Ssh

ssh

Used to protect against IP spoofing and source routing

SSL

Used to provide security for general Internet services

SATAN

Used for remote scanning of Unix and firewall systems

Kerberos

Used to reduce system vulnerability to .rhosts attacks

Features of the Client/Server authentication exchange:

The client uses the session key from the credentials obtained for the server for a KRB_AP_REP

message

The client and server share an encryption key that can be used by the application

The client verifies that the timestamp field matches that in the authenticator it sent to the server

other

Begins with a prefix followed by a colon and the rest of the name

domain

Consists of components separated by periods

X.500.

Contains an equals sign with the components separated by slashes

reserved

Has no names assigned to it.

Steps used in the authentication process of Kerberos are sequenced as:

A: The client sending a request to the Authentication Server for a ticket

B: The TIcket Granting Ticket being supplied to the client

C: The client requesting a ticket from the Ticket Granting Server

D: A Ticket for the application server or the TIcket Granting Server being provided

E: The Client transmitting the ticket containing the client's identity

F: The session key shared by the client authenticating the client and the server

Steps involved in the search for network vulnerabilities by SATAN:

Scanning the hosts within a proximity level away from the target

Generating reports from the database with the search information

Initiating a search when informed about the target.

1 Local users gain read access to files on the local system

2 Local users gain execute access to nonroot-owned files

3 Local users gain write access to root-owned files

4 Remote users gain read access to files on the system

5 Remote users gain execute access to nonroot-owned files

8 Remote users across a firewall gain write access to files

Method involved in the phase of obtaining access to a system during a network attack: