Section 11: securing TCP/IP
by Emtenan saad
1. 66. Cryptographic hashes
1.1. - Hash is algorithm that doesn’t encrypt
1.2. - Hash algorithm creates a fixed size hash value
1.3. - Hash used to verify data integrity
1.4. - Hash can use MD5 and SHA1
2. 67.Access control
2.1. - Access control including: authentication and authorization
2.2. - For network plus make sure you have this 3 :
2.2.1. 1-mandatory access control ( uses labels) ,
2.2.2. 2- discretionary access control
2.2.3. 3- role based access control ( uses group)
3. 68.AAA
3.1. - RADIUS provides AAA : authentication, authorization, accounting
3.2. - TACACS + uses TCP port 49
3.3. - RADIUS client ia an intermediate agent between a RADIUS supplicant and RADIUS server
4. 70. Cryptographic tunnels with SSH
4.1. - Tunnels are used to encrypt unencrypted protocols
5. 64. Symmetric encryption
5.1. - algorithms is the process that stirs up the values
5.2. - The algorithm we can call it the Key and the key always has to be 8 characters and it has to be a number between 0-9
5.3. - The algorithm works in this way : we run clear text through the algorithm and then we get cyphertext
6. 65. Asymmetric encryption
6.1. - in asymmetric encryption you have two keys :
6.1.1. - 1- public key : can do only encrypt
6.1.2. - 2- private key : can do only decrypt
6.2. - For two people to communicate they must exchange public keys
7. 69.kerberos / EAP
7.1. - kerberos is designed to do authentication for local areas network
7.2. - Key distribution center consists of 2 really important services :
7.2.1. - 1- authentication server
7.2.2. - 2- ticket granting service