|< Day Day Up >|
802.1X is an IEEE standard for wireless connectivity that uses port-based access control. It
The 802.1X standard is designed to provide a better framework that supports improved security for users on wireless networks by the implementation of centralized authentication. 802.1X uses the Extensible Authentication Protocol (EAP), which enables the technology to work with wireless, Ethernet, and Token Ring networks.
With 802.1X authentication, a wireless client who wishes to connect to and be authenticated on network is called a supplicant . The supplicant must first request access from an access point, which is also known as an authenticator . If the access point detects the request for access from the supplicant, the access point will enable the supplicant’s port and only let 802.1X traffic be transmitted. This allows the client to transmit a start-up message known as an EAP start message; the supplicant’s identity and credentials are then provided to the access point.
Next, the access point transmits the information to an authentication server, which is typically a server that runs RADIUS (Remote Authentication Dial-In User Service). The authentication server can use various algorithms to allow the user to be authenticated, eventually. Once the server authenticates the validity of the
Figure 3.1: 802.1X authentication.
To best understand this process, match the following descriptions with their corresponding numeric values in Figure 3.1:
A start message is sent from the remote client to the access point and the access point asks the client for identification.
The client sends its identity to the access point. The access then transmits or forwards the client’s identity to an authentication server.
The authentication server transmits an accept or reject message to the access point.
If the access point receives an accept message from the authentication server, the client’s port activates and the client is allowed to communicate with the server.
The 802.1X standard is
Microsoft does a great job explaining this technology. If you are interested in learning more about 802.1X, you may find the following site very informative: http://www.microsoft.com/windowsxp/pro/techinfo/planning/wirelesslan/solutions.asp .
|< Day Day Up >|
|< Day Day Up >|
At home or work, e-mail is arguably the most important communication tool available in today’s fast paced technical world. E-mail is a fast, inexpensive, acceptable way to transfer information and communicate. Unfortunately, the use of e-mail and attachments to e-mail messages provide a very large security threat to the welfare of systems and networks in general. Providing secure e-mail and messaging systems has quickly become a top priority for home users and businesses alike.
There are many threats associated with the use of e-mail. Virus threats are usually the most thought of but threats in the form of malicious content, leaks of confidential information, and the threat of those not-so-innocent spammers are becoming much more of a concern today. Server and workstation downtime, as well as the basic loss in human productivity that can result from these threats, are motivating the penny pinchers to invest more in e-mail and network security.
The most obvious threat to e-mail and e-mail systems comes in the form of e-mail
It is also imperative that e-mail users are
Our basic human nature
Confidential information leaks from within corporate
Here are some basic guidelines to file that can save you or your company a lot of time, money, and
Develop a corporate e-mail security policy that defines a set of rules your users should follow. In other words, take the time to educate them on some of the common practices that should be followed, such as confidentiality and general security practices.
Install a proven antivirus protection product that
Install content-filtering software that scans for key phrases and information in e-mail that might be confidential to your company.
Install an anti-spam software product that will identify and allow you to block out unwanted/unsolicited information.
S/MIME (Secure Multipurpose Internet Mail Extensions)
is a method/protocol used to secure the sending of messages between various e-mail
It is likely that you will be asked what S/MIME is associated with. If offered the choice, and there will most likely be a choice, a good selection would be, “e-mail security.”
Developed by Philip R. Zimmerman in 1991,
PGP (Pretty Good Privacy)
is one of the most common and
PGP uses public key encryption based techniques to secure messaging. With PGP, a user creates a key pair and protects the private key with what is known as a pass phrase . The public key part of the key pair is used for the encryption of messages for other users.
When using PGP, the pass phrase that protects the private key must not be forgotten. If the user forgets the pass phrase, the message cannot be deciphered.
is a myth or false representation regarding a computer-related virus. The hoax can be either a false warning or an actual file or object that closely resembles that of an actual virus. Hoaxes are usually
The most dangerous of hoaxes will warn the recipient that there is a dangerous file and/or program residing in a system. The hoax will suggest that the recipient remove the dangerous file or program. The bad news—the recipient just wiped out an important system file that is needed for the operating system or program to exist or function. Real nice; we can only hope that the recipient has a good backup!
Hoaxes can cause a tremendous loss in productivity. The time and resources it takes to investigate hoaxes could be much better spent on actual company production issues. Unfortunately, hoaxes are part of the electronic world in which we live and must be handled with care. Could a hoax be another form of social engineering? You bet.
The best way to tell if an attachment or suspect file name is actually a hoax is through research and education. A great Internet site that allows you to do a computer virus hoax search from A-Z is http://vmyths.com .
If you have a good antivirus program and support contract, you can always
As a basic rule of thumb, you should always assume that a hoax or threat is real but use common sense. Don’t take action based on unprofessional advice or hearsay. Finally, by no means should you apply fixes or patches without consulting a
Be prepared to answer questions that ask you how you would
|< Day Day Up >|