Chapter 17: Implementing Secure Protocols
Protocols
Domain Name System Security Extensions (DNSSEC)
DNS (UDP 53) –> DNSSEC (TCP 53)
Origin authentication (signatures)
Integrity (signatures/hashing)
Denial of existence
SSH
Telnet (23) –> SSH (22)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Encryption
Authentication
Integrity
Nonrepudiation
Secure Real-time Transport Protocol (SRTP)
RTP –> SRTP
Lightweight Directory Access Protocol Over SSL (LDAPS)
LDAP –> LDAPS
File Transfer Protocol, Secure (FTPS)
FTP (20,21) –> FTPS (TLS, 989 and 990)
SSH File Transfer Protocol (SFTP using SSH)
FTP (20,21) –> SFTP (SSH, 22)
Simple Network Management Protocol, version 3 (SNMPv3)
SNMPv1 –> SNMPv3
SNMP Proxy Agents:
https://www.dpstele.com/snmp/8things-you-need-to-know.php
Hypertext transfer protocol over SSL/TLS (HTTPS)
HTTP (80) –> HTTPS (443)
IPSec
Authentication header (AH)
Encapsulating Security Payloads (ESP)
Tunnel mode
Transport mode
Post Office Protocol (POP3, 110)
Secure POP3 (995)
Internet Message Access Protocol (IMAP4, 143)
Secure IMAP (993)
Use Cases
Voice and video (streaming media, VOIP)
RTP vs. SRTP
Time synchronization (NTP, 123)
Email and web
File transfer
Directory services
Remote access
Domain name resolution
Routing and switching
Network address allocation
Subscription services
SaaS