ISAKMP (Internet Security Association and Key Management Protocol) is a protocol for establishing Security Associations (SA) and cryptographic keys in a internet environment. ISAKMP defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation (e.g. denial of service and replay attacks). ISAKMP typically utilizes IKE …
Wireless traffic is considered to be those Internet protocol packets that are transmitted through an 802.11a, b, g, n, or i wireless protocol. Monitoring Requirements There are a few things to consider when planning to setup wireless traffic monitoring. First, the user must determine what kind of traffic will be monitored. Is the traffic to …
A TCP sequence prediction attack is an attempt to hijack an existing TCP session by injecting packets which pretend to come from one computer involved in the TCP session. The TCP Sequence Prediction Attack TCP is a reliable connection-oriented layer 4 (Transport Layer) protocol. Packet transfer between hosts is accomplished by the layers below layer …
Honey monkeys are a new way of detecting malicious codes from websites that try to exploit certain vulnerabilities of Internet browsers. The honey monkey system works as an automated web/internet patrol system that is designed to detect harmful materials in the Internet, to be able to come up with solutions, and to catch the people …
Packet sniffing is listening (with software) to the raw network device for interesting packets. When the software sees a packet that fits certain criteria, it logs it to a file. The most common criterion for an interesting packet is one that contains words like “login” or “password.” To packet sniff, obtain or code a packet …
The majority of non-computer professionals think of a DMZ as the strip of land that serves as the buffer between North and South Korea along the 39th parallel north created as part of the Korean Armistice Agreement in 1953. In the computer security field; however, the DMZ (Demilitarized Zone) is either a logical or physical …
A Denial of Service (DoS) attack is one that attempts to prevent the victim from being able to use all or part of his/her network connection. A denial of service attack may target a user to prevent him/her from making outgoing connections on the network. It may also target an entire organization to either prevent …
A firewall is a software component that restricts unauthorized inward network access. It allows outward information flow. It is set up to control traffic flow between two networks by configured permissions like Allow, Deny, Block, Encrypt, etc. It is normally employed to avoid illegal access to personal computers or corporate networks from external unsafe entities …
IPSec (IP Security) is a suite of protocols which was designed by Internet Engineering Task Force (IETF) to protect data by signing and encrypting data before it is transmitted over public networks. The IETF Request for Comments (RFCs) 2401-2409 defines the IPSec protocols with regard to security protocols, security associations and key management, and authentication …
Port forwarding, also known as tunneling, is basically forwarding a network port from one node to the other. This forwarding technique allows an outside user to access a certain port (in a LAN) through a NAT (network address translation) enabled router. Advantages of Port Forwarding Port forwarding basically allows an outside computer to connect to …