Frequently Asked Questions

Previous page
Table of content
Next page

  < Day Day Up > 


The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the “Ask the Author” form. You will also gain access to thousands of other FAQs at ITFAQnet.com.

1. 

I ran a switch flooding program against my switch and it didn’t do anything, why not?

some newer switches are resilient to some of the older flooding tools.

2. 

I have hubs daisy-chained through the floors of my company’s building, is that all one collision domain?

yes! hubs do not have any intelligence built into them to know where to send data, so they will blindly forward it on to everyone. so every hub that is connected together is seeing traffic for all ports.

3. 

When I run Ethereal on my Linux system, I don’t see the PROMISC flag in the ifconfig –a output.

ethereal uses the libpcap program to perform packet capturing and filtering. some newer versions if libpcap use a different method of putting an interface into promiscuous mode that ifconfig cannot detect.

4. 

Will adding encryption to my network decrease performance?

yes, encrypting and decrypting data can be resource intensive, depending on several factors including the type of encryption algorithm and length of the key. however, depending on your network architecture, end users may not notice the difference in performance.

5. 

What if an attacker compromises a host that I am using a VPN client on?

your vpn would basically offer a safe and secure environment for the attacker to run wild! for example, you connect your work laptop at home to the internet over dial-up or high-speed internet, and your system is compromised via a trojan. your connections back to the office are secured via a vpn connection which gets enabled once you connect to your mail server or other protected work resources. the attacker then has the ability to access these resources that are otherwise protected by your vpn.

6. 

I still don’t understand how one-time passwords work.

let me give you an example. you are provided with an rsa secure id hardware token. this is a small device that has a screen on it with some numbers that change every sixty seconds. these numbers are your responses to the rsa server challenges, i.e. your password. the token and the server are synchronized, so when you log in, the server presents you with a challenge, i.e. asks you your password, and you type in whatever number is showing on your secure id token screen at the time. you will be authenticated for this session, but next time you login it will be a different number, hence a one-time password.

Answers

1. 

Some newer switches are resilient to some of the older flooding tools.

2. 

Yes! Hubs do not have any intelligence built into them to know where to send data, so they will blindly forward it on to everyone. So every hub that is connected together is seeing traffic for all ports.

3. 

Ethereal uses the libpcap program to perform packet capturing and filtering. Some newer versions if libpcap use a different method of putting an interface into promiscuous mode that ifconfig cannot detect.

4. 

Yes, encrypting and decrypting data can be resource–intensive, depending on several factors including the type of encryption algorithm and length of the key. However, depending on your network architecture, end users may not notice the difference in performance.

5. 

Your VPN would basically offer a safe and secure environment for the attacker to run wild! For example, you connect your work laptop at home to the Internet over dial-up or high-speed Internet, and your system is compromised via a trojan. Your connections back to the office are secured via a VPN connection which gets enabled once you connect to your mail server or other protected work resources. The attacker then has the ability to access these resources that are otherwise protected by your VPN.

6. 

Let me give you an example. You are provided with an RSA Secure ID hardware token. This is a small device that has a screen on it with some numbers that change every sixty seconds. These numbers are your responses to the RSA server challenges, i.e. your password. The token and the server are synchronized, so when you log in, the server presents you with a challenge, i.e. asks you your password, and you type in whatever number is showing on your Secure ID token screen at the time. You will be authenticated for this session, but next time you login it will be a different number, hence a one-time password.


 < Day Day Up > 


Previous page
Table of content
Next page
Ethereal Packet Sniffing
Ethereal Packet Sniffing (Syngress)
ISBN: 1932266828
EAN: 2147483647
Year: 2004
Pages: 105
Authors: Syngress
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
The CISSP and CAP Prep Guide: Platinum Edition
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
Java How to Program (6th Edition) (How to Program (Deitel))
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
.NET-A Complete Development Cycle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy