CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test.
-
Upload
beverly-mason -
Category
Documents
-
view
216 -
download
0
Transcript of CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test.
CTC228
Nov 16 2015
Today...
Catching up with group projects
URLs and DNS
Nmap
Review for Test
Chap 8 Group project
Research ESXi and explain how it is different from Vmware Workstation.
Nov 2 Group project
Answer the following questions: 1. Explain the difference between SSH and Telnet. What are they
used for? Which one is preferable? Why? 2. Imagine you are the administrator of a network for a major movie
studio. Your network is designed to be used only for FTP. Lately, the file transfers have been running slowly. You examine the logs and see lots of connections to outside IP addresses on port 80 and 443. What is happening? Why is the network running slowly?
3. What type of hypervisor is Vmware Workstation? What type of hypervisor is Virtualbox? Why?
BONUS QUESTION: SSH uses TCP port 22. Would it be a good idea if SSH used UDP instead? Why or why not?
Group project Nov 4
1. You are in charge of building a network for your company. There are 500 employees that need to share many large files internally but very rarely need to connect to the Internet. What can you do to avoid having to pay for 500 separate Internet connections? How/Why does your solution work? 2. Your company network is slowing down because all the employees
are using Facebook and YouTube at work. What device can you install on the network to block this? Describe how you will configure this device.
BONUS QUESTION: If you are on a Linux system and have only READ access to a file that contains executable code you want to run, is there any way you can run the code in the file? If yes, how? If no, why not?
Nov 9 Group projects
1. There is a school policy that says all students must do their own homework and cannot share work. Alice completes her homework and stores it on a class computer in her private directory. Bob uses the class computer and notices he is able to read Alice's files. Bob copies Alice's homework into his own directory. Since Bob was able to copy the file, was there a breach of the policy? Why or why not?
Bonus question: Would ARP spoofing work across the Internet? Could a remote attacker create a MITM situation between your home computer and your home router? Why or why not?
Today...
Catching up with group projects
URLs and DNS
Nmap
Review for Test
Important Distinction
What is the difference between the Internet and the world wide web (a.k.a. “the web”)?
The world wide web (delivered over HTTP) is just one possible service that can be run over the Internet
Chap 8: HTTP Client
Structure of a URL (a.k.a. “web address”)
Protocol://host/path
Example http://www.cheese.com/feta/
http://www.insecure.org/index.html
By default, a file called “index.html” is usually loaded
But the Internet uses IP addresses, so how is a URL converted to an IP address?
Answer: the Domain Name System
Today...
Catching up with group projects
URLs and DNS
Nmap
Review for Test
Nmap, my favorite network tool
Stands for “Network Mapper”
Scans TCP/UDP ports on computers
Can determine OS, versions, vulnerabilities, etc.
By default nmap scans 1000 most common TCP ports
...but you can still get in trouble.
How nmap scans
Basic nmap
Nmap with options
Nmap's GUI is called
Zenmap
What can we tell about this guy?
Nmap can do UDP too
UDP not listening on a port
UDP open|filtered on a port
Today...
Catching up with group projects
URLs and DNS
Nmap
Break, then
Review for Test
Virtual machine hypervisors
TCP and UDP port assignments
0 – 1023: Well-known ports
Reserved for specific uses
1024 – 49151 : Registered ports
Registered for specific purposes
49152 – 65535: Ephemeral ports
Dynamically allocated
Common TCP and UDP Ports
22 (TCP)– SSH
23 (TCP)– Telnet
53 (UDP) – DNS
80 (TCP) – HTTP
443 (TCP) – HTTPS
Firewalls
Limit inbound/outbound traffic based on rules Rules usually based on IP addresses and ports
Can be host-based or network-based Originally just “packet filters” Later came “stateful” firewalls Modern ones can be “application” level ...
Chapter 10: Security Policies *
A policy is a human-language document that describes who can access what. In order to write it, you need to know:
WHAT you are trying to protect WHO you are trying to protect it from
Notice we don't mention specifically HOW STUFF WILL BE PROTECTED in the policy
A mechanism is something that enforces a policy
Symmetric Key
Asymmetric Key (a.k.a. public key cryptography)
MITM: A better diagram