* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Remote Access - York Technical College
Access control wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Quantum key distribution wikipedia , lookup
Distributed firewall wikipedia , lookup
Cross-site scripting wikipedia , lookup
Cryptography wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Proxy server wikipedia , lookup
Web of trust wikipedia , lookup
Mobile security wikipedia , lookup
Certificate authority wikipedia , lookup
Secure multi-party computation wikipedia , lookup
History of cryptography wikipedia , lookup
Security-focused operating system wikipedia , lookup
Authentication wikipedia , lookup
Unix security wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Wireless security wikipedia , lookup
Security and safety features new to Windows Vista wikipedia , lookup
Electronic authentication wikipedia , lookup
Remote Access Lecture 2 Security Protocols IPSec L2TP - Layer 2 Tunneling Protocol SSL – Secure Socket Layers Kerberos SSH – Secure Shell RADIUS – Remote Authentication Dialin Service Encryption Process of encoding data using a mathematical algorithm that makes it difficult for unauthorized users to read the data if they intercept it. Encryption requires a key (math. Algorithm) to read the data. Two types of encryption Symmetric – same key is used to encrypt/decrypt Asymmetric – two keys – public key encrypts the message; the private key decrypts. Key – binary number made up of a large number of bits 56 bit encryption – 256 128 bit encryption – 2 128 - used online IPSec LANs or WANs using TCP/IP only Encrypts data Provides Verification – data is from intended source Protection – an intermediary did not alter the message Privacy – unreadable by others Operates at the network layer Security operates at the higher layers PPTP Point to Point Tunneling Protocol Dial-up Provides secure tunnel Other connectivity protocols like PPP can be used inside the tunnel PPTP control connection – between client IP and server IP - created using TCP Uses port 1723 L2F Cisco proprietary protocol Permits tunneling over insecure networks L2TP – Layer 2 Tunneling Combination of PPTP and L2F Two phase process Operates at Layer 2 Protocol independent Will not work with NAT Requires digital certificate Authenticates computer Authenticates user key attached to the message Offers greater security than PPTP SSL Used on the Internet – HTTPS (port 443) Three services Server authentication Client authentication Client verifies server identity Server verifies client identity Encrypted Connection Uses public key encryption Kerberos Provides client/server applications w/authentication Server and clients must prove identities to one another Each communicating party is issued a “ticket” which is embedded in messages and used to identify the user Open source SSH - Secure Shell Secure replacement for Telnet Entire session is encrypted Provides interoperability between LINUX UNIX Windows 9x/NT/200x Macintosh Freeware: PuTTY ICA – Independent Computing Architecture Allows clients to access and run applications on a server using the server’s resources. (dumb terminal) Thin client – only a small piece of software is needed on the client system. Platform independent Example: Citrix RADIUS – Remote Auth. Dialin User Service Client/server protocol Consists of Central server Database Authentication – using PAP or CHAP – identifies users Authorization – gives users’ access Accounting – tracks user accesses, failed attempts, time, etc. One or more dial-in servers Central server has database to determine user RADIUS RADIUS Central Server RAS 1 Client dials in; could hit remote access server 1 or 2 RAS 2 Types of Access Dial-up VPN Modem to modem Authentication All O/S support Provides low-cost (as compared to leased line) secure network connection Point to point dedicated link over a public IP network Creates a connection between two computers Uses PPP VPN Sessions VPN client initiates connection to server Server authenticates VPN clients Protocols – PPTP or L2TP