CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [86]
SNMP was upgraded as a standard to SNMPv2, which provides security and improved remote monitoring. SNMP is currently undergoing a revision; although a new standard (SNMPv3) is out, although most systems still use SNMPv2.
Internet Control Message Protocol TCP/IP uses Internet Control Message Protocol (ICMP) to report errors and reply to requests from programs such as Ping and Traceroute. ICMP is one of the favorite protocols used for DoS attacks. Many businesses have disabled ICMP through the router to prevent these types of situations from occurring.
Real World Scenario
Using ICMP to Deal with Smurf Attacks
Your organization has been repeatedly hit by smurf attacks. These attacks have caused a great deal of disruption, and they must be stopped. What could you suggest to minimize these attacks?
You should recommend disabling ICMP traffic at the point where your network connects to the Internet. You can do this by disabling the protocol on your router and blocking this traffic in firewall systems. Doing so won’t completely eliminate the problem, but it will greatly reduce the likelihood of a successful attack occurring using ICMP. This step will also prevent people from gaining information about your network because any programs (such as Ping) that request information from your network systems will no longer function.
Internet Group Management Protocol TCP/IP uses Internet Group Management Protocol (IGMP) to manage group or multicasting sessions. It can be used to address multiple recipients of a data packet: The sender initiates broadcast traffic, and any client who has broadcasting enabled receives it. (Broadcasts are messages sent from a single system to the entire network—the systems could be inside your network or throughout the world.) This process, called multicasting, can consume huge amounts of bandwidth in a network and possibly create a DoS situation. Most network administrators disable the reception of broadcast and multicast traffic from outside their local network.
A unicast is IGMP traffic that is oriented at a single system. TCP/IP primarily uses a unicast method of communication: A message is sent from a single system to another single system.
Every one of these major protocols used by TCP/IP presents a potential problem for security administrators. Make sure you use what you need and disable what you don’t.
The Basics of Cabling, Wires, and Communications
Nothing happens in a network until data is moved from one place to another. Naturally, this requires some type of cable, wire, or transmission media. The following sections explore the realm of wiring from a technical and a security perspective. Specifically, you’ll learn about coaxial cable, UTP/STP, fiber optics, infrared, radio frequency, and microwave media.
Coax
Coaxial cable, or coax, is one of the oldest media used in networks. Coax is built around a center conductor or core that is used to carry data from point to point. The center conductor has an insulator wrapped around it, a shield over the insulator, and a nonconductive sheath around the shielding. This construction, depicted in Figure 3.18, allows the conducting core to be relatively free from outside interference. The shielding also prevents the conducting core from emanating signals externally from the cable.
FIGURE 3.18 Coaxial cable construction
Before you read any further, accept the fact that the odds are incredibly slim that you will ever need to know about coax for a new installation in the real world. If you do come across it, it will be in an existing installation, and one of the first things you’ll recommend is that it be