Chapter 3: Communications Security

 < Day Day Up > 



The focus of this chapter is communications security. Technically, communications security should really be covered as a subset of network security and included in Chapter 4. However, in order to keep you in line with the current CompTIA Security+ domain objectives and exam structure, this book has been tailored to follow the CompTIA domain and domain subset structure. Therefore, communications security has its own chapter.

The first two chapters of this book introduced you to several of the topics discussed in this chapter. This chapter will further assist you with understanding the details of these topics as well as introduce you to several new topics related to network communications security.

Remote Access

Remote access is defined as the ability to make a connection to a network or computing system from outside the normal internal network perimeter. In human terms, it is the ability to connect to a network from a distance. Typically, remote access is provided to roaming users such as telecommuters, sales, marketing, and business travelers requiring access to their company’s WAN or LAN resources.

Remote access is usually acquired via a dial-up connection through a modem or a more expensive dedicated line that connects a client computer to a remote network. Modern day cable modems, DSL (Digital Subscriber Line), and wireless technologies can also be used to allow remote access at much faster speeds than the traditional dial-up analog connections.

The main benefits of implementing and using remote access technologies can be seen in the reduction of cost and support of dedicated lines and the ability of workers to extend services outside of the LAN or office area. In other words, the people who know your products and services can meet with and support clients, potential clients, and vendors. Unfortunately, remote access to a network provides major security risks and is therefore a major topic that demands attention when setting up a new network or protecting an existing one.

In Chapter 4 we will discuss networking devices such as routers, firewalls, and VPNs (Virtual Private Networks) in detail. These are several of the main methods implemented in modern networks to minimize the threat of unauthorized access to an internal network through external network connections.

A remote access server or communications server is typically used in combination with a router, firewall, and/or VPN at the local network level to authenticate and provide security for remote users wishing to gain access to local area network resources.

As stated earlier, you have already been introduced to several of the items discussed next. By the end of this chapter and ultimately the end of this book, the security information discussed should become second nature to you.

The following are important remote access connection technologies to remember when preparing for the exam:

  • ISDN (Integrated Service Digital Network): Carries data and voice over traditional telephone networks. ISDN will be discussed in detail in Chapter 4.

  • DSL (Digital Subscriber Line): Considered a better and faster replacement for ISDN, DSL is a technology that can provide considerable bandwidth capabilities to small business and homeowners alike. DSL uses traditional existing twisted pair telephone lines.

  • Cable modem: Considered the most insecure technology based on the fact that a default installation does not provide firewall or any other sort of packet filtering. With a default installation method, users share a single coax cable connection.

  • Wireless technologies: Fastest growing area for connectivity. Wireless technology will be discussed in detail later in the chapter.

  • Dial-up (asynchronous): Traditional connection method that uses an ISP (Internet service provider) and an analog phone line to connect to the Internet.

The following are important remote access authentication systems and secure connection methods to remember for the Security+ exam:

  • Authentication systems for remote access security:

    • RADIUS -Remote Access Dial-in User Server)

    • TACACS -Terminal Access Controller Access Control Server)

  • Security authentication protocols most often used for remote nodes:

    • PAP (Password Authentication Protocol) clear text

    • CHAP (Challenge Handshake Authentication Protocol)

To secure remote access connections, use the following, which are detailed in Chapter 4:

  • VPN (Virtual Private Network)

  • SSH (Secure Shell)

  • SSL (Secure Sockets Layer)

  • Firewalls

RAS (Remote Access Service)

RAS (Remote Access Service) is provided with Windows NT, 2000, and XP that allows remote clients to access services and resources located on a network using an analog modem, WAN, or ISDN connection. In order to install and use RAS, you will need a supported protocol, such as TCP/IP or IPX/SPX, and a RAS client or compatible PPP client package.

A RAS client that has been configured properly can dial in or connect to a network that utilizes a RAS server. The RAS server is used to authenticate the remote users and allow them access to services, such as file and print, which reside on a LAN.

In general, the following events occur when one establishes a connection with a RAS server:

  1. Your system attempts to access the RAS server.

  2. Based on your authentication methods, the following events occur:

    1. Using PAP (Password Authentication Protocol) clear text authentication:

      • Your system transmits your clear text password to the RAS server.

      • The server compares your credentials with its security database.

    2. Using CHAP for authentication:

      • The server sends a challenge message to your system.

      • Your system replies to the server with an encrypted response.

      • The server compares the response to the credentials in its user database.

    3. Using certificate-based authentication:

      • The server requests credentials from your system and sends a server-based certificate.

      • If your system and connection are configured to validate and accept the server-based certificate, the certificate is validated. If it is not validated, this step is skipped.

      • Your system then sends its certificate to the server system.

      • The server system verifies that your sent certificate is valid and that it has not been revoked.

  3. If the server verifies that the account is valid, it then searches for remote access permission.

  4. If you are granted successful remote access permission, the server system establishes your session and connection.

  5. If you have callback enabled, the server system will call your system and repeat Steps 2 through 4.

    Note 

    RAS can be configured for node authentication by enabling callback or caller ID. Callback occurs when a remote user dials into the server and supplies credentials. The server then hangs up the call and calls the remote user back at the same number the call came in from. Caller ID occurs when the server verifies that the incoming call is matched against a predefined phone list stored on the server. It is much more difficult to gain illegal access through caller ID. It is also much more difficult to administrate caller ID for remote users who travel often and use different phone numbers to call from.

Here are a few a rules to follow when using Remote Access Service:

  • The passwords that your remote users use when dialing into a RAS server should not be the same as the passwords they use to be authenticated on a domain.

  • The actual time frame in hours that remote users can dial into a RAS server should be limited to the business needs of that user.

  • Always use callback security in RAS for authentication.

  • Your RAS server and your remote clients should always have the latest operating system service packs and patches as well as up-to-date antivirus protection.



 < Day Day Up > 



The Security+ Exam Guide (TestTaker's Guide Series)
Security + Exam Guide (Charles River Media Networking/Security)
ISBN: 1584502517
EAN: 2147483647
Year: 2003
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net