Cisco Security Intrusion Detection Systems (CSIDS) Student

Read Online or Download Cisco Security Intrusion Detection Systems (CSIDS) Student Guide V4.1 PDF

Similar computers books

Computer Vision – ACCV 2007: 8th Asian Conference on Computer Vision, Tokyo, Japan, November 18-22, 2007, Proceedings, Part II

The 2 quantity set LNCS 4843 and LNCS 4844 constitutes the refereed court cases of the eighth Asian convention on computing device imaginative and prescient, ACCV 2007, held in Tokyo, Japan, in November 2007. The forty six revised complete papers, three planary and invited talks, and a hundred thirty revised poster papers of the 2 volumes have been rigorously reviewed and seleceted from 551 submissions.

Extra resources for Cisco Security Intrusion Detection Systems (CSIDS) Student Guide V4.1

Example text

1—2-23 The following techniques and tools can be used to mitigate packet sniffer attacks: Authentication—Using strong authentication is a first option for defense against packet sniffers. Strong authentication can be broadly defined as a method of authenticating users that cannot easily be circumvented. A common example of strong authentication is onetime passwords (OTPs). An OTP is a type of two-factor authentication. Two-factor authentication involves using something you have combined with something you know.

Because the specifications for network protocols, such as TCP/IP, are widely published, a third party can easily interpret the network packets and develop a packet sniffer. ) Copyright 2004, Cisco Systems, Inc. Security Fundamentals 2-17 Packet Sniffer Attack Mitigation Host A Router A Router B Host B The following techniques and tools can be used to mitigate sniffer attacks: • Authentication—A first option for defense against packet sniffers is to use strong authentication, such as one-time passwords.

If a hacker learns that password by using a packet sniffer, the information is useless because the password has already expired. Note that this mitigation technique is effective only against a sniffer implementation that is designed to grab passwords. Sniffers deployed to learn sensitive information (such as e-mail messages) will still be effective. Switched infrastructure—This technique can be used to counter the use of packet sniffers in your network environment. For example, if an entire organization deploys switched Ethernet, hackers can gain access only to the traffic that flows on the specific port to which they connect.

Download PDF sample

Rated 4.19 of 5 – based on 34 votes