TOPIC: INTERNET SECURITY
What is IPSec?
IPSecurity (IPSec) is a collection of protocols designed to provide security at the network layer.
Transport mode: The IPSec header and trailer are added to the information corning from the transport layer. The IP header is added later.
Tunnel mode: It takes an IP packet, including the header, applies IPSec security methods to the entire packet, and then adds a new IP header .
What are the protocols associated with IPSec?
Authentication Header (AH): provides source authentication and data integrity. The protocol uses a hash function and a symmetric key to create a message digest;
Encapsulating Security Payload (ESP) :source authentication ,data integrity and privacy
What are the reserved Addresses for private networks?
Prefix Range Total
10/8 10.0.0.0 to 10.255.255.255 2^24
172.16/12 172.16.0.0 to 172.31.255.255 2^20
192.168/16 192.168.0.0 to 192.168.255.255 2^16
What is Virtual private Network?
Virtual private network (VPN) is a technology that is used by large organizations that use the global Internet for both intra- and inter organization communication, but require privacy in their internal communications.
VPN technology uses IPSec in the tunnel mode to provide authentication, integrity, and privacy.
All messages for internal communication will travel through Internet after encapsulated inside another packet using IPSec Tunneling.
The public network (Internet) is responsible for carrying the packet from Source side router to destination side router. Outsiders cannot decipher the contents of the packet or the
source and destination addresses. Deciphering takes place at destination router, which finds the destination address of the packet and delivers it.
Explain Secure Socket layer (SSL)?
Secure Socket Layer (SSL) is designed to provide security and compression to data generated from the application layer.
1. SSL divides the data into blocks of 214 bytes or less.
2. Each fragment of data is compressed by using one of the lossless compression methods
3. To preserve the integrity of data, SSL uses a keyed-hash function to create a MAC.
4. To provide confidentiality, the original data is encrypted using symmetric key
5. A header is added to the encrypted payload. The payload is then passed to a reliable transport layer protocol.
Transport Layer Security (TLS) is the IETF standard version of SSL.
What is the use of Pretty Good Privacy (PGP)?
PGP is designed to create authenticated and confidential e-mails.
What is Firewall?
A firewall is a device (usually a router) installed between the internal network of an organization and the rest of the Internet. It is designed to filter some packets.
Packet Filter: It can forward or block packets based on the IP addresses , Transport layer protocol or port addresses. It uses a filtering table to decide which packets must be discarded (not forwarded).
Proxy firewall: The server opens the packet at the application level and finds out if the request is legitimate.