 25-200 microns Information Security © 2006 Eric Vanderburg
Quick Comparison Type Length Bandwidth Installation Interference Cost UTP 100 meters 10Mbps-1Gbps Easy High Cheapest STP 100 meters 16Mbps-1Gbps Moderate Moderate Moderate Thinnet 185 meters 10Mbps Easy Moderate Cheap Thicknet 500 meters 10Mbps Hard Low Expensive 2-100 kilometers 100Mbps-10Gbps Moderate None Most Expensive Fiber Information Security Š 2006 Eric Vanderburg
Sniffers • Captures all data packets that travel on a network. • Designed for use in network diagnostics • Hard to trace because it is passive • Can be used to find passwords or other sensitive information • Mitigate with switched networks • Protect the physical environment • Watch out for comprimised hosts Information Security © 2006 Eric Vanderburg
Removable Media • Optical Media – CD – DVD • Magnetic Media – – – – Floppy disk Hard drive Micro drive Tape • Flash Media – USB Stick, CF (non microdrive), SD, MMC, SmartMedia, Game cartridge, PCMCIA, Rom Chips Information Security © 2006 Eric Vanderburg
Securing Removable Media • Encrypt USB Sticks • Disable or lock USB ports on the computer • Physical check that devices are not brought in Information Security © 2006 Eric Vanderburg
Terms • Workstation • Server • Terminal Information Security © 2006 Eric Vanderburg
Server Types • • • • • • • • Domain Controller Application Server File Server Print Server Communication Server Web Server Mail Server Name Server Information Security © 2006 Eric Vanderburg
Server Vendors • • Sun Microsystems Microsoft – Solaris – Looking Glass – Windows NT – Windows 2000 – Windows 2003 • • • Linux (Various Distributions) Novell Netware OS/2 • Apple – Mac OSX Server • FreeBSD • NeXT Operating Systems Microsoft Linux UNIX BSD NeXT MacOSX NetWare v1-5 Mac OS 1-9 NetWare 6 Information Security © 2006 Eric Vanderburg OS/2
Equipment • Repeater • Hubs – Active (powered – regenerates signal) – Passive (unpowered) • Bridge – Translation bridge – translates differing frame types for different architectures (ATM, Ethernet) • Router – Reduces the broadcast domain – Looks at packets – Can filter by packets Information Security © 2006 Eric Vanderburg
Equipment • Switches – Cut-through switching – reads only the first part of the frame to forward it. – Store & forward switching • Reads entire frame before forwarding. Also does error checking using the CRC field, discards if errors. • Saves bandwidth because bad frames are not forwarded. Requires faster switches • Fragment free switching – reads enough to know it is not a malformed or damaged frame – – – – Reduces the collision domain Looks at frames VLANs (Virtual LAN) Core switch – central to the network. Other switches connect into it – Workgroup switch – connects to network nodes Information Security © 2006 Eric Vanderburg
Network Management • SNMP (Simple Network Management Protocol) – Agents – MIB (Management Information Base) – Ports 161 & 162 UDP – SNMP enabled devices are called managed devices Information Security © 2006 Eric Vanderburg
Securing Network Devices • Create a custom logon prompt to remove any info about the device • Disable HTTP or SNMP access if they are not used – If used, try SSL instead of HTTP – Use SNMP version 3 • Limit access to certain machines or subnets • Log activity • Encrypt management communications Information Security © 2006 Eric Vanderburg
Communication Devices • Modem (Modulator / Demodulator) • DSL (Digital Subscriber Line) – uses phone lines on a much higher frequency. Dedicated line. • Cable Modem – faster max speed but a shared medium • Central Office (CO) or Head in – local connection point where a neighborhood of connections terminate and are connected into the ISP’s network. • Always-on connections can be tempting for attackers. Firewalls are a must. Information Security © 2006 Eric Vanderburg
Remote Access • RAS (Remote Access Server) – A computer that allows others to connect into it. – Modem – VPN • Protect using – Authentication – Privileges – Account lockout policies – Firewalls & ACL Information Security © 2006 Eric Vanderburg
File Browsing • UNC (Universal Naming Convention) – Windows shares are named computernamesharename Information Security © 2006 Eric Vanderburg
Telcos • PBX (Private Branch Exchange) – private switching station for voice and data services • PBX attacks – Data modification – Denial of service – Information disclosure – Traffic analysis – where calls go to and from, frequency, time – Theft of service Information Security © 2006 Eric Vanderburg
Network Security Devices • Firewalls – filters packets based on criteria such as an ACL or a rule base • Routers can serve this purpose but they are not as efficient as a dedicated device • Personal firewall (host based) • Enterprise software firewall – designed to run on a powerful machine that analyzes all network traffic running through it. • Hardware firewall – engineered to be able to process packets quickly and efficiently. Information Security © 2006 Eric Vanderburg
Firewalls • Packet filtering – Stateless – allows or denies packets based on rules – Stateful – keeps a state table of outgoing connections and allows corresponding incoming connections. • Advanced firewalls – Antivirus scanning – Content filtering – looks at web sites and such. Could use a database from another vendor which is updated regularly. Enable and disable types of content – Application layer firewall – looks at many packets together to determine whether to let them in. Information Security © 2006 Eric Vanderburg
Firewalls • DMZ (Demilitarized Zone) – area that is closer to the untrusted network than the rest of the LAN. Used for services made available to the Internet. • These servers may reside there: – Web server – Email server – RAS server – FTP server – Proxy server Information Security © 2006 Eric Vanderburg
IDS (Intrusion Detection System) • Monitors the packets on the network for signatures. – Network based - Looks at the overall flow. Positioned where a lot of traffic flows – Host based – resides on one machine and monitors the data coming to that machine. It may communicate with a central device. (Agent based) – Active IDS – can take action when an attack happens. – Passive IDS – alerts the administrator when there is an attack. – Anomaly based IDS or IPS (Intrusion Prevention System) – looks at behavior rather than signatures. May result in more positives. Information Security © 2006 Eric Vanderburg
Other concepts • • • • Intranet Extranet NAT (Network Address Translation) Honeypot Information Security © 2006 Eric Vanderburg
Acronyms • • • • • • • • CD-ROM, Compact Disk Read Only Memory CD-R, Compact Disk Recordable CD-RW, Compact Disk Rewritable DMZ, Demilitarized Zone DSL, Digital Subscriber Line DVD, Digital Versatile Disk DVD-R, Digital Versatile Disk Recordable DVD-RAM, Digital Versatile Disk Random Access Memory • DVD-RW, Digital Versatile Disk Rewritable • IDS, Intrusion Detection System Information Security © 2006 Eric Vanderburg
Acronyms • • • • • • • • • • MIB, Management Information base NAT, Network Address Translation PAT, Port Address Translation PBX, Private Branch Exchange RAS, Remote Access Server STP, Shielded Twisted Pair SNMP, Simple Network Management Protocol UNC, Universal Naming Convention UTP, Unshielded Twisted pair VLAN, Virtual Local Area Network Information Security © 2006 Eric Vanderburg

Recomendados

Secure Communications
Secure CommunicationsSecure Communications
Secure Communications
chriscavallo
 
Information Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric VanderburgInformation Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric Vanderburg
Eric Vanderburg
 
Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018
Jiunn-Jer Sun
 
Network Security Through FIREWALL
Network Security Through FIREWALLNetwork Security Through FIREWALL
Network Security Through FIREWALL
TheCreativedev Blog
 
Seminar
SeminarSeminar
Seminar
Abhinav Kushwah
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
Zyxel Communications Corp.
 
Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806
Trimatrik Multimedia
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
Meletis Belsis MPhil/MRes/BSc
 

Recomendados

Secure Communications
Secure CommunicationsSecure Communications
Secure Communications
chriscavallo
 
Information Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric VanderburgInformation Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric Vanderburg
Eric Vanderburg
 
Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018
Jiunn-Jer Sun
 
Network Security Through FIREWALL
Network Security Through FIREWALLNetwork Security Through FIREWALL
Network Security Through FIREWALL
TheCreativedev Blog
 
Seminar
SeminarSeminar
Seminar
Abhinav Kushwah
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
Zyxel Communications Corp.
 
Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806
Trimatrik Multimedia
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
Meletis Belsis MPhil/MRes/BSc
 
How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregation
Westermo Network Technologies
 
GSM Part-20
GSM Part-20GSM Part-20
GSM Part-20
Techvilla
 
Wall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aWall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 a
Trimatrik Multimedia
 
How to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandHow to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadband
Westermo Network Technologies
 
Databook 2016-151224-a3
Databook 2016-151224-a3Databook 2016-151224-a3
Databook 2016-151224-a3
DrayTek
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Westermo Network Technologies
 
Mobile Video Architecture project
Mobile Video Architecture projectMobile Video Architecture project
Mobile Video Architecture project
Transit-Protect
 
Draytek Databook 2015 v2
Draytek Databook 2015 v2Draytek Databook 2015 v2
Draytek Databook 2015 v2
DrayTek
 
Digistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastDigistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle East
Ali Shoaee
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
saddepalli
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Pine Cove Consulting
 
1000281 en 2
1000281 en 21000281 en 2
1000281 en 2
nguyenlam123
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch Solutions
Altaware, Inc.
 
Air vision ds
Air vision dsAir vision ds
Air vision ds
Lamarck Sousa
 
LoRaWAN for IoT
LoRaWAN for IoTLoRaWAN for IoT
LoRaWAN for IoT
Stavros Kalapothas
 
Low-Power Wide Area - Overview
Low-Power Wide Area - OverviewLow-Power Wide Area - Overview
Low-Power Wide Area - Overview
M2M Alliance e.V.
 
DrayTek switch_management_intro
DrayTek switch_management_introDrayTek switch_management_intro
DrayTek switch_management_intro
DrayTek
 
Databook 2017 v2
Databook 2017 v2Databook 2017 v2
Databook 2017 v2
DrayTek
 
An Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahAn Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ah
Faheem Zafari
 
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgNetworking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Eric Vanderburg
 
Network security & information security maintainence modified
Network security & information security maintainence modifiedNetwork security & information security maintainence modified
Network security & information security maintainence modified
Keerthan Shetty
 
Networking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgNetworking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric Vanderburg
Eric Vanderburg
 

Mais conteĂşdo relacionado

Mais procurados

How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregation
Westermo Network Technologies
 
GSM Part-20
GSM Part-20GSM Part-20
GSM Part-20
Techvilla
 
Draytek Databook 2015 v2
Draytek Databook 2015 v2Draytek Databook 2015 v2
Draytek Databook 2015 v2
DrayTek
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Pine Cove Consulting
 
1000281 en 2
1000281 en 21000281 en 2
1000281 en 2
nguyenlam123
 

Mais procurados (20)

How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregation
 
GSM Part-20
GSM Part-20GSM Part-20
GSM Part-20
 
Wall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aWall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 a
 
How to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandHow to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadband
 
Databook 2016-151224-a3
Databook 2016-151224-a3Databook 2016-151224-a3
Databook 2016-151224-a3
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communications
 
Mobile Video Architecture project
Mobile Video Architecture projectMobile Video Architecture project
Mobile Video Architecture project
 
Draytek Databook 2015 v2
Draytek Databook 2015 v2Draytek Databook 2015 v2
Draytek Databook 2015 v2
 
Digistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastDigistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle East
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
 
1000281 en 2
1000281 en 21000281 en 2
1000281 en 2
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch Solutions
 
Air vision ds
Air vision dsAir vision ds
Air vision ds
 
LoRaWAN for IoT
LoRaWAN for IoTLoRaWAN for IoT
LoRaWAN for IoT
 
Low-Power Wide Area - Overview
Low-Power Wide Area - OverviewLow-Power Wide Area - Overview
Low-Power Wide Area - Overview
 
DrayTek switch_management_intro
DrayTek switch_management_introDrayTek switch_management_intro
DrayTek switch_management_intro
 
Databook 2017 v2
Databook 2017 v2Databook 2017 v2
Databook 2017 v2
 
An Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahAn Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ah
 
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgNetworking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
 

Destaque

Network security & information security maintainence modified
Network security & information security maintainence modifiedNetwork security & information security maintainence modified
Network security & information security maintainence modified
Keerthan Shetty
 
Recording formats and_editing_softwares
Recording formats and_editing_softwaresRecording formats and_editing_softwares
Recording formats and_editing_softwares
Azizur Rahman
 
Information & network security certifications
Information & network security certificationsInformation & network security certifications
Information & network security certifications
Hamid Hasanabadi
 
Network security
Network securityNetwork security
Network security
Jarno Niemela
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
koolkampus
 
Soft computing
Soft computingSoft computing
Soft computing
ganeshpaul6
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.ppt
DreamMalar
 

Destaque (17)

Network security & information security maintainence modified
Network security & information security maintainence modifiedNetwork security & information security maintainence modified
Network security & information security maintainence modified
 
Networking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgNetworking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric Vanderburg
 
Recording formats and_editing_softwares
Recording formats and_editing_softwaresRecording formats and_editing_softwares
Recording formats and_editing_softwares
 
Network Security Offering by GSS America
Network Security Offering by GSS AmericaNetwork Security Offering by GSS America
Network Security Offering by GSS America
 
Soft computing and artificial intelligence techniques for intrusion
Soft computing and artificial intelligence techniques for intrusionSoft computing and artificial intelligence techniques for intrusion
Soft computing and artificial intelligence techniques for intrusion
 
Information & network security certifications
Information & network security certificationsInformation & network security certifications
Information & network security certifications
 
Artificial intelligence original
Artificial intelligence originalArtificial intelligence original
Artificial intelligence original
 
Wire Less
Wire LessWire Less
Wire Less
 
Advanced Computing Techonologies
Advanced Computing TechonologiesAdvanced Computing Techonologies
Advanced Computing Techonologies
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Network security
Network securityNetwork security
Network security
 
Information and Network Security
Information and Network SecurityInformation and Network Security
Information and Network Security
 
Basics of Soft Computing
Basics of Soft Computing Basics of Soft Computing
Basics of Soft Computing
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
 
Soft computing
Soft computingSoft computing
Soft computing
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.ppt
 
Network Security
Network SecurityNetwork Security
Network Security
 

Semelhante a Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
Nune SrinivasRao
 

Semelhante a Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg (20)

Airheads barcelona 2010 securing wireless la ns
Airheads barcelona 2010 securing wireless la nsAirheads barcelona 2010 securing wireless la ns
Airheads barcelona 2010 securing wireless la ns
 
Accessing remote networks
Accessing remote networksAccessing remote networks
Accessing remote networks
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
 
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
 
Designing Local Area Network
Designing Local Area NetworkDesigning Local Area Network
Designing Local Area Network
 
wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
 
Networking
NetworkingNetworking
Networking
 
Basic networking
Basic networkingBasic networking
Basic networking
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
 
Hardware firewall
Hardware firewallHardware firewall
Hardware firewall
 
Ethernet basics
Ethernet basicsEthernet basics
Ethernet basics
 
MeshDynamics Mesh Networks- High Level Overview
MeshDynamics Mesh Networks- High Level OverviewMeshDynamics Mesh Networks- High Level Overview
MeshDynamics Mesh Networks- High Level Overview
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networks
 
internet network for o level
internet network for o level internet network for o level
internet network for o level
 
Network Concepts
Network ConceptsNetwork Concepts
Network Concepts
 
Zero Trust for Private 5G and Edge
Zero Trust for Private 5G and EdgeZero Trust for Private 5G and Edge
Zero Trust for Private 5G and Edge
 
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
Information Security Lesson 13 - Advanced Security - Eric VanderburgInformation Security Lesson 13 - Advanced Security - Eric Vanderburg
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
 
Computer Networks .pdf
Computer Networks .pdfComputer Networks .pdf
Computer Networks .pdf
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
 
A better connected world - Beijer Sales Kit 2017
A better connected world - Beijer Sales Kit 2017A better connected world - Beijer Sales Kit 2017
A better connected world - Beijer Sales Kit 2017
 

Mais de Eric Vanderburg

Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Eric Vanderburg
 

Mais de Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Último (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

  • 1. Information Security Chapter 5 Securing the Network Infrastructure Information Security Š 2006 Eric Vanderburg
  • 2. Cabling • Cable Plant – Network infrastructure • Cable Characteristics – – – – – – – – – Bandwidth Rating Max Segment Length Segments per network Devices per segment Interference Susceptibility (EMI & RFI) Connection Hardware Cable Grade (PVC or Plenum Grade Teflon) Bend radius Cost (Material, Installation, & Maintenance) Information Security Š 2006 Eric Vanderburg
  • 3. Coaxial Cable (Coax) • Thicknet (10base5) – – – – ½ inch thick RG-11 or RG-8 Vampire tap AUI (Attachment Unit Interface) - 15 pin DB-15 • Thinnet (10base2) – BNC (British Naval Connector) – 50 ohms impedance – RG-58 • Coax for Broadband (RG-59, 75 Ohm) Information Security Š 2006 Eric Vanderburg
  • 4. Twisted Pair • Twists reduce crosstalk • UTP (Unshielded Twisted Pair) 10baseT • STP (Shielded Twisted Pair) – Foil wrapped around wires • Phone line (RJ-11) • TP Network cable (RJ-45) • 100 Meter max length Information Security Š 2006 Eric Vanderburg
  • 5. Twisted Pair Categories • • • • • • • • Cat1 – voice only, before 1982 Cat2 – 4 wires, 4Mbps Cat3 – 4 wires, 10Mbps, 3 twists/foot Cat4 – 8 wires, 16Mbps Cat5 – 8 wires, 100Mbps Cat5e – 8 wires, 1Gbps, full-duplex, 100MHz* Cat6 – 8 wires, 1Gbps, 250MHz*, larger, more sensitive Cat7 – 8 wires, shielded, 1Gbps, 600MHz*, individually shielded pairs • *Easier to detect defects with higher frequencies Information Security Š 2006 Eric Vanderburg
  • 6. Fiber Optic • • • • • • • • • Signal sent by light No eavesdropping No interference Two cables needed for full duplex Surrounded by Kevlar Max length: 2-100 km 1Gbps & 10Gbps implementations Difficult to install Expensive (Cable, Install, Maintenance) Information Security Š 2006 Eric Vanderburg
  • 7. Fiber Optic Connectors ST (Straight Tip) SC (Straight Connection) LC (Link Control) MIC (Medium Interface Connector) MT-RJ two cables in one RJ-45 clone SMA (Subminiature Type A) Information Security Š 2006 Eric Vanderburg
  • 8. Fiber Optic cable types • Single mode – – – – Laser based Spans longer distance One piece of glass Core: 2-9 microns • Multi-mode – – – – LED based Shorter distance Multiple pieces of glass Core: 25-200 microns Information Security Š 2006 Eric Vanderburg
  • 9. Quick Comparison Type Length Bandwidth Installation Interference Cost UTP 100 meters 10Mbps-1Gbps Easy High Cheapest STP 100 meters 16Mbps-1Gbps Moderate Moderate Moderate Thinnet 185 meters 10Mbps Easy Moderate Cheap Thicknet 500 meters 10Mbps Hard Low Expensive 2-100 kilometers 100Mbps-10Gbps Moderate None Most Expensive Fiber Information Security Š 2006 Eric Vanderburg
  • 10. Sniffers • Captures all data packets that travel on a network. • Designed for use in network diagnostics • Hard to trace because it is passive • Can be used to find passwords or other sensitive information • Mitigate with switched networks • Protect the physical environment • Watch out for comprimised hosts Information Security Š 2006 Eric Vanderburg
  • 11. Removable Media • Optical Media – CD – DVD • Magnetic Media – – – – Floppy disk Hard drive Micro drive Tape • Flash Media – USB Stick, CF (non microdrive), SD, MMC, SmartMedia, Game cartridge, PCMCIA, Rom Chips Information Security Š 2006 Eric Vanderburg
  • 12. Securing Removable Media • Encrypt USB Sticks • Disable or lock USB ports on the computer • Physical check that devices are not brought in Information Security Š 2006 Eric Vanderburg
  • 13. Terms • Workstation • Server • Terminal Information Security Š 2006 Eric Vanderburg
  • 14. Server Types • • • • • • • • Domain Controller Application Server File Server Print Server Communication Server Web Server Mail Server Name Server Information Security Š 2006 Eric Vanderburg
  • 15. Server Vendors • • Sun Microsystems Microsoft – Solaris – Looking Glass – Windows NT – Windows 2000 – Windows 2003 • • • Linux (Various Distributions) Novell Netware OS/2 • Apple – Mac OSX Server • FreeBSD • NeXT Operating Systems Microsoft Linux UNIX BSD NeXT MacOSX NetWare v1-5 Mac OS 1-9 NetWare 6 Information Security Š 2006 Eric Vanderburg OS/2
  • 16. Equipment • Repeater • Hubs – Active (powered – regenerates signal) – Passive (unpowered) • Bridge – Translation bridge – translates differing frame types for different architectures (ATM, Ethernet) • Router – Reduces the broadcast domain – Looks at packets – Can filter by packets Information Security Š 2006 Eric Vanderburg
  • 17. Equipment • Switches – Cut-through switching – reads only the first part of the frame to forward it. – Store & forward switching • Reads entire frame before forwarding. Also does error checking using the CRC field, discards if errors. • Saves bandwidth because bad frames are not forwarded. Requires faster switches • Fragment free switching – reads enough to know it is not a malformed or damaged frame – – – – Reduces the collision domain Looks at frames VLANs (Virtual LAN) Core switch – central to the network. Other switches connect into it – Workgroup switch – connects to network nodes Information Security Š 2006 Eric Vanderburg
  • 18. Network Management • SNMP (Simple Network Management Protocol) – Agents – MIB (Management Information Base) – Ports 161 & 162 UDP – SNMP enabled devices are called managed devices Information Security Š 2006 Eric Vanderburg
  • 19. Securing Network Devices • Create a custom logon prompt to remove any info about the device • Disable HTTP or SNMP access if they are not used – If used, try SSL instead of HTTP – Use SNMP version 3 • Limit access to certain machines or subnets • Log activity • Encrypt management communications Information Security Š 2006 Eric Vanderburg
  • 20. Communication Devices • Modem (Modulator / Demodulator) • DSL (Digital Subscriber Line) – uses phone lines on a much higher frequency. Dedicated line. • Cable Modem – faster max speed but a shared medium • Central Office (CO) or Head in – local connection point where a neighborhood of connections terminate and are connected into the ISP’s network. • Always-on connections can be tempting for attackers. Firewalls are a must. Information Security Š 2006 Eric Vanderburg
  • 21. Remote Access • RAS (Remote Access Server) – A computer that allows others to connect into it. – Modem – VPN • Protect using – Authentication – Privileges – Account lockout policies – Firewalls & ACL Information Security Š 2006 Eric Vanderburg
  • 22. File Browsing • UNC (Universal Naming Convention) – Windows shares are named computernamesharename Information Security Š 2006 Eric Vanderburg
  • 23. Telcos • PBX (Private Branch Exchange) – private switching station for voice and data services • PBX attacks – Data modification – Denial of service – Information disclosure – Traffic analysis – where calls go to and from, frequency, time – Theft of service Information Security Š 2006 Eric Vanderburg
  • 24. Network Security Devices • Firewalls – filters packets based on criteria such as an ACL or a rule base • Routers can serve this purpose but they are not as efficient as a dedicated device • Personal firewall (host based) • Enterprise software firewall – designed to run on a powerful machine that analyzes all network traffic running through it. • Hardware firewall – engineered to be able to process packets quickly and efficiently. Information Security Š 2006 Eric Vanderburg
  • 25. Firewalls • Packet filtering – Stateless – allows or denies packets based on rules – Stateful – keeps a state table of outgoing connections and allows corresponding incoming connections. • Advanced firewalls – Antivirus scanning – Content filtering – looks at web sites and such. Could use a database from another vendor which is updated regularly. Enable and disable types of content – Application layer firewall – looks at many packets together to determine whether to let them in. Information Security Š 2006 Eric Vanderburg
  • 26. Firewalls • DMZ (Demilitarized Zone) – area that is closer to the untrusted network than the rest of the LAN. Used for services made available to the Internet. • These servers may reside there: – Web server – Email server – RAS server – FTP server – Proxy server Information Security Š 2006 Eric Vanderburg
  • 27. IDS (Intrusion Detection System) • Monitors the packets on the network for signatures. – Network based - Looks at the overall flow. Positioned where a lot of traffic flows – Host based – resides on one machine and monitors the data coming to that machine. It may communicate with a central device. (Agent based) – Active IDS – can take action when an attack happens. – Passive IDS – alerts the administrator when there is an attack. – Anomaly based IDS or IPS (Intrusion Prevention System) – looks at behavior rather than signatures. May result in more positives. Information Security Š 2006 Eric Vanderburg
  • 28. Other concepts • • • • Intranet Extranet NAT (Network Address Translation) Honeypot Information Security Š 2006 Eric Vanderburg
  • 29. Acronyms • • • • • • • • CD-ROM, Compact Disk Read Only Memory CD-R, Compact Disk Recordable CD-RW, Compact Disk Rewritable DMZ, Demilitarized Zone DSL, Digital Subscriber Line DVD, Digital Versatile Disk DVD-R, Digital Versatile Disk Recordable DVD-RAM, Digital Versatile Disk Random Access Memory • DVD-RW, Digital Versatile Disk Rewritable • IDS, Intrusion Detection System Information Security Š 2006 Eric Vanderburg
  • 30. Acronyms • • • • • • • • • • MIB, Management Information base NAT, Network Address Translation PAT, Port Address Translation PBX, Private Branch Exchange RAS, Remote Access Server STP, Shielded Twisted Pair SNMP, Simple Network Management Protocol UNC, Universal Naming Convention UTP, Unshielded Twisted pair VLAN, Virtual Local Area Network Information Security Š 2006 Eric Vanderburg