Implementing NI – 4/21/2008
Securing our server communication was the topic at hand today. The first chapter we covered today, chapter 5, dealt with security in a general sense, discussing topics such as:
- the differences between permissions and rights
- using Security Configuration and Analysis
- EFS (Encrypting File System)
Next, after a good hearty meal of Taco Bell, we moved on to Chapter 6, which dealt with IPSec. IPSec is simply a way to encrypt TCP/IP communication. This technology is typically used to lock down Virtual Private Networks (VPNs) and protect them from the prying eyes of the Internet. One of the coolest exercises we did today (and actually one of my favorites we do in the whole program) was to use Network Monitor to intercept data transmission and analyze it. Using Network Monitor, we were able to see first-hand why FTP communication is so dangerous — user names and passwords are both sent completely unencrypted. To try and battle against this obvious danger, we implemented an IPSec policy which encrypted FTP communication and allowed anyone “sniffing” packets to get just a bunch of garbled mess.
Homework:
- Chapter Five: Review Questions
- Chapter Six: Review Questions
