configuring tcp/ip addressing and security
TRANSCRIPT
11
CONFIGURING TCP/IP ADDRESSING AND SECURITY
Chapter 11
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 2
OVERVIEW
Understand IP addressing
Manage IP subnetting and subnet masks
Understand IP security terminology
Manage Internet security features of Windows XP
Configure and troubleshoot Windows Firewall
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 3
UNDERSTANDING BINARY NUMBERS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 4
CONVERTING DECIMAL ADDRESSES TO BINARY
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 5
CONVERTING BINARY ADDRESSES TO DECIMAL
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 6
USING CALCULATOR TO CONVERT NUMBERS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 7
SUBNET MASKS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 8
PROBLEMS WITH CLASSFUL ADDRESSES
Wasted addresses
Shortage of address blocks
Excessive routing table entries
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 9
SUBNETTING A LARGE NETWORK
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 10
CLASSLESS INTERDOMAIN ROUTING (CIDR)
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 11
SUPERNETS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 12
SECURING IP COMMUNICATIONS
Internet threats
Protective technologies
Configuring and managing Windows Firewall
Monitoring Internet communications security
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 13
INTERNET THREATS
Viruses (the oldest threat)
Worms (the most persistent threat)
Trojan horses
Spyware
Zombies
Direct hacking
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 14
VIRUSES
Take advantage of gullible users
Infect document, graphics, andexecutable files
Often include mass-mailing components
Can carry destructive payloads
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 15
WORMS
Self-replicating
Network-aware
Use bugs in programs or systems to spread
Can carry viruses or other payloads
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 16
TROJAN HORSES
Usually e-mailed or downloaded
Appear to be a useful program or game
Carry payload or back door application
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 17
SPYWARE
Has attributes of Trojan horses or worms
Spies on its victim
Might transmit marketing data or transmit personal data to the spyware author
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 18
ZOMBIES
Payload of worm or Trojan horse
Remotely controlled to attack network targets
Participate in large-scale assaults on public Web sites
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 19
DIRECT HACKING
Relatively low incidence
Hardest form of attack to defeat
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 20
PROTECTIVE TECHNOLOGIES
Security Center
Windows Firewall
Internet Connection Sharing (ICS)
Third-party utilities
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 21
SECURITY CENTER
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 22
FIREWALL TERMINOLOGY
Packet filtering
Stateful packet filtering
Exceptions (packet filter rules)
Allowed traffic
Rejected traffic
Logging
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 23
ENABLING WINDOWS FIREWALL
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 24
FIREWALL EXCEPTIONS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 25
ADVANCED WINDOWS FIREWALL SETTINGS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 26
MONITORING INTERNET SECURITY
Windows Firewall monitoring
Service logs
Event logs
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 27
WINDOWS FIREWALL ALERTS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 28
WINDOWS FIREWALL LOGS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 29
SERVER LOGS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 30
SUMMARY
IP addresses are 32-bit binary addresses.
The network portion of IP addresses determines location.
CIDR allows creation of custom netblocks.
CIDR permits use of variable-length subnet masks.
Windows Firewall blocks unauthorized packets.
Windows Firewall exceptions allow specified traffic to pass through the firewall.
Alerts and logs warn of attempted attacks.