CONFIGURING TCPIP ADDRESSING AND SECURITY

1
CONFIGURING TCP/IP ADDRESSING AND SECURITY

• Chapter 11

2
OVERVIEW

• Understand IP addressing
• Manage IP subnetting and subnet masks
• Understand IP security terminology
• Manage Internet security features of Windows XP
• Configure and troubleshoot Windows Firewall

3
UNDERSTANDING BINARY NUMBERS
4
CONVERTING DECIMAL ADDRESSES TO BINARY
5
CONVERTING BINARY ADDRESSES TO DECIMAL
6
USING CALCULATOR TO CONVERT NUMBERS
7
SUBNET MASKS
8
PROBLEMS WITH CLASSFUL ADDRESSES

• Wasted addresses
• Shortage of address blocks
• Excessive routing table entries

9
SUBNETTING A LARGE NETWORK
10
CLASSLESS INTERDOMAIN ROUTING (CIDR)
11
SUPERNETS
12
SECURING IP COMMUNICATIONS

• Internet threats
• Protective technologies
• Configuring and managing Windows Firewall
• Monitoring Internet communications security

13
INTERNET THREATS

• Viruses (the oldest threat)
• Worms (the most persistent threat)
• Trojan horses
• Spyware
• Zombies
• Direct hacking

14
VIRUSES

• Take advantage of gullible users
• Infect document, graphics, andexecutable files
• Often include mass-mailing components
• Can carry destructive payloads

15
WORMS

• Self-replicating
• Network-aware
• Use bugs in programs or systems to spread
• Can carry viruses or other payloads

16
TROJAN HORSES

• Usually e-mailed or downloaded
• Appear to be a useful program or game
• Carry payload or back door application

17
SPYWARE

• Has attributes of Trojan horses or worms
• Spies on its victim
• Might transmit marketing data or transmit
  personal data to the spyware author

18
ZOMBIES

• Payload of worm or Trojan horse
• Remotely controlled to attack network targets
• Participate in large-scale assaults on public Web
  sites

19
DIRECT HACKING

• Relatively low incidence
• Hardest form of attack to defeat

20
PROTECTIVE TECHNOLOGIES

• Security Center
• Windows Firewall
• Internet Connection Sharing (ICS)
• Third-party utilities

21
SECURITY CENTER
22
FIREWALL TERMINOLOGY

• Packet filtering
• Stateful packet filtering
• Exceptions (packet filter rules)
• Allowed traffic
• Rejected traffic
• Logging

23
ENABLING WINDOWS FIREWALL
24
FIREWALL EXCEPTIONS
25
ADVANCED WINDOWS FIREWALL SETTINGS
26
MONITORING INTERNET SECURITY

• Windows Firewall monitoring
• Service logs
• Event logs

27
WINDOWS FIREWALL ALERTS
28
WINDOWS FIREWALL LOGS
29
SERVER LOGS
30
SUMMARY

• IP addresses are 32-bit binary addresses.
• The network portion of IP addresses determines
  location.
• CIDR allows creation of custom netblocks.
• CIDR permits use of variable-length subnet masks.
• Windows Firewall blocks unauthorized packets.
• Windows Firewall exceptions allow specified
  traffic to pass through the firewall.
• Alerts and logs warn of attempted attacks.