DMZ, can generate strong access rules between users and non-public servers and equipment published. Thus weaker rules only allow access to certain equipment and never to data, which will be after two levels of security.
A FIREWALL (firewall) is a part of a system or network that is designed to block unauthorized access while permitting authorized communications.
THE SPYWARE or spyware is software that gathers information from a computer and then transmits this information to a foreign entity without the knowledge or consent of the computer owner. The term spyware is also used more broadly to refer to other products that are not strictly spyware. These products perform different functions, such as displaying unsolicited advertisements (pop-up), collect private information, redirect requests for pages and installing dialers.
WEP (Wired Equivalent Privacy ) was the first
encryption protocol introduced into the first
IEEE 802.11 standard back in 1999 .
IEEE 802.1X and EAP
The IEEE 802.1X authentication protocol (also known as Port-Based Network
Access Control) is a framework originally developed for wired networks, and
has mechanisms for authentication, authorization and key distribution and also
incorporates access controls for users to join the network
.
TMK (Temporary Key MIC - 2x64
bits) : Password for authentication
data ( used only by Michael
with TKIP ) . It uses a key
dedicated to each side of the
communication.
KCK ( Key Confirmation Key - 128
bits) : Password for authentication
Message ( MIC ) at the 4 -
Way Handshake and Group Key
Handshake .
• KEK ( Key Encryption Key - 128
bits ): Key to ensure confidentiality
data for
the 4-Way Handshake and Group
Key Handshake .
• TK (Temporary Key - 128 bits):
Data encryption key
(used by TKIP or CCMP ).
The PMK itself is not used
never for encryption or verification
integrity . On the contrary,
is used to generate a key
temporal encryption.
AP - Access Point, Access Point , a base station
Wi - Fi network that connects wireless clients to each other and networks
cable .
• ARP - Address Resolution Protocol , protocol for translating
IP addresses to MAC addresses .
• BSSID - Basic Service Set Identifier , MAC Address
access point.
• CCMP - Counter- Mode / Cipher Block Chaining Message
Authentication Code Protocol , protocol encryption
used in WPA2 , based on the block cipher suite
AES .
• CRC - Cyclic Redundancy Check , pseudo- integrity algorithm
used WEP (weak).
• EAP - Extensible Authentication Protocol , setting for several
authentication methods.
• EAPOL - EAP Over LAN , wireless networking protocol used
to transport EAP .
•GEK - Key Group Encryption key for encrypting
multicast traffic data (also used for integrity
in CCMP ) .
• GIK - Group Integrity Key, key for data encryption
in multicast traffic (used in TKIP ) .
• GMK - Group Master Key, primary key hierarchy
key group .
• GTK - Group Transient Key , key derived from GMK .
• ICV - Integrity Check Value , field data combined with the data
text for the integrity (based on weak algorithm
CRC32 ) .
• IV - Initialization Vector, initialization vector , Overlays
in the encryption key to produce a flow of
unique key .
• KCK - Key Confirmation Key, which protects integrity key
handshake messages .
• KEK - Key Encryption Key, key confidentiality
protects the handshake messages .
• MIC - Message Integrity Code , data field, joined the
text data integrity ( in the algorithm basdo Michael ) . • MK - Master Key, primary key known by the supplican and
the authenticator after 802.1x authentication process.
MPDU - Mac Protocol Data Unit , data packet before
fragmentation.
• MSDU - Mac Service Data Unit , data packet after
fragmentation.
• PAE - Port Access Entity , logical port 802.1x .
• PMK - Pairwise Master Key, primary key hierarchy
key pairs .
• PSK - Pre -Shared Key, key derived from a passphrase
PMK which replaces the normally sent by a
authentication server.
• PTK - Pairwise Transient Key , key derived from the PMK .
• RSN - Robust Security Network security mechanism
802.11i ( TKIP , CCMP etc. . ) .
• RSNA - Robust Security Network Association , an association of
security used in RSN .
• RSN IE - Robust Security Network Information Element,
fields containing RSN information included in Probe
Response and Association Request.
• SSID - Service Set Identifier of the network ( the same
that ESSID) .
• STA - Station , Station , wireless client .
• TK - Temporary Key, key for data encryption
unicast traffic (also used for checking the
CCMP data integrity ) .
• TKIP - Temporal Key Integrity Protocol , protocol encryption
used in WPA based on the RC4 algorithm (as in
WEP ) .
• TMK - Temporary Key MIC key for data integrity
in unicast traffic (used in TKIP ) .
• TSC - TKIP Sequence Counter , used repetition counter
TKIP (as Extended IV).
• TSN - Transitional Security Network security systems
pre- 802.11i ( WEP etc . ) .
• WEP - Wired Equivalent Privacy encryption protocol
default for 802.11 .
• WPA - Wireless Protected Access , implementing a
early version of the 802.11i standard , based on the protocol
TKIP encryption .
• WRAP - Wireless Robust Authenticated Protocol , former
protocol used in WPA2 encryption .
No hay comentarios:
Publicar un comentario