# IT Security
## CIA Triad
In computer security, CIA stands for confidentiality, integrity, and availability. The **CIA triad** is a guiding model for designing information security policies. 
* **Confidentiality** means keeping things hidden by limiting access to our data. 
* **Integrity** means keeping our data accurate and untampered with. The data that we send or receive should remain the same throughout its entire journey. 
* **Availability** means that the information is readily accessible to people, like being prepared if our data is lost or if our system is down. 

## Security Threats
#### RISK
>**Risk** is the possibility of suffering a loss in the event of an attack on the system. 

#### VULNERABILITY
>**Vulnerability** is a flaw in the system that could be exploited to compromise the system. There's a special type of vulnerability called a **0-day vulnerability** or **zero day** which is unknown to the software developer or vendor, but is known to an attacker. Basically, it refers to the amount of time the software vendor has had to react to and to fix the vulnerability, zero days. 

#### EXPLOIT
>**Exploit** is a software that is used to take advantage of a security bug or vulnerability. Attackers will write up exploits for vulnerabilities they find in software to cause harm to the system. 

#### THREAT
>**Threat** is the possibility of danger that could exploit a vulnerability. 

#### HACKER
>A **hacker** in the security world is someone who attempts to break into or exploit a system. There are actually two common types of hackers: **black hat hackers**, who try to get into systems to do something malicious and **white hat hackers**, who attempt to find weaknesses in a system, but also alert the owners of those systems so that they can fix it before someone else does something malicious. 

#### ATTACK
>**Attack** is an actual attempt at causing harm to a system. 

## Malware and its types
**Malware** is a type of malicious software that can be used to obtain our sensitive information or delete or modify files. Basically, it can be used for any and all unwanted purposes. The most common types of malware are viruses, worms, adware, spyware, Trojans, root kids, backdoors, botnets, etc. 

#### VIRUS
>**Viruses** are the best known type of malware, which attaches itself to some sort of executable code like a program. When the program is running, it touches many files, each of which is now susceptible to being infected with the virus. So, the virus replicates itself on these files, does the malicious work it's intended to do, and repeats this over and over until it spreads as far as it can. 

#### WORM
>**Worms** are similar to viruses except that instead of having to attach themselves onto something to spread, worms can live on their own and spread through channels like the network. 

#### ADWARE
>**Adware** is one of the most visible forms of malware, it is a software that displays advertisements and collects data. 

#### TROJAN
>**Trojan** is malware that disguises itself as one thing but does something else. A computer Trojan has to be accepted by the user, meaning the program has to be executed by the user. No one would willingly install malware on their machine, that's why trojans are meant to entice us to install them by disguising themselves as other software. 

#### SPYWARE
>**Spyware** is the type of malware that's meant to spy on us by monitoring our computer screens, key presses, webcams, and then reporting or streaming all of this information to another party. A keylogger is a common type of spyware that's used to record every keystroke. 

#### RANSOMWARE
>**Ransomware** is a type of attack that holds our data or system hostage until we pay some sort of ransom. 

#### BOTS
>There are malwares that can utilize someone else's machine to perform a task that is centrally controlled by the attacker. These compromised machines are known as **Bots**. If there are a collection of one or more Bots, we call that network of devices a Botnet. 

#### BOTNETS
>**Botnets** are designed to utilize the power of the Internet-connected machines to perform some distributed function, example mining Bitcoin. So instead of having one computer run computations, attackers can now have a thousand computers running computations and raking in more and more Bitcoin. 

#### BACKDOOR
>A **backdoor** is a way to get into a system if the other methods to get in a system aren't allowed, it's a secret entryway for attackers. Backdoors are most commonly installed after an attacker has gain access to our system and wants to maintain that access. 

#### ROOTKIT
>A **rootkit** is a kit for root, meaning a collection of software or tools that an admin would use. It allows admin level modification to an operating system. A rootkit can be hard to detect because it can hide itself from the system using the system itself. The rootkit can be running lots of malicious processes, but at the same time those processes wouldn't show up in task manager because it can hide its own presence. 

#### LOGIC BOMB
>A **logic bomb** is a type of Malware that's intentionally installed, after a certain event or time has triggered, it will run the malicious program. 

## Network Attacks
Some types of network attacks that occur in web are:

#### DNS CACHE POISONING ATTACK
>A **DNS Cache Poisoning attack** works by tricking a DNS server into accepting a fake DNS record that will point us to a compromised DNS server. It then feeds us fake DNS addresses when we try to access legitimate websites. Not only that, DNS Cache Poisoning can spread to other networks too. If other DNS servers are getting their DNS information from a compromised server, they'll serve those bad DNS entries to other hosts. 

#### MAN IN THE MIDDLE ATTACK
>A **man-in-the-middle attack** is an attack that places the attacker in the middle of two hosts that think they're communicating directly with each other. The attack will monitor the information going to and from these hosts, and potentially modify it in transit. A common man-in-the-middle attack is a session hijacking or cookie hijacking. 

#### ROGUE ACCESS POINT ATTACK
>A **rogue access point attack** or **rogue AP attack** defines an access point that is installed on the network without the network administrator's knowledge. For example, in corporate environments, someone may plug a router into their corporate network to create a simple wireless network. This can actually be pretty dangerous, and could grant unauthorized access to an authorized secure network. 

#### EVIL TWIN ATTACK
>It's similar to the rogue AP attack but has a small important difference. The premise of an evil twin attack is for us to connect to a network that is identical to ours. This identical network is our networks evil twin and is controlled by our attacker. Once we connect to it, they will be able to monitor our traffic. 

## DoS Attacks
A **Denial-of-Service**, or **DoS attack**, is an attack that tries to prevent access to a service for legitimate users by overwhelming the network or server. DoS attacks try to take up those resources of a service, and prevent real users from accessing it, example the **Ping of Death** or **POD**. POD works by sending a malformed ping to a computer which would be larger in size than what the internet protocol was made to handle, thus it results in a buffer overflow. This can cause the system to crash and potentially allow the execution of malicious code. 

Another example is a **ping flood**, which sends tons of ping packets to a system. More specifically, it sends ICMP echo requests, since a ping expects an equal number of ICMP echo replies. If a computer can't keep up with this, then it's prone to being overwhelmed and taken down. 

Similar to a ping flood is a **SYN flood**. Remember that to make a TCP connection, a client sends a SYN packet to a server it wants to connect to. Next, the server sends back a SYN-ACK message, then the client sends in ack message. In a SYN flood, the server is being bombarded with the SYN packets. The server is sending back SYN-ACK packets but the attacker is not sending ack messages. This means that the connection stays open and is taking up the server's resources. Other users will be unable to connect to the server which is a big problem. Since the TCP connection is half-open, we also refer to SYN floods as **half-open attacks**.

A DoS attack using multiple systems, is called a **distributed denial-of-service attack** or DDoS. **DDoS attacks** need a large volume of systems to carry out an attack and they're usually helped by botnet attackers. In that scenario, they can gain access to large volumes of machines to perform an attack. 

## Client-Side Attacks
A common security exploit that can occur in software development and runs rampant on the web is the possibility for an attacker to inject malicious code, or **Injection attacks**. Injection attacks can be mitigated with good software development principles, like validating input and sanitizing data. 

**Cross-site scripting**, or **XSS attacks**, are a type of injection attack where the attacker can insert malicious code and target the user of the service. XSS attacks are a common method to achieve a session hijacking. It would be as simple as embedding a malicious script in a website, and the user unknowingly executes the script in their browser. The script could then do malicious things like steal a victims cookies and have access to a log in to a website. 

Another type of injection attack is a **SQL injection attack**. Unlike an XSS that targets a user, a SQL injection attack targets the entire website if the website is using a SQL database. Attackers can potentially run SQL commands that allow them to delete website data, copy it, and run other malicious commands. 

## Password Attacks
**Password attacks** utilize software like password crackers that try and guess our password. A common password attack is a **brute force attack**, which just continuously tries different combinations of characters and letters until it gets access. Since this attack requires testing a lot of combinations of passwords, it usually takes a while to do this. CAPTCHAs are used to distinguish a real human from a machine. In a password attack, if we didn't have a CAPTCHA available, an automated system can just keep trying to log into our account until it found the right password combination. But with a CAPTCHA, it prevents these attacks from executing. Another type of password attack is a **dictionary attack**, which tries out words that are commonly used in passwords, like apple, monkey, football. 

## Deceptive Attacks
**Social engineering** is an attack method that relies heavily on interactions with humans instead of computers. Social engineering is a kind of con game where attackers use deceptive techniques to gain access to personal information. They then try to have a user execute something, and basically scam a victim into doing that thing. 

A popular type of social engineering attack is a **phishing attack**. Phishing usually occurs when a malicious email is sent to a victim disguised as something legitimate. One common phishing attack is an email, saying our bank account has been compromised, and then, gives us a link to click on to reset our password. Another variation of phishing is **spear phishing**. Both phishing schemes have the same end goals, but spearfishing specifically targets individual or group. 

Another popular social engineering attack is **email spoofing**, i.e. when we receive an email with a misleading sender address. Spoofing is when a source is masquerading around as something else. Think of an email spoof. 

One attack happens through actual physical contact, called **baiting**, which is used to entice a victim to do something. For example, an attacker could just leave a USB drive somewhere in hopes that someone out there will plug it into their machine to see what's on it. 

Another popular attack that can occur offline is called **tailgating**, which is essentially gaining access into a restricted area or building by following a real employee in. 


## Crytography
The practice of coding and hiding messages from third parties fore securing messages is called **cryptography**. The study of this practice is referred to as **cryptology**. The opposite of this looking for hidden messages or trying to decipher coded message is referred to as **cryptanalysis**. 

**Encryption** is the act of taking a message (or **plaintext**) and applying an operation to it (called a **cipher**) which returns a garbled output or unreadable message (called **ciphertext**). The reverse process, taking the garbled output and transforming it back into the readable plain text is called **decryption**. A cipher is actually made up of two components, the encryption algorithm and the key. The **encryption algorithm** is the underlying logic or process that's used to convert the plaintext into ciphertext. These algorithms are usually very complex mathematical operations. The other crucial component of a cipher is the **key**, which introduces something unique into our cipher. A **cryptosystem** is a collection of algorithms for key generation and encryption and decryption operations.

**Frequency analysis** is the practice of studying the frequency with which letters appear in ciphertext. The premise behind this type of analysis is that in written languages, certain letters appear more frequently than others, and some letters are more commonly grouped together than others. 

**Steganography** is a related practice but distinctly different from cryptography. It's the practice of hiding information from observers, but not encoding it. Think of writing a message using invisible ink, i.e. the message is in plaintext and no decoding is necessary to read the text but the text is hidden from sight. The ink is invisible and must be made visible using a mechanism known to the recipient. Modern steganographic techniques include embedding messages and even files into other files like images or videos. 

## Security Principles
**Security through obscurity** is a general concept which basically means that we're safe from attackers if no one knows what encryption algorithms or general security practices were used to secure data, i.e. keeping the algorithm secret, our messages are secured from a snooping third party. However, security through obscurity isn't something that we should rely on for securing communication or systems. The system should remain secure, even if our adversary knows exactly what kind of encryption systems we're employing, as long as our keys remain secure. 

**Kerckhoff's principle** is a concept that a cryptosystem that comprise a cryptographic service should remain secure, even if everything about the system is publicly known except for the key. The principle, sometimes referred to as Kerckhoff's axiom or law, forms the basis of open security and security by design and contrasts directly with the deprecated security through obscurity model.

**Shannon’s maxim principle** refines the Kerckhoff's principle by stating that the enemy knows the system. According to this principle, one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them.

## Symmetric Cryptography
**Symmetric-key algorithm** are called symmetric because they use the same key to encrypt and decrypt messages. A **substitution cipher** is an encryption mechanism that replaces parts of our plaintext with ciphertext. In this case, the key would be the mapping of characters between plaintext and ciphertext without knowing what letters get replaced with. A well-known example of a substitution cipher is the **Caesar cipher**, where we're replacing characters in the alphabet with others usually by shifting or rotating the alphabet, a set of numbers or characters. The number of the offset is the key. Another popular example of this is referred to as **ROT-13**, where the alphabet is rotated 13 places, but really ROT-13 is a Caesar cipher that uses a key of 13 as Thirteen is exactly half of the alphabet. 

### Stream and Block Ciphers
There are two more categories that symmetric key ciphers can be placed into, block ciphers and stream ciphers. A **stream cipher** takes a stream of input and encrypts the stream one character or one digit at a time, outputting one encrypted character or digit at a time, i.e. a one- to-one relationship between data in and encrypted data out. The **block ciphers** takes data in, places that into a bucket or block of data that's a fixed size, then encodes that entire block as one unit. If the data to be encrypted isn't big enough to fill the block, the extra space will be padded to ensure the plaintext fits into the blocks evenly. 

Stream ciphers are faster and less complex to implement, but they can be less secure than block ciphers. If the key generation and handling isn't done properly, if the same key is used to encrypt data two or more times, it's possible to break the cipher and to recover the plaintext. 

### Initialization vector
**Initialization vector** or **IV** is used for avoiding key reuse by integrating a bit of random data into the encryption key and the resulting combined key is then used to encrypt the data. The idea behind this is if we have one shared master key, we generate a one-time encryption key which can be used only once by generating a new key using the master one and the IV. In order for the encrypted message to be decoded, the IV must be sent in plaintext along with the encrypted message. 
A good example of this can be seen when inspecting the 802.11 frame of a WEP encrypted wireless packet. 

![Symmetric Cryptography Example](imgs/sym_cryp_ex.png)

The IV is included in plaintext right before the encrypted data payload. 

### Symmetric-key algorithms
**DES** or **Data Encryption Standard** is a symmetric block cipher that uses 64-bit key sizes and operates on blocks 64-bits in size. Though the key size is technically 64-bits in length, 8-bits are used only for parity checking, a simple form of error checking. This means that real world key length for DES is only 56-bits.

The key is the unique piece that protects our data and the symmetric key must be kept secret to ensure the confidentiality of the data being protected. The **key size**, defined in bits, is the total number of bits or data that comprises the encryption key. Basically, it is the upper limit for the total possible keys for a given encryption algorithm and is super important in cryptography since it essentially defines the maximum potential strength of the system. 

**AES** or **Advanced Encryption Standard** is a symmetric block cipher similar to DES that uses 128-bit blocks, twice the size of DES blocks, and supports key lengths of 128-bit, 192-bit, or 256-bit. 

**RC4** or **Rivest Cipher 4** is a symmetric stream cipher that gained widespread adoption because of its simplicity and speed. RC4 supports key sizes from 40-bits to 2,048-bits. The weakness of RC4 aren't due to brute-force attacks, but the cipher itself has inherent weaknesses and vulnerabilities. RC4 was used in a bunch of popular encryption protocols, like WEP for wireless encryption, and WPA, the successor to WEP. It was also supported in SSL and TLS until 2015 when RC4 was dropped in all versions of TLS because of inherent weaknesses. For this reason, most major web browsers have dropped support for RC4 entirely, along with all versions of SSL, and use TLS instead. The preferred secure configuration is **TLS 1.2 with AES GCM**, a specific mode of operation for the AES block cipher that essentially turns it into a stream cipher. 

**GCM**, or **Galois/Counter Mode**, works by taking randomized seed value, incrementing this and encrypting the value, creating sequentially numbered blocks of ciphertexts. The ciphertexts are then incorporated into the plain text to be encrypted. GCM is super popular due to its security being based on AES encryption, along with its performance, and the fact that it can be run in parallel with great efficiency. 

Symmetric-key algorithm are relatively easy to implement and maintain due to their symmetric nature of the encryption and decryption process. Since there's only one shared secret key that needs to be maintained and kept secure, symmetric algorithms are also very fast and efficient at encrypting and decrypting large batches of data, example Wi-Fi password at home.  

## Asymmetric Cryptography
In **asymmetric cryptosystem** or **public key ciphers**, different keys are used to encrypt and decrypt. Consider an example where two persons need to communicate securely using asymmetric encryption. Firstly, both must generate a **private key** through which a **public key** is derived. The strength of the asymmetric encryption system comes from the computational difficulty of figuring out the corresponding private key given a public key. After generating private and public key pairs, they exchange public keys, keeping their private keys as secret. This allows them to begin exchanging secure messages. The first person uses the second person's public key to encrypt his message and sends the ciphertext. The second person receives the message and uses his private key to decrypt the message and read it. Because of the relationship between private and public keys, only the second person's private key can decrypt messages as this message was encrypted using his public key. 

**Public key signatures** or **digital signatures** are used to validate and trust communication when messages are exchanged. This ensures that the message was not modified or tampered with, thus verifying the message's origin and authenticity by combining the message, the digital signature, and the public key. This is an important component of the asymmetric cryptosystem. 

The three concepts that an asymmetric cryptosystem grants us are confidentiality, authenticity, and non-repudiation. Confidentiality is granted through the encryption-decryption mechanism. Authenticity is granted by the digital signature mechanism, as the message can be authenticated or verified that it wasn't tampered with. Non-repudiation means that the author of the message isn't able to dispute the origin of the message. In other words, this allows us to ensure that the message came from the person claiming to be the author. 

Asymmetric encryption allows secure communication over an untrusted channel, but with symmetric encryption, we need some way to securely communicate the shared secret or key with the other party. While asymmetric encryption works really well in untrusted environments, it's also computationally more expensive and complex. On the other hand, symmetric encryption algorithms are faster, and more efficient, and encrypting large amounts of data. In fact, what many secure communications schemes do is take advantage of the relative benefits of both encryption types by using both, for different purposes. For example, an asymmetric encryption algorithm is chosen as a key exchange mechanism or cipher whereas, the data can be sent quickly, efficiently, and securely using a symmetric encryption cipher, once the shared secret is received.

**MACs** or **Message Authentication Codes** are a bit of information that allows authentication of a received message, ensuring that the message came from the alleged sender and not a third party masquerading as them. It also ensures that the message wasn't modified in some way in order to provide data integrity. This sounds super similar to digital signatures using public key cryptography, however it differs slightly since the secret key that's used to generate the MAC is the same one that's used to verify it. In this sense, it's similar to symmetric encryption system and the secret key must be agreed upon by all communicating parties beforehand or shared in some secure way. 

One popular and secure type of MAC called **HMAC** or a **Keyed-Hash Message Authentication Code**. HMAC uses a cryptographic hash function along with a secret key to generate a MAC. Any cryptographic hash functions can be used like  MD5 or SHA, etc and the strength or security of the MAC is dependent upon the underlying security of the cryptographic hash function used. The MAC is sent alongside the message that's being checked. The Mac is verified by the receiver by performing the same operation on the received message, then comparing the computed MAC with the one received with the message. If the MACs are the same, then the message is authenticated. 

There are also MACs based on symmetric encryption ciphers, either block or stream like DES or AES, which are called **CMACs** or **Cipher-Based Message Authentication Codes**. The process is similar to HMAC, but instead of using a hashing function to produce a digest, a symmetric cipher with a shared keys used to encrypt the message and the resulting output is used as the MAC. A specific and popular example of a CMAC though slightly different is **CBC-MAC** or **Cipher Block Chaining Message Authentication Codes**. CBC-MAC is a mechanism for building MACs using block ciphers. This works by taking a message and encrypting it using a block cipher operating in CBC mode. **CBC mode** is an operating mode for block ciphers that incorporates a previously encrypted block cipher text into the next block's plain text. So, it builds a chain of encrypted blocks that require the full, unmodified chain to decrypt. This chain of interdependently encrypted blocks means that any modification to the plain text will result in a different final output at the end of the chain, ensuring message integrity.

### Asymmetric Encryption Algorithms
**RSA** was one of the first practical asymmetric cryptography systems that specifies mechanisms for generation and distribution of keys along with encryption and decryption operation using these keys. The key generation process depends on choosing two unique, random, and usually very large prime numbers. **DSA** or **Digital Signature Algorithm** is another example of an asymmetric encryption system, though its used for signing and verifying data. Similar to RSA, the specification covers the key generation process along with the signing and verifying data using the key pairs. The security of this system is dependent on choosing a random seed value that's incorporated into the signing process. If this value was leaked or if it can be inferred if the prime number isn't truly random, then it's possible for an attacker to recover the private key. 

Another popular key exchange algorithm is **DH** or **Diffie-Hellman**. For instance, assume that two people need to communicate over an unsecured channel, and they agree on the starting number that would be a very large random integer. This number should be different for every session and doesn't need to be secret. Next, each person chooses another randomized large number but this one is kept secret. Then, they combine their shared number with their respective secret number and send the resulting mix to each other. Next, each person combines their secret number with the combined value they received from the previous step. The result is a new value that's the same on both sides without disclosing enough information to any potential eavesdroppers to figure out the shared secret. This algorithm was designed solely for key exchange, though there have been efforts to adapt it for encryption purposes. It's even been used as part of a PKI system or Public Key Infrastructure system. 

**Elliptic curve cryptography** or **ECC** is a public key encryption system that uses the algebraic structure of elliptic curves over finite fields to generate secure keys. Well, traditional public key systems make use of factoring large prime numbers whereas ECC makes use of elliptic curves which is composed of a set of coordinates that fit in equation. Elliptic curves have a couple of interesting and unique properties. One is horizontal symmetry, which means that at any point in the curve can be mirrored along the x axis and still make up the same curve. On top of this, any non-vertical line will intersect the curve in three places at most. Its this last property that allows elliptic curves to be used in encryption. The benefit of elliptic curve based encryption systems is that they are able to achieve security similar to traditional public key systems with smaller key sizes. So, for example, a 256 bit elliptic curve key, would be comparable to a 3,072 bit RSA key. This is really beneficial since it reduces the amount of data needed to be stored and transmitted when dealing with keys. Both Diffie-Hellman and DSA have elliptic curve variants, referred to as **ECDH** and **ECDSA**, respectively. 

## Hashing
**Hashing** or a hash function is a type of function or operation that takes in an arbitrary data input and maps it to an output of a fixed size, called a **hash** or a **digest**. The output size is usually specified in bits of data and is often included in the hashing function name. This means that for any amount of feeded data into a hash function, the resulting output will always be the same size, but the output should be unique to the input, such that two different inputs should never yield the same output. Hash functions have a large number of applications in computing in general, typically used to uniquely identify data. Hashing can also be used to identify duplicate data sets in databases or archives to speed up searching of tables or to remove duplicate data to save space. 

Cryptographic hash functions are used for various applications like authentication, message integrity, fingerprinting, data corruption detection and digital signatures. Cryptographic hashing is distinctly different from encryption because cryptographic hash functions should be one directional. The ideal cryptographic hash function should be deterministic, meaning that the same input value should always return the same hash value. The function should be quick to compute and be efficient. It should be infeasible to reverse the function and recover the plain text from the hash digest. A small change in the input should result in a change in the output so that there is no correlation between the change in the input and the resulting change in the output. Finally, the function should not allow for **hash collisions**, meaning two different inputs mapping to the same output. Cryptographic hash functions are very similar to symmetric key block ciphers and that they operate on blocks of data. In fact, many popular hash functions are actually based on modified block ciphers. 

### Hashing Algorithms
**MD5** is a popular and widely used cryptographic hashing function which operates on a 512 bit blocks and generates 128 bit hash digests. **SHA-1** is part of the secure hash algorithm suite of functions, that operates a 512 bit blocks and generates 160 bit hash digest. SHA-1 is used in popular protocols like TLS/SSL, PGP SSH, and IPsec and is also used in version control systems like Git, which uses hashes to identify revisions and ensure data integrity by detecting corruption or tampering. **MIC** or **message integrity check** is essentially a hash digest of the message. In other words, it can be considered as check sum for the message, ensuring that the contents of the message weren't modified in transit. But this is distinctly different from a MAC as it doesn't use secret keys, which means the message isn't authenticated. There's nothing stopping an attacker from altering the message, recomputing the checksum, and modifying the MIC attached to the message. MICs can protect against accidental corruption or loss, but not against tampering or malicious actions.

**Md5sum** is a hashing program that calculates and verifies 128-bit MD5 hashes. As with all hashing algorithms, theoretically, there’s an unlimited number of files that will have any given MD5 hash. Md5sum is used to verify the integrity of files. Similarly, **shasum** is an encryption program that calculates and verifies SHA hashes. It’s also commonly used to verify the integrity of files.

In the authentication scenario, password shouldn't be stored in plain text, rather we must store a hash of the password. In order to protect against brute force attacks, the password must run through the hashing function multiple times, thus significantly increasing more computations for each password guess attempt. **Rainbow tables** are used by bad actors to help speed up the process of recovering passwords from stolen password hashes. A rainbow table is just a pre-computed table of all possible password values and their corresponding hashes. The idea behind rainbow table attacks is to trade computational power for disk space by pre-computing the hashes and storing them in a table. An attacker can determine what the corresponding password is for a given hash by just looking up the hash in their rainbow table. This is unlike a brute force attack where the hash is computed for each guess attempt. 

A **password salt** is additional randomized data that's added into the hashing function to generate the hash that's unique to the password and salt combination. A randomly chosen large salt is concatenated or tacked onto the end of the password. The combination of salt and password is then run through the hashing function to generate hash which is then stored alongside the salt. What this means now for an attacker is that they'd have to compute a rainbow table for each possible salt value. If a large salt is used, the computational and storage requirements to generate useful rainbow tables becomes almost unfeasible, for example early Unix systems used a 12 Bit salt, which amounts to a total of 4,096 possible salts. Modern systems like Linux, BSD and Solaris use a 128 bit salt.


## Cryptography Applications
### Public Key Infrastructure
**PKI** or **Public Key Infrastructure** is a system that defines the creation, storage and distribution of digital certificates. A **digital certificate** is a file that proves that an entity owns a certain public key. A certificate contains information about the public key, the entity it belongs to and a digital signature from another party that has verified this information. If the signature is valid and we trust the entity that signed the certificate, then we can trust the public key to be used to securely communicate with the entity that owns it. The entity that's responsible for storing, issuing, and signing certificates is referred to as **CA**, or **Certificate Authority**. It's a crucial component of the PKI system. There's also an **RA**, or **Registration Authority**, that's responsible for verifying the identities of any entities requesting certificates to be signed and stored with the CA. This role is usually lumped together with the CA. A central repository is needed to securely store and index keys and a certificate management system of some sort makes managing access to storage certificates and issuance of certificates easier. 

There are a few different types of certificates that have different applications or uses. **SSL or TLS server certificate** is a certificate that a web server presents to a client as part of the initial secure setup of an SSL, TLS connection. The client (usually a web browser) verifies that the subject of the certificate matches the host name of the server the client is trying to connect to. The client will also verify that the certificate is signed by a certificate authority that the client trusts. It's possible for a certificate to be valid for multiple host names. In some cases, a wild card certificate can be issued where the host name is replaced with an asterisk, denoting validity for all host names within a domain. 

It's also possible for a server to use what's called a **Self Sign Certificate**. This certificate has been signed by the same entity that issued the certificate. This would basically be signing our own public key using our private key.

Another certificate type is an **SSL or TLS client certificate**. This is an optional component of SSL, TLS connections and is less commonly seen than server certificates. As the name implies, these are certificates that are bound to clients and are used to authenticate the client to the server, allowing access control to a SSL, TLS service. These are different from server certificates in that the client certificates aren't issued by a public CA. Usually the service operator would have their own internal CA which issues and manages client certificates for their service. 

There are also **code signing certificates** which are used for signing executable programs. This allows users of these signed applications to verify the signatures and ensure that the application was not tampered with. It also lets them verify that the application came from the software author and is not a malicious twin. 

PKI is very much dependent on trust relationships between entities, and building a network or chain of trust. This chain of trust has to start somewhere and that starts with the **Root Certificate Authority**. These root certificates are self signed because they are the start of the chain of trust. So there's no higher authority that can sign on their behalf. This Root Certificate Authority can now use the self-signed certificate and the associated private key to begin signing other public keys and issuing certificates. It builds a sort of tree structure with the root private key at the top of the structure. If the root CA signs a certificate and sets a field in the certificate called CA to true, this marks a certificate as an **intermediary or subordinate CA**. What this means is that the entity that this certificate was issued to can now sign other certificates. And this CA has the same trust as the root CA. An intermediary CA can also sign other intermediate CAs. This extension of trust from one root CA to intermediaries can begin to build a chain. A certificate that has no authority as a CA is referred to as an **End Entity or Leaf Certificate**. Similar to a leaf on a tree, it's the end of the tree structure and can be considered the opposite of the roots. In order to bootstrap this chain of trust, we have to trust a root CA certificate, otherwise the whole chain is untrusted. This is done by distributing root CA certificates via alternative channels. Each major OS vendor ships a large number of trusted root CA certificates with their OS. And they typically have their own programs to facilitate distribution of root CA certificates.

The **X.509 standard** is the format of digital certificates. It also defines a **certificate revocation list** or **CRL** which is a means to distribute a list of certificates that are no longer valid. The fields defined in X.509 certificate are:
* *Version* represents what version of the X.509 standard certificate adheres to. 
* *Serial number* defines a unique identifier for their certificate assigned by the CA which allows the CA to manage and identify individual certificates. 
* *Certificate Signature Algorithm* field indicates what public key algorithm is used for the public key and what hashing algorithm is used to sign the certificate. 
* *Issuer Name* field contains information about the authority that signed the certificate. 
* *Validity* field contains two subfields, Not Before and Not After, which define the dates when the certificate is valid for. 
* *Subject* field contains identifying information about the entity the certificate was issued to. 
* *Subject Public Key Info*, these two subfields define the algorithm of the public key along with the public key itself. Certificate signature algorithm, same as the Subject Public Key Info field, these two fields must match. 
* *Certificate Signature Value*, the digital signature data itself. There are also certificate fingerprints which aren't actually fields in the certificate itself, but are computed by clients when validating or inspecting certificates. These are just hash digests of the whole certificate. 

An alternative to the centralized PKI model of establishing trust and binding identities is the Web of Trust. A **Web of Trust** is where individuals instead of certificate authorities sign other individuals' public keys. Before an individual signs a key, they should first verify the person's identity through an agreed upon mechanism. Once they determine the person is who they claim to be, signing their public key is basically vouching for this person. This process would be reciprocal, meaning both parties would sign each other's keys. Usually people who are interested in establishing web of trust will organize what are called **Key Signing Parties** where participants performed the same verification and signing. At the end of the party everyone's public key should have been signed by every other participant establishing a web of trust. In the future when one of these participants in the initial key signing party establishes trust with a new member, the web of trust extends to include this new member and other individuals they also trust. This allows separate webs of trust to be bridged by individuals and allows the network of trust to grow.

### Securing Network Traffic
**HTTPS** is the secure version of HTTP, the Hypertext Transfer Protocol. It can also be called **HTTP over SSL or TLS** since it's essentially encapsulating the HTTP traffic over an encrypted, secured channel utilizing SSL or TLS. TLS is actually independent of HTTPS, and is actually a generic protocol to permit secure communications and authentication over a network. TLS is also used to secure other communications aside from web browsing, like VoIP calls such as Skype or Hangouts, email, instant messaging, and even Wi-Fi network security. 

TLS grants us three things. One, a secure communication line, which means data being transmitted is protected from potential eavesdroppers. Two, the ability to authenticate both parties communicating, though typically, only the server is authenticated by the client. And three, the integrity of communications, meaning there are checks to ensure that messages aren't lost or altered in transit. TLS essentially provides a secure channel for an application to communicate with a service, but there must be a mechanism to establish this channel initially. This is what's referred to as a **TLS handshake**. 

The handshake process kicks off with a client establishing a connection with a TLS enabled service, referred to in the protocol as ClientHello. This includes information about the client, like the version of the TLS that the client supports, a list of cipher suites that it supports, and maybe some additional TLS options. The server then responds with a ServerHello message, in which it selects the highest protocol version in common with the client, and chooses a cipher suite from the list to use. It also transmits its digital certificate and a final ServerHelloDone message. The client will then validate the certificate that the server sent over to ensure that it's trusted and it's for the appropriate host name. Assuming the certificate checks out, the client then sends a ClientKeyExchange message. This is when the client chooses a key exchange mechanism to securely establish a shared secret with the server, which will be used with a symmetric encryption cipher to encrypt all further communications. The client also sends a ChangeCipherSpec message indicating that it's switching to secure communications now that it has all the information needed to begin communicating over the secure channel. This is followed by an encrypted Finished message which also serves to verify that the handshake completed successfully.

![tls_handshake.png](imgs/tls_handshake.png)

The server replies with a ChangeCipherSpec and an encrypted Finished message once the shared secret is received. Once complete, application data can begin to flow over the now the secured channel. The session key is the shared symmetric encryption key using TLS sessions to encrypt data being sent back and forth. Since this key is derived from the public-private key, if the private key is compromised, there's potential for an attacker to decode all previously transmitted messages that were encoded using keys derived from this private key.

To defend against this, there's a concept of **forward secrecy**. This is a property of a cryptographic system so that even in the event that the private key is compromised, the session keys are still safe. The **SSH**, or **secure shell**, is a secure network protocol that uses encryption to allow access to a network service over unsecured networks. This protocol is super flexible and has provisions for allowing arbitrary networks and traffic over those ports to be tunneled over the encrypted channel. It was originally designed as a secure replacement for the Telnet protocol and other unsecured remote login shell protocols like rlogin or r-exec. It's very important that remote login and shell protocols use encryption, otherwise these services will be transmitting usernames and passwords, along with keystrokes and terminal output in plain text. 

SSH uses public key cryptography to authenticate the remote machine that the client is connecting to, and has provisions to allow user authentication via client certificates. The SSH protocol is very flexible and modular, and supports a wide variety of different key exchange mechanisms like Diffie-Hellman, along with a variety of symmetric encryption ciphers. It also supports a variety of authentication methods, including custom ones that we can write. When using public key authentication, a key pair is generated by the user who wants to authenticate. They then must distribute those public keys to all systems that they want to authenticate to using the key pair. When authenticating, SSH will ensure that the public key being presented matches the private key, which should never leave the user's possession.

**PGP** or **Pretty Good Privacy** is an encryption application that allows authentication of data along with privacy from third parties relying upon asymmetric encryption to achieve this. It's most commonly used for encrypted email communication, but it's also available as a full disk encryption solution or for encrypting arbitrary files, documents, or folders. PGP is widely regarded as very secure, with no known mechanisms to break the encryption via cryptographic or computational means. Originally, PGP used the RSA algorithm, but that was eventually replaced with DSA to avoid issues with licensing.

**VPN** or **Virtual Private Network** is a mechanism that allows us to remotely connect a host or network to an internal private network, passing the data over a public channel, like the Internet. We can think of this as a sort of encrypted tunnel where all of our remote system's network traffic would flow, transparently channeling our packets via the tunnel through the remote private network. A VPN can also be point-to-point, where two gateways are connected via a VPN, i.e. bridging two private networks through an encrypted tunnel. There are a bunch of VPN solutions using different approaches and protocols with differing benefits and tradeoffs. **IPsec**, or **Internet Protocol Security**, is a VPN protocol that was designed in conjunction with IPv6. IPsec works by encrypting an IP packet and encapsulating the encrypted packet inside an IPsec packet. This encrypted packet then gets routed to the VPN endpoint where the packet is de-encapsulated and decrypted then sent to the final destination. IPsec supports two modes of operations, transport mode and tunnel mode. When **transport mode** is used, only the payload of the IP packet is encrypted, leaving the IP headers untouched. Header values are hashed and verified, along with the transport and application layers. This would prevent the use of anything that would modify these values, like NAT or PAT. In **tunnel mode**, the entire IP packet, header, payload, and all, is encrypted and encapsulated inside a new IP packet with new headers. 

While not a VPN solution itself, **L2TP**, or **Layer 2 Tunneling Protocol**, is typically used to support VPNs. A common implementation of L2TP is in conjunction with IPsec when data confidentially is needed, since L2TP doesn't provide encryption itself. It's a simple tunneling protocol that allows encapsulation of different protocols or traffic over a network that may not support the type of traffic being sent. L2TP can also just segregate and manage the traffic. ISPs will use the L2TP to deliver network access to a customer's endpoint, for example. The combination of L2TP and IPsec is referred to as **L2TP IPsec** and was officially standardized in IETF RFC 3193. The establishment of an L2TP IPsec connection works by first negotiating an IPsec security association which negotiates the details of the secure connection, including key exchange, if used. It can also share secrets, public keys, and a number of other mechanisms. Next, secure communication is established using **Encapsulating Security Payload**. It's a part of the IPsec suite of protocols, which encapsulates IP packets, providing confidentiality, integrity, and authentication of the packets. Once secure encapsulation has been established, negotiation and establishment of the L2TP tunnel can proceed. L2TP packets are now encapsulated by IPsec, protecting information about the private internal network. An important distinction to make in this setup is the difference between the tunnel and the secure channel. The tunnel is provided by L2TP, which permits the passing of unmodified packets from one network to another. The secure channel, on the other hand, is provided by IPsec, which provides confidentiality, integrity, and authentication of data being passed. 

**OpenSSL** is a commercial-grade utility toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It’s also a general-purpose cryptography library. SSL TLS is also used in some VPN implementations to secure network traffic, as opposed to individual sessions or connections. An example of this is **OpenVPN**, which uses the OpenSSL library to handle key exchange and encryption of data, along with control channels. This also enables OpenVPN to make use of all the cyphers implemented by the OpenSSL library. Authentication methods supported are pre-shared secrets, certificate-based, and username password. Certificate-based authentication would be the most secure option, but it requires more support and management overhead since every client must have a certificate. Username and password authentication can be used in conjunction with certificate authentication, providing additional layers of security. It should be called out that OpenVPN doesn't implement username and password authentication directly as it uses modules to plug into authentication systems. OpenVPN can operate over either TCP or UDP, typically over port 1194. It supports pushing network configuration options from the server to a client and it supports two interfaces for networking. It can either rely on a Layer 3 IP tunnel or a Layer 2 Ethernet tap. The Ethernet tap is more flexible, allowing it to carry a wider range of traffic. From the security perspective, OpenVPN supports up to 256-bit encryption through the OpenSSL library. It also runs in user space, limiting the seriousness of potential vulnerabilities that might be present. 

### Cryptographic Hardware
**Trusted Platform Module** or **TPM** is a hardware device that's typically integrated into the hardware of a computer, that's a dedicated crypto processor. TPM offers secure generation of keys, random number generation, remote attestation, and data binding and sealing. A TPM has unique secret RSA key burned into the hardware at the time of manufacture, which allows a TPM to perform things like hardware authentication. This can detect unauthorized hardware changes to a system. **Remote attestation** is the idea of a system authenticating its software and hardware configuration to a remote system. This enables the remote system to determine the integrity of the remote system. This can be done using a TPM by generating a secure hash of the system configuration, using the unique RSA key embedded in the TPM itself. 

Another use of this secret hardware backed encryption key is **data binding and sealing**. It involves using the secret key to derive a unique key that's then used for encryption of data. Basically, this binds encrypted data to the TPM and by extension, the system the TPM is installed in, sends only the keys stored in hardware in the TPM will be able to decrypt the data. Data sealing is similar to binding since data is encrypted using the hardware backed encryption key. But, in order for the data to be decrypted, the TPM must be in a specified state. TPM is a standard with several revisions that can be implemented as a discrete hardware chip, integrated into another chip in a system, implemented in firmware software or virtualize then a hypervisor. The most secure implementation is the discrete chip, since these chip packages also incorporate physical tamper resistance to prevent physical attacks on the chip. 

Mobile devices have something similar referred to as a **secure element**. Similar to a TPM, it's a tamper resistant chip often embedded in the microprocessor or integrated into the mainboard of a mobile device. It supplies secure storage of cryptographic keys and provides a secure environment for applications. An evolution of secure elements is the **Trusted Execution Environment** or **TEE** which takes the concept a bit further. It provides a full-blown isolated execution environment that runs alongside the main OS. This provides isolation of the applications from the main OS and other applications installed there. It also isolates secure processes from each other when running in the TEE. TPMs have received criticism around trusting the manufacturer. Since the secret key is burned into the hardware at the time of manufacture, the manufacturer would have access to this key at the time. It is possible for the manufacturer to store the keys that could then be used to duplicate a TPM, that could break the security the module is supposed to provide. 

TPMs are most commonly used to ensure platform integrity, preventing unauthorized changes to the system either in software or hardware, and full disk encryption utilizing the TPM to protect the entire contents of the disk. **Full Disk Encryption** or **FDE** is the practice of encrypting the entire drive in the system and not just sensitive files in the system. This allows us to protect the entire contents of the disk from data theft or tampering. There are a bunch of options for implementing FDE like the commercial product PGP, Bitlocker from Microsoft, which integrates very well with TPMs, Filevault 2 from Apple, and the open source software dm-crypt, which provides encryption for Linux systems. 

An FDE configuration will have one partition or logical partition that holds the data to be encrypted. Typically, the root volume, where the OS is installed. But, in order for the volume to be booted, it must first be unlocked at boot time. Because the volume is encrypted, the BIOS can't access data on this volume for boot purposes. This is why FDE configurations will have a small unencrypted boot partition that contains elements like the kernel, bootloader and a netRD. At boot time, these elements are loaded which then prompts the user to enter a passphrase to unlock the disk and continue the boot process. FDE can also incorporate the TPM, utilizing the TPM encryption keys to protect the disk. And, it has platform integrity to prevent unlocking of the disk if the system configuration is changed. This protects against attacks like hardware tampering, and disk theft or cloning. 

The selection of random numbers is a very important concept in encryption because if our number selection process isn't truly random, then there can be some kind of pattern that an adversary can discover through close observation and analysis of encrypted messages over time. Something that isn't truly random is referred to as **pseudo-random**. It's for this reason that operating systems maintain what's referred to as an **entropy pool**. This is essentially a source of random data to help seed random number generators. There's also dedicated random number generators and pseudo-random number generators, that can be incorporated into a security appliance or server to ensure that truly random numbers are chosen when generating cryptographic keys.

## ACTIVITY: Create/inspect key pair, encrypt/decrypt and sign/verify using OpenSSL in a LINUX server

#### STEP 1: Generating a private key
```shell
openssl genrsa -out private_key.pem 2048
```
This command creates a 2048-bit RSA key, called "private_key.pem". The name of the key is specified after the "-out" flag, and typically ends in ".pem". The number of bits is specified with the last argument. To view our new private key, use "cat" to print it to the screen, just like any other file:
```shell
cat private_key.pem
```
The contents of the private key file should look like a large jumble of random characters.

#### STEP 2: Generating a public key
```shell
openssl rsa -in private_key.pem -outform PEM -pubout -out public_key.pem
```
For viewing the public key file:
```shell
cat public_key.pem
```
It should look like a bunch of random characters, like the private key, but different and slightly shorter.

#### STEP 3: Creating a text file with some information
```shell
echo 'This is a secret message, for authorized parties only' > secret.txt
```
It will create a new text file called "secret.txt" which just contains the text, "This is a secret message, for authorized parties only".

#### STEP 4: Encrypt the file using our public key
```shell
openssl rsautl -encrypt -pubin -inkey public_key.pem -in secret.txt -out secret.enc
```
This creates the file "secret.enc", which is an encrypted version of "secret.txt". For displaying the encrypted file:
```shell
cat secret.enc
```
On viewing the contents of the encrypted file, the output is garbled.

#### STEP 5: Decrypt the file using our private key
```shell
openssl rsautl -decrypt -inkey private_key.pem -in secret.enc
```
This will print the contents of the decrypted file to the screen, which should match the contents of "secret.txt".

#### STEP 6: Create a hash digest of the message
```shell
openssl dgst -sha256 -sign private_key.pem -out secret.txt.sha256 secret.txt
```
This creates a file called "secret.txt.sha256" using our private key, which contains the hash digest of our secret text file.

#### STEP 7: Verifying the file
```shell
openssl dgst -sha256 -verify public_key.pem -signature secret.txt.sha256 secret.txt
```
This should show the following output, indicating that the verification was successful and the file hasn't been modified by a malicious third party.

## ACTIVITY: Hands on with Hashing


#### STEP 1: Creating a text file with some information
```shell
echo 'This is some text in a file, just so we have some data' > file.txt
```
It will create a new text file called "file.txt" which just contains the text, "This is some text in a file, just so we have some data".

#### STEP 2: Generate the MD5 sum for the file and store it
```shell
md5sum file.txt > file.txt.md5
```
This creates the MD5 hash, and saves it to a new file. For printing its contents to the screen:
```shell
cat file.txt.md5
```
This should print the hash to the terminal.

#### STEP 3: Verifying MD5 hash
```shell
md5sum -c file.txt.md5
```
This indicates that the hash is valid.

#### STEP 4: Verifying an invalid file
Creating a copy of original 'file.txt' and then generate a new md5sum for the new file
```shell
cp file.txt badfile.txt
md5sum badfile.txt > badfile.txt.md5
```
Note that the resulting hash is identical to the hash for our original file.txt despite the filenames being different. This is because hashing only looks at the data, not the metadata of the file. This can be veriifed as:
```shell
cat badfile.txt.md5
cat file.txt.md5
```
Next, we wll modify the 'badfile.txt' by appending space character in the end of file.
```shell
nano badfile.txt
```
Save the file above and try verifying the hash again.
```shell
md5sum -c badfile.txt.md5
```
A message will be displayed which shows that the verification wasn't successful.

To see how different the hash of the edited file is, generate a new hash and inspect it
```shell
md5sum badfile.txt > new.badfile.txt.md5
cat new.badfile.txt.md5
```

#### STEP 5: Create the SHA1 sum and save it to a file
```shell
shasum file.txt > file.txt.sha1
```
This creates the SHA1 hash, and saves it to a new file. View it by printing it to the screen:
```shell
cat file.txt.sha1
```
This should print the hash to the terminal.

#### STEP 6: Verifying SHA1 hash
```shell
shasum -c file.txt.sha1
```
This indicates that the hash is valid.

#### STEP 7: Create the SHA256 sum and save it to a file
```shell
shasum -a 256 file.txt > file.txt.sha256
```
The **-a** flag specifies the algorithm to use, and defaults to SHA1 if nothing is specified. This creates the SHA1 hash, and saves it to a new file. View it by printing it to the screen:
```shell
cat file.txt.sha256
```
This should print the hash to the terminal. SHA256's increased security comes from it creating a longer hash that's harder to guess. We can see that the contents of the file here are much longer than the SHA1 file.

#### STEP 8: Verifying SHA256 hash
```shell
shasum -c file.txt.sha256
```
This indicates that the hash is valid.

### Network Hardening Best Practices

**Network hardening** is the process of securing a network by reducing its potential vulnerabilities through configuration changes, and taking specific steps. Networks would be much safer if we disable access to network services that aren't needed and enforce access restrictions. 

Implicit deny is a network security concept where anything not explicitly permitted or allowed should be denied. This is different from blocking all traffic, since an implicit deny configuration will still let traffic pass that we've defined as allowed using ACL configurations. This can usually be configured on a firewall which makes it easier to build secure firewall rules. Instead of requiring us to specifically block all traffic we don't want, we can just create rules for traffic that we need to go through. We can think of this as whitelisting, as opposed to blacklisting. While this is slightly less convenient, it's a much more secure configuration. Before a new service will work, a new rule must be defined for it reducing convenience a bit. 

Another very important component of network security is monitoring and analyzing traffic on your network. There are a couple of reasons why monitoring your network is so important. The first is that it lets you establish a baseline of what your typical network traffic looks like. This is key because in order to know what unusual or potential attack traffic looks like, you need to know what normal traffic looks like. You can do this through network traffic monitoring and logs analysis. We'll dive deeper into what network traffic monitoring is a bit later, but let's quickly summarize how laws can be helpful in this context. Analyzing logs is the practice of collecting logs from different network and sometimes client devices on your network, then performing an automated analysis on them. This will highlight potential intrusions, signs of malware infections or a typical behavior. You'd want to analyze things like firewall logs, authentication server logs, and application logs. As an IT support specialist, you should pay close attention to any external facing devices or services. They're subject to a lot more potentially malicious traffic which increases the risk of compromise. Analysis of logs would involve looking for specific log messages of interests, like with firewall logs. Attempted connections to an internal service from an untrusted source address may be worth investigating. Connections from the internal network to known address ranges of Botnet command and control servers could mean there's a compromised machine on the network. 

Logs analysis systems are configured using user-defined rules to match interesting or a typical log entries. These can then be surfaced through an alerting system to let security engineers investigate the alert. Part of this alerting process would also involve categorizing the alert, based on the rule matched. We'd also need to assign a priority to facilitate this investigation and to permit better searching or filtering. Alerts could take the form of sending an email or an SMS with information, and a link to the event that was detected. 

Normalizing logged data is an important step, since logs from different devices and systems may not be formatted in a common way. We might need to convert log components into a common format to make analysis easier for analysts, and rule-based detection systems, this also makes correlation analysis easier. Correlation analysis is the process of taking log data from different systems, and matching events across the systems. So, if we see a suspicious connection coming from a suspect source address and the firewall logs to our authentication server, we might want to correlate that logged connection with the log data of the authentication server. That would show us any authentication attempts made by the suspicious client. This type of logs analysis is also super important in investigating and recreating the events that happened once a compromise is detected. This is usually called a post fail analysis, since it's investigating how a compromise happened after the breach is detected. Detailed logging and analysis of logs would allow for detailed reconstruction of the events that led to the compromise. It could also help determine the extent and severity of the compromise. Detailed logging would also be able to show if further systems were compromised after the initial breach. It would also tell us whether or not any data was stolen, and if it was, what that data was. One popular and powerful logs analysis system is Splunk, a very flexible and extensible log aggregation and search system. Splunk can grab logs data from a wide variety of systems, and in large amounts of formats. It can also be configured to generate alerts, and allows for powerful visualization of activity based on logged data. 

Flood guards provide protection against Dos or denial of service attacks. This works by identifying common flood attack types like sin floods or UDP floods. It then triggers alerts once a configurable threshold of traffic is reached. There's another threshold called the activation threshold. When this one is reached, it triggers a pre-configured action. This will typically block the identified attack traffic for a specific amount of time. This is usually a feature on enterprise grade routers or firewalls, though it's a general security concept. A common open source flood guard protection tool is failed to ban. It watches for signs of an attack on a system, and blocks further attempts from a suspected attack address. 

Fail to ban is a popular tool for smaller scale organizations. This flood guard protection can also be described as a form of intrusion prevention system. 

Network separation or network segmentation is a good security principle for an IT support specialists to implement as it permits more flexible management of the network, and provides some security benefits. This is the concept of using VLANs to create virtual networks for different device classes or types. Think of it as creating dedicated virtual networks for your employees to use, but also having separate networks for your printers to connect to. The idea here is that the printers won't need access to the same network resources that employees do. It probably doesn't make sense to have the printers on the employee network. You might be wondering how employees are supposed to print if the printers are on a different network. It's actually one of the benefits of network separation, since we can control and monitor the flow of traffic between networks more easily. To give employees access to printers, we'd configure routing between the two networks on our routers. We'd also implement network ackles that permit the appropriate traffic.




### Nework Hardware Hardening


DHCP is the protocol where devices on a network are assigned critical configuration information for communicating on the network. If an attacker can manage to deploy a rogue DHCP server on our network, they could hand out DHCP leases with whatever information they want. This includes setting a gateway address or DNS server, that's actually a machine within their control. This gives them access to our traffic and opens the door for future attacks. We call this type of attack a rogue DHCP server attack. To protect against this rogue DHCP server attack, enterprise switches offer a feature called DHCP snooping. A switch that has DHCP snooping will monitor DHCP traffic being sent across it. It will also track IP assignments and map them to hosts connected to switch ports. This basically builds a map of assigned IP addresses to physical switch ports. This information can also be used to protect against IP spoofing and ARP poisoning attacks. DHCP snooping also makes us designate either a trusted DHCP server IP, if it's operating as a DHCP helper, and forwarding DHCP requests to the server, or we can enable DHCP snooping trust on the uplinked port, where legitimate DHCP responses would now come from. Now any DHCP responses coming from either an untrusted IP address or from a downlinked switch port would be detected as untrusted and discarded by the switch. Let's talk about another form of network hardware hardening, Dynamic ARP inspection. We covered ARP earlier from the how does it function standpoint. ARP allows for a layer to men-in-the-middle attack because of the unauthenticated nature of ARP. It allows an attacker to forge an ARP response, advertising its MAC address as the physical address matching a victim's IP address. This type of ARP response is called a gratuitous ARP response, since it's effectively answering a query that no one made. When this happens, all of the clients on the local network segment would cache this ARP entry. Because of the forged ARP entry, they send frames intended for the victim's IP address to the attacker's machine instead. The attacker could enable IP forwarding, which would let them transparently monitor traffic intended for the victim. They could also manipulate or modify data. Dynamic ARP inspection or DAI is another feature on enterprise switches that prevents this type of attack. It requires the use of DHCP snooping to establish a trusted binding of IP addresses to switch ports. DAI will detect these forged gratuitous ARP packets and drop them. It does this because it has a table from DHCP snooping that has the authoritative IP address assignments per port. DAI also enforces great limiting of ARP packets per port to prevent ARP scanning. An attacker is likely to ARP scan before attempting the ARP attack. To prevent IP spoofing attacks, IP source guard or IPSG can be enabled on enterprise switches along with DHCP snooping. If you're an IT Support Specialist at a small company that uses enterprise-class switch hardware, you'll probably utilize IPSG. It works by using the DHCP snooping table to dynamically create ACLs for each switchboard. This drops packets that don't match the IP address for the port based on the DHCP snooping table. Now, if you really want to lock down your network, you can implement 802.1X. We've added details about how to configure this in the supplementary reading. But for now, let's discuss this at a high level. It's important for an IT Support Specialist to be aware of 802.1X. This is the IEEE standard for encapsulating EAP or Extensible Authentication Protocol traffic over the 802 networks. This is also called EAP over LAN or EAPOL, it was originally designed for Ethernet but support was added for other network types like Wi-Fi and fiber networks. We won't go into the details of all EAP authentication types supported. There are about 100 compatible types, so it would take way too long. But we'll take a closer look at EAP-TLS since it's one of the more common and secure EAP methods. When a client wants to authenticate to a network using 802.1X, there are three parties involved. The client device is what we call the supplicant. It's sometimes also used to refer to the software running on the client machine that handles the authentication process for the user. The open source Linux utility wpa_supplicant is one of those. The supplicant communicates with the authenticator, which acts as a sort of gatekeeper for the network. It requires clients to successfully authenticate to the network before they're allowed to communicate with the network. This is usually an enterprise switch or an access point in the case of wireless networks. It's important to call out that while the supplicant communicates with the authenticator, it's not actually the authenticator that makes the authentication decision. The authenticator acts like a go between and forwards the authentication request to the authentication server. That's where the actual credential verification and authentication occurs. The authentication server is usually a RADIUS server. EAP-TLS is an authentication type supported by EAP that uses TLS to provide mutual authentication of both the client and the authenticating server. This is considered one of the more secure configurations for wireless security, so it's definitely possible that you'll encounter this authentication type in your IT career. Like with many of these protocols, understanding how it works can help you if you need to troubleshoot. You might remember from Course 4 that HTTPS is a combination of the hypertext transfer protocol, HTTP, with SSL-TLS cryptographic protocols. When TLS is implemented for HTTPS traffic, it specifies a client's certificate as an optional factor of authentication. Similarly, most EAP-TLS implementations require client-side certificates. Authentication can be certificate-based, which requires a client to present a valid certificate that's signed by the authenticating CA, or a client can use a certificate in conjunction with a username, password, and even a second factor of authentication, like a one-time password. The security of EAP-TLS stems from the inherent security that the TLS protocol and PKI provide. That also means that the pitfalls are the same when it comes to properly managing PKI elements. You have to safeguard private keys appropriately and ensure distribution of the CA certificate to client devices to allow verification of the server-side. Even more secure configuration for EAP-TLS would be to bind the client-side certificates to the client platforms using TPMs. This would prevent theft of the certificates from client machines. When you combine this with FDE, even theft of a computer would prevent compromise of the network. We're covering a lot of complex processes right now, so feel free to watch this video again so that the material really sinks in. If you're really interested in implementing these processes yourself or want to dive into even more details about how it all works, check out the supplementary readings for this lesson. Keep in mind, as an IT Support Specialist, you don't need to know every single step-by-step detail here. Knowing what these processes are and how they work can be very beneficial while troubleshooting and evaluating infrastructure security. When you're ready, I'll catch you on the next video.




