3.1 Secure Protocols

Secure Protocols

SRTP (secure real-time transport protocol / secure RTP) adds security features to RTP - keeps conversations private

NTP has no security features - NTPsec comes into play

Email - S/MIME uses public key encryption and digital signing of mail content

Web - SSL/TLS - uses public key encryption, symmetric session key is transferred using asymmetric encryption

IPsec - security for OSI Layer 3 (Network layer) - encryption and packet signing two core IPsec protocols? - authentication header (AH) = provides integrity - encapsulation security payload (ESP) = provides encryption

File transfer - FTPS (FTP-SSL), SFTP (SSH FTP)

LDAP - accessing and maintaining distributed directory information services over an IP network

Remote access - SSH - encrypted terminal communication, replaces Telnet

DNS normally have no security - DNSSEC comes into place which validates DNS responses - origin authentication, data integrity

DHCP has no security controls - Rogue DHCP servers - In AD, environment DHCP servers must be authorized - port 67/68

RADIUS - port 1812/1813

TACACS+ - port 49

Kerberos - port 88

SNMP - port 161/162

RDP - port 3389

POP3 - port 110

SMB - port 445, 139

SMTPS - port 465

LDAP - port 389

LDAPS - port 636

SIP - port 5060/5061