Professer Messer Security+ Videos

A good video supplement to Mike Meyer’s Videos for Security + is the Professor Messer set of videos:

Professor Messer Security+ Videos and Notes

These videos are 100% free.  And they are transcribed for those who prefer audio or visual learning.  Professor Messer also has detailed notes for a reasonable fee.

APT and RAT

An APT is an Advanced Persistent Threat.

An APT is underway when an attacker targets a particular system over a long period of time.  The goal is to gain information – not to damage or destroy the system.  His attack is perpetrated against well-chosen targets and the attackers have specific objectives.  For example, an enemy government may want to target a nuclear weapons facility.  Or an attacker might want to target a credit reporting company to get access to credit card numbers.

APTs usually target corporations, banks, government entities, and national defense systems for espionage purposes.  The attackers seldom want the target to discover their presence.

The steps to an APT attack are to gain access to a system, create backdoors and tunnels so that attackers can move around unnoticed, crack passwords and use other methods to gain enhanced privileges (like administrator rights), and then transfer targeted data to their own systems.

They often repeat this process until they are detected.

A Remote Access Trojan (RAT) is a program that includes a backdoor for the attacker to access administrative privileges on a target system.  These programs may be part of freeware programs from dubious sources.  Or they may be sent as an attachment to an email that the attacker entices the recipient to open.  One famous RAT is called Back Oriface.

 

Honeypots

The unfortunate reality is that, despite the best attempts at network security, attack attempts will occur.  Sometimes they will be successful. One way to detect an attack in progress is to set up a honeypot.

A honeypot is a system that is set up to attract an attack attempt and direct the attacker to a safe system where his actions can be tracked and assessed without compromising the system that we are really trying to protect. The honeypot could be:

  • A dedicated server
  • A simulated system or state machine
  • A service on a selected host.  An example would be Tiny Honeypot, which listens to ports not in legitimate use.
  • A virtual server
  • A single file with special attributes.  This is sometimes called a honeytoken.

A honeypot is never meant for authorized users to use.  So, any access to it is either accidental or hostile.

Network Protocols Port Numbers for Security+

Here are some of the common network protocols covered by the Security+ exam, along with their port numbers:

File Transfer Protocols

Name Definition TCP UDP Port Number
FTP File Transport Protocol X 20, 21
SSH Secure Shell X 22
SFTP Secure File Transport Protocol (uses SSH) X 22
SCP Secure Copy (uses SSH) X 22
TFTP Trivial File Transport Protocol X 69
FTPS File Transport Protocol Secure (uses SSL) X 443

Email Protocols

Name Definition TCP UDP Port Number
SMTP File Transport Protocol X 20, 21
POP3 Secure Shell X 22
IMAP4 Secure File Transport Protocol (uses SSH) X 22

Remote Access

Name Definition TCP UDP Port Number
Telnet Telnet X 23
TACACS Terminal Access Controller Access-Control System X 49
TACACS+ Terminal Access Controller Access-Control System+ X 49
SSL VPN SSL VPN – Secure Sockets Layer virtual private network X 443
ISAKMP (VPN) Internet Security Association and Key Management Protocol (virtual private network) X 500
L2TP Layer 2 Tunneling Protocol X 1701
PPTP Point-to-Point Tunneling Protocol X X 1723
RDP Remote Desktop Protocol X X 3389

Other Protocols

Name Definition TCP UDP Port Number
DNS Domain Name System X X 53
DHCP Dynamic Host Configuration Protocol X 67, 68
HTTP Hypertext Transfer Protocol X 80
HTTPS Hypertext Transfer Protocol Secure X 443
Kerberos Kerberos X X 88
NNTP Network News Transfer Protocol X 119
SNMP Simple Network Management Protocol X 161
SNMP Trap Simple Network Management Protocol Trap X X 162
LDAP Lightweight Directory Access Protocol X X 389
Syslog Syslog X 514

Discount Coupons for IT Certifications

If you are studying for IT certification exams, this is website offers a myriad of discount coupons:

http://www.itexamvouchers.com/

ITExamVouchers offers discount certification exam test vouchers for CompTIA (A+, Network+, Security+), Microsoft (MCSE), Cisco (CCNA), and Microsoft Office Specialist certification tests.

These coupons can help with the cost of the exams in case you cannot get reimbursement from your employer.

Wireless Internet Access

High speed internet access is often available to rural users only through expensive satellite or microwave systems.  However, many people (rural or not) may find a wireless solution using cell phone towers to be a great alternative way to access the internet.

I often travel.  Having a wireless access point is something important to me.  A few weeks ago, I purchased the Huawei B310-518 Wi-Fi router.  This device works much like tethering with a cell phone, with similar speeds.

But, the Huawei B310-518 is also more powerful than a tethered cell phone:

It has an Ethernet cable for connecting to a computer – or even a large network.

The Wi-Fi capability has more range than a tethered cell phone.

There is a standard wired phone jack built into the B310-518.  This allows a cell phone number to be used with a regular wired phone.

The B310-518 is an unlocked GSM device.  So, that means that it works with most cell phone carriers except for Verizon and Sprint.  AT&T works.  T-Mobile works.  And companies that resale these services also work.  In Canada, it will work with Rogers and others.  Simply use your cell phone’s SIM card in the Huawei router, or buy a special SIM card for the device.  It even works internationally.

I ended up purchasing a SIM card and service from Mint Mobile:

https://www.mintmobile.com/

Plans vary.  Mint Mobile charges $15 per month for 2GB of high speed data.  They charge $25 per month for 10GB of high speed data.  After the high speed data allocation is used, unlimited low speed data is provided.

Of course, you can use AT&T, T-Mobile, or other carriers with the Huawei device.

The only thing that took me by surprise with this device was that the instruction manual was in Spanish and the default configuration webpage for the device was in Spanish.  Switching to English was fairly easy.  But, one would think the default for the US market would be English.   Also, the router came with a European plug and a converter to a US style plug.  That works.  I wonder if the US market is an afterthought, though.  Online research seems to indicate that the DC plug is the standard 2.1mm coaxial DC power plug.

Web Filtering – Limited Access Wireless

Imagine a business where employees need secure, full,  access to the internet.  At the same time, imagine that this business needs to provide customers and vendors with access. But, it must keep its proprietary information out of the hands of these visitors. And it needs to limit their access to websites with questionable content.

A similar need might arise in a home environment with children. Perhaps parents need full internet access while children only need access to websites that the parent approves of.

This post is the first of a series of posts that describe a method of accomplishing this.

The network system diagram shown below implements this system on a small-scale, as needed in a small office or home:

Open filtered internet and secured full internet simultaneously

Internet connectivity is provided by an ISP such as AT&T DSL, Time Warner Cable, or through a wireless internet provider such as Clear. Connection to the internet is through a modem.

An Ethernet cable connects the modem to a wireless router. The router shown above is a Linksys WRT54GL Router. The WRT54GL is certainly not the most sophisticated wireless router on the market. But, it is one of the most widely used wireless routers, has been on the market for more than 6 years, and has a track record of solid, reliable, performance. This router is configured to provide unfiltered access to the internet. Any computer or other WiFi device connected to it has full internet access. Communications between this WRT54GL and the devices connected to it are encrypted so that interception is very difficult.

The second Linksys WRT54GL, the one on the right, is connected to the first wireless router through an Ethernet Cable. It is configured so that it can be accessed without an encryption key or password. This means that data transferred through it is not secure and can be easily intercepted. However, data security is usually not desired for public internet hotspots. (If desired, encryption could be added to limit access).

This second wireless router filters the internet so that undesired websites are not accessible.

This basic system can be easily expanded by adding more wireless routers. An expanded system can provide:

  • Enterprise level wireless coverage for medium size businesses
  • Hotspot coverage over a larger area, such as an apartment complex, shopping mall, or outdoor area
  • Simultaneous filtered and non-filtered internet access
  • Multiple levels of filtering for different types of users

I am happy to help your organization with a custom or turn-key wireless system design.  However, subsequent posts will explain in detail how to set up these key components of a multi-privilege level WiFi system.