Security

General security related questions are as following:

=Basics=


 * What is a Zone?


 * What is Screening?


 * What is Syn-Proxy?


 * What is Syn-Cookie?


 * Symmetric vs Asymetric Encryption

A single key is used both to encrypt and decrypt traffic. Common symmetric encryption algorithms include DES, 3DES, AES, and RC4. 3DES and AES are commonly used in IPsec and other types of VPNs. RC4 has seen wide deployment on wireless networks as the base encryption used by WEP and WPA version 1. Symmetric encryption algorithms can be extremely fast, and their relatively low complexity allows for easy implementation in hardware. They require that all hosts participating in the encryption have already been configured with the secret key through some external means.

Asymmetric encryption differs from symmetric encryption primarily in that two keys are used: one for encryption and one for decryption. The most common asymmetric encryption algorithm is RSA. Imposes a high computational burden, and tends to be much slower. Thus, it isn't typically employed to protect payload data. Instead, its major strength is its ability to establish a secure channel over a nonsecure medium. This is accomplished by the exchange of public keys, which can only be used to encrypt data. The complementary private key, which is never shared, is used to decrypt.

Robust encryption solutions such as IPsec implement the strengths of both symmetric and asymmetric encryption. First, two endpoints exchange public keys, which allows for the setup of a slow but secure channel. Then the two hosts decide on and exchange shared symmetric encryption keys to construct much faster symmetric encryption channels for data.


 * What is a Digital Signature?

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. It ensure that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Commonly used for software distribution or financial transactions Digital signatures employ asymmetric cryptography.

UTM
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
 * EICAR Standard Antivirus Test File(68 bytes):

uid=0(root) gid=0(root) groups=0(root)
 * IDS test file:

GTUBE File
Generic Test for Unsolicited Bulk Email - AntiSpam testing(68 bytes): XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

File:

Subject: Test spam mail (GTUBE) Message-ID:  Date: Wed, 23 Jul 2003 23:30:00 +0200 From: Sender  To: Recipient  Precedence: junk MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit

This is the GTUBE, the Generic Test for Unsolicited Bulk Email

If your spam filter supports it, the GTUBE provides a test by which you can verify that the filter is installed correctly and is detecting incoming spam. You can send yourself a test mail containing the following string of characters (in upper case and with no white spaces and line breaks):

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

You should send this test mail from an account outside of your network.