...WAN Design with Frame Relay David Horton CST-443 Abstract This paper gives a high-level overview of how to design a Wide Area Network (WAN) using Frame Relay technology. Aspects of the WAN design process are explored through the use of a fictitious manufacturing company called Zippy's Chips. The Zippy's WAN design covers the topics of weighing alternative technologies, setting up basic Frame Relay Permanent Virtual Circuit (PVC) connections, adding redundant links and scaling the network for future growth. Table of Contents Frame Relay in a Nutshell.......................................................................................................................... 2 Terminology.......................................................................................................................................... 2 Basic Concepts...................................................................................................................................... 2 A Sample Design...................................................................................................................................3 Deciding if Frame Relay is Right for the Network.................................................................................... 4 Advantages of Frame Relay...................................................................................................................4 Disadvantages of Frame Relay..............................................................
Words: 3194 - Pages: 13
...Having a secure WLAN is very important, I would even go to say more important than a normal LAN. One way to secure a WLAN is to use encryption. This uses a key that will encrypt and decrypt data on the WLAN so only people what the key would be able to connect to the network. The encryption needs to be strong or a sniffer will crack the key so using a WPA2 would be best. Another way would be to simple change the SSID or ESSID. The reason this is a good way to secure a WLAN is because in most cases if you didn’t change the SSID a hack would think that you didn’t do anything to your network, making it easier to hack. “Though knowing the SSID does not allow anyone to break into your network, it usually indicates that the person hasn't taken any steps to protect their network, thus these networks are the most common targets” ("How to secure," 2007). The ramification of your WLAN being breached could be many things. The first thing I can think of is data theft and by that personal or secret information if someone can get on your WLAN. Also they could be trying to disrupt your network to cause damage or just want to ride on your wireless to gain access to the Internet. I think that stolen information would be the biggest threat. Reference: How to secure a wlan. (2007, February 15). Retrieved from...
Words: 254 - Pages: 2
...Source Address | Destination | Payload | Week 3 The Network Intrusion Detection Engine Network based IDS engines process a stream of time sequential TCP/IP packets to determine a sequence of patterns. Patterns are also known as signatures. Most network signatures are based on the contents of the packets (Packet Content Signature = Payload of a packet). Patterns are also detectable in the header and flow of the traffic, relieving the need for looking into packets. Operational Concept Two primary operational modes 1. Tip off - Look for something new, something not previously classified. 2. Surveillance - Look for patterns from "targets" Forensic work bench * Same tool as in surveillance * Monitor online transactions * track network growth - PCs; mobile devices * System services usage * Identify unexpected changes in the network Benefits of a Network IDS 1. Outsider Deterrence - Make life hard for the hackers 2. Detection - Deterministic; Stochastic 3. Automated Response and Notification - Notifications(email, SNMP, pager, onscreen, audible) Response: Reconfigure router/firewalls; Doing a counter attack is not smart; Lose the connection. Challenges for network based technologies 1. Packet reassembly - Broken packets might not be enough detection. Pattern broken into different packets. 2. High Speed Networks - Flooding and dropping of packets 3. Anti Sniff (Sniffer Detection) - Designed by hackers to detect IDS. Find...
Words: 360 - Pages: 2
...R17. What is the difference between a permanent address and a care-of address? Who assigns a care-of address? Answer: A permanent address is the home address and care of address is the given address of the device such as mobile. Permanent address is where mobile devices live. Care of address is given to the mobile device by the foreign agent when a device entire to another network area. Permanent address will get all the derive data and then the home agent forward data/messages onto the other network via the care of address. After that mobile device directly responds to the correspondent. R1. What are the differences between message confidentiality and message integrity? Can you have confidentiality without integrity? Can you have integrity without confidentiality? Justify your answer. Answer: Confidentiality is the property that the original plaintext message cannot be determined by an attacker who intercepts the cipher text-encryption of the original plaintext message. Message integrity is the property that the receiver can detect whether the message sent (whether encrypted or not) was altered in transit. The two are thus different concepts, and one can have one without the other. An encrypted message that is altered in transmit may still be confidential but will not have message integrity if the error is undetected. Similarly, a message that is altered in transit (and detected) could have been sent in plaintext and thus would not be confidential Message confidentiality...
Words: 528 - Pages: 3
...------------------------------------------------- One of the benefits of the internet is transferring file between computers to share information between people, but computers which run different operating systems need a common language between them to understand each other and this language is called protocols (Washburn et al., 1996). FTP (File Transfer Protocol) is a protocol to transfer files that described for the first time in the early seventies and standardized in 1982 (Matthews, 2005). SFTP (SSH File Transfer Protocol) is another file transfer protocol, but the first RFC describing SFTP was released in 2001 (Ylonen et al. 2001). Organizations have to provide file transfer services to their customers, and they should choose the secure file transfer protocol which will secure their costumers files. In this essay, a comparison between FTP and SFTP would be making from three aspects. Firstly, I will illustrate the differences between FTP and SFTP in starting communication methods, and how they maintain the connection and the ports used by them. Secondly, I will focus on security vulnerabilities of FTP and SFTP and their effects on users and files security. Finally, I will compare the speed of files transferring in FTP and SFTP for different files with different sizes. * ------------------------------------------------- Communication Approach: * ------------------------------------------------- System architecture identifies the system hardware and software requirements, and it has...
Words: 1768 - Pages: 8
...Francisco Ramirez Unit 5 assignment 1 Ch. 18 1. Sftp-secure file transfer protocol is a network protocol that provides file access, transfer, and management over a trusted data stream. Scp-secure transfer protocol is a network protocol that transfers data that can withstand or is immune to interception and tampering. 2. Use the “ssh host who” command in the terminal to show who is logged in 3. Scp user@bravo:-r your@home:blank 4. “$ ssh plum xterm” or use this command with “-y” if x11 forwarding is not trusted 5. The problem that enabling compression prevent when using a ssh to run remote x11 applications on a local display would be that this creates a backup feature. Should the computer crash, all of your work will be saved on the hard drive. 6. Check with the remote administrator to see if something has changed. Ch. 20 1. Edit “etc/aliases file to include the entry: root, var/logs/systemmail 2. “Cat~/. Forward”, then max@bravo.com then “/max” 3. Edit “/etc/mail/access” and add the following: “connect 192.168.1.1 relay” 4. “dnl” stand for “delete to new line”, works the same as # in shell script; it instructs the compiler to ignore any line followed by “dnl” 5. Go to content configuration on Spamassassin, then under “required spam assassin score”, change 3 to 5. 6. First, type the mail followed by the e-mail address of the recipient: mail Max@email.com, then type the subject line, then press enter. Type your message, then...
Words: 270 - Pages: 2
...John Holbrook Step by Step Installation of a Secure Linux Web, DNS and Mail Server Feb 10, 2004 GIAC GSEC Practical – Version 1.4b, Option 1 Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46. 1 Table of Contents Abstract................................. Introduction.........................................................................................................................4 Current Setup..................................................................................................................4 Reasons for new install ..................................................................................................4 Sudo...............................................................................................................................5 Security Comparison of Redhat 9.0 and Openna 1.0..........................................................7 Default Installed Services...............................................................................................7 Configuration Notes............................................................................................................8 The New Setup...............................................................................................................8 Layers of Protection........................................................................................................9 Verifying Integrity of Downloaded Files.................................
Words: 16169 - Pages: 65
...File Transfer Protocol File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host or to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that hides (encrypts) the username and password, and encrypts the content, FTP is often secured with SSL/TLS ("FTPS"). SSH File Transfer Protocol ("SFTP") is sometimes also used instead. The first FTP client applications were command-line applications developed before operating systems had graphical user interfaces, and are still shipped with most Windows, Unix, and Linux operating systems. Dozens of FTP clients and automation utilities have since been developed for desktops, servers, mobile devices, and hardware, and FTP has been incorporated into hundreds of productivity applications, such as Web page editors. The original specification for the File Transfer Protocol was written by Abhay Bhushan and published as RFC 114 on 16 April 1971 and later replaced by RFC 765 (June 1980) and RFC 959 (October 1985), the current specification. Several proposed standards amend RFC 959, for example RFC 2228 (June 1997) proposes security extensions and RFC...
Words: 1088 - Pages: 5
... * cups, system-config-printer, cups-pdf * Run chkconfig to start daemon when computer starts * # chkconfig cups on * Start CUPS * # service cups start * Using system-config-printer * Press Add printer * Enter description, location, device URI: * Use Make and Model to find the printer you are connecting * Print Test Page to confirm its working * Describe the purpose and history of OpenSSH. * OpenSSH or OpenBSD Secure Shell is encryption communication software set that uses two levels of authentication. * OpenSSH was created by OpenBSD as an alternative to the proprietary SSH. Making is debut in 1999 it has adapted adding PKCS11 authentication support to OSO layer 2/3 VPN. * Explain how to configure OpenSSH. * Make sure the following packages are installed. (If not yum install) * openssh, openssh-clients * Describe the purpose and history of Network File System (NFS). * Explain how to configure NFS. * Describe the purpose of Samba. * Compare Samba to Microsoft Windows file sharing. * Explain how to configure Samba. * Describe the purpose of File...
Words: 350 - Pages: 2
...Operating and Configuring a Cisco IOS Device Lab Assignment SwitchAA> SwitchAA>? Exec commands: access-enable Create a temporary Access-List entry clear Reset functions connect Open a terminal connection crypto Encryption related commands. disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands exit Exit from the EXEC help Description of the interactive help system lock Lock the terminal login Log in as a particular user logout Exit from the EXEC name-connection Name an existing network connection ping Send echo messages rcommand Run command on remote switch resume Resume an active network connection set Set system parameter (not config) show Show running system information ssh Open a secure shell client connection systat Display information about terminal lines telnet Open a telnet connection terminal Set terminal line parameters traceroute Trace route to destination tunnel Open a tunnel connection where List active connections SwitchAA>enable Password: SwitchAA#? Exec commands: access-enable Create a temporary Access-List entry access-template Create a temporary Access-List...
Words: 1231 - Pages: 5
...Linux printer using Samba allows windows and OS/2 clients to send print jobs to the printer. 5. Name three printing protocols that CUPS supports. Which is the CUPS native protocol? CUPS supports IPP, LPD/LPR, HTTP, SMB, and JetDirect (socket) protocols. Ch 10 p. 403, Ex 1 1. Describe the similarities and differences between these utilities: a. scp and ftp – scp is the "Secure Copy" program and it works just like the "cp", or "Copy" program, only it works through via the Secure Shell. ftp is the "File Transfer Protocol" and has nothing to do with security. Usually operates as its own interface with its own set of user sub-commands. Both are used to transfer files from one host to another via network connection. b. ssh and telnet – Both Telnet and SSH is used for remote Log-In and to trasnfer data. Telnet -> Telecommunication network It is not secure and anyone can use it. It uses ASCII format. Information sent and received can be easily read by anyone (Hackers) in that network. SSH -> Secure Shell It is highly secure. Information passed accross the network is encrypted. Hackers will not be able to read your data. So its...
Words: 382 - Pages: 2
...DEPARTMENT ITSA 255 – Information Systems Security Assignment 4 – Network System Administrator Tools/Utilities Students are to perform independent Internet research and write a short paragraph describing the functionality and utilization for each of the following Network System Administrator Tools/Utilities: * FileZilla FileZilla is a cross platform File Transfer Protocol (FTP) application software that allows the ability to transfer multiple files over the internet. It is made up of a FileZilla client and a FileZilla server. It is available for use with Windows, Linux and MAC OSX. It supports FTP, SFTP (SSH File Transfer protocol), FTPS (FTP secure). Some of the features include support in IPv6, Drag and Drop, Filename feature, Remote file editing, FTP proxy support and much more. It includes two methods to invoke security which is the explicit method and implicit method. Many bug fixes and vulnerability patches were made over the initial release of June 22, 2001. * Nessus Nessus is a open source cross-platform network vulnerability scanner software developed by Tenable Network Security. First introduced during 1998; it was created to be used as a free remote security scanner to the internet community. It allows for various scanning which scans a computer and raises an alert if it discovers any vulnerability that hackers could use to gain access to a computer that is connected to a network. Nessus scans for a certain range of vulnerabilities. It scans for vulnerabilities...
Words: 856 - Pages: 4
...Chap 18 Pg 699 Q1 difference between scp and sftp utilities? SCP is a secure file copy utility and SFTP is a secure file transfer protocol even though it does not have anything to do with the FTP we are use to in windows. Q2 How can you use SSH to find out who is logged in on a remote system? By typing $ ssh host who in the terminal window Q3 How would you use scp to copy ~/.bashrc file from the system named plum to the local system? From the local system you would type scp user@plum:~/..bashrc local system: .bashrc. Q4 How would you use scp to run xterm on plum and show the display on the local system? Having the same username on both systems and the X11 server running locally, the command to run xterm from the plum system and show on the local display is $ ssh plum xterm Q5 What problem can enabling compression present when you are using ssh to run remote X applications on a local display? Compression can cause an increase in latency to an extent the might not be desirable for an X session forwarded over high-band width connections. Q6 When you try to connect to another system using an OpenSSH client and you see a message warning you that the remote host identification has changed, what has happened? What should you do? This indicates that the fingerprint of the remote system is not the same as the local system remembers it. Check to find out if something changed. If everything is ok, get rid of the remote system’s key from the file located in the error message and...
Words: 584 - Pages: 3
...Build Your Own Oracle RAC Cluster on Oracle Enterprise Linux and iSCSI (Continued) The information in this guide is not validated by Oracle, is not supported by Oracle, and should only be used at your own risk; it is for educational purposes only. 12. Create "oracle" User and Directories Perform the following tasks on both Oracle RAC nodes in the cluster! In this section we will create the oracle UNIX user account, recommended O/S groups, and all required directories. The following O/S groups will be created: Description | Oracle Privilege | Oracle Group Name | UNIX Group name | Oracle Inventory and Software Owner | | | oinstall | Database Administrator | SYSDBA | OSDBA | dba | Database Operator | SYSOPER | OSOPER | oper | We will be using the Oracle Cluster File System, Release 2 (OCFS2) to store the files required to be shared for the Oracle Clusterware software. When using OCFS2, the UID of the UNIX user " oracle" and GID of the UNIX group " oinstall" must be the same on both of the Oracle RAC nodes in the cluster. If either the UID or GID are different, the files on the OCFS2 file system will show up as "unowned" or may even be owned by a different user. For this article, I will use 501 for the " oracle" UID and 501 for the " oinstall" GID. Note that members of the UNIX group oinstall are considered the "owners" of the Oracle software. Members of the dba group can administer Oracle databases, for example starting up and shutting down databases. Members...
Words: 13991 - Pages: 56
...more secure and offers more flexibility 2. How can you use ssh to find out who is logged in on a remote system ssh host who 3. How would you use scp to copy your ~/.bashare file from the system named plum to the local system. Scp and then the user@remote: /”path to plum” /”path to save” 4. How would you use ssh to run xterm on bravo and show the disply on the local system? ssh bravo xterm 5. What problem can enabling compression present when you are using ssh to run remote X applications on a local display? Lag, the bandwidth and overhead on compression will not agree with ssh 6. When you try to connect to another system using an Open SSH client and you see a message warning you that the remost host identification has changed, what has happened? What should you do? Means something has changed drastically on the remote machine. Such as OS. Contact Admin to ensure change was deliberate and once verified delete the old key and try to log in again and let the new config create a new key file. 1. By default, email addressed to system goes to root. How would you also save a copy in the /var/logs/systemmail? Edit aliases to include root, /var/logs/systemmail 2. How would Max store a copy of his email in ~/mbox and send a copy to max@bravo.com? $ cat ~/.forward, ~/mbox, max@bravo.com, \max 3. If your firewall allowed only the machine with the IP address x.x.x.x to send email outside the network how would...
Words: 457 - Pages: 2
