10
3
, a full moon daySecur1ty Usages
Last updated on 2009
10
3, a full moon day
Time must be understood 1st, and then do computer systems security ... 。 3 common methods exist:
1
establishing sub-tree。
2
modeling individual entry,
i.e. in 2006, for each 480 Mbps pipe till 30 pipes @ 30 MHz USB DWA ... 。
3
modeling attributes of
each entry。
''Y0u kn0w" ''when" ''y0u kn0w what y0u d0 n0t kn0w ... 。 A1s0 see: InstructionSegment。 Netw0rk Des1gn Pr1nc1ples。 Pr0t0c0l and P0rt。 Scripts。
*$ is wildcard * AND share character $ i.e. $HOME, $PATH, ADMIN$, C$, D$, F$, S$, IPC$, PRINT$, SYSVOL$, ... , also see: variable。 [SEC]。
ACAP。
ACE。 ACK。
(ACL
One of the Control Lists (Wire
speed) (...))。 AEC 128 CCM encryption, LSI
DWA USB wire AND
wireless, 32 pipes support at 30 MHz。
AES。
AH
AH OR ESP。
ANS1
USA。
ARP。
ATP。
(Authentication
(User account (*FS mount access)) (Password
(Good password) (Shadow password)) (Permission (Directory) (File)
i.e. suid, sgid in
Linux) (...))。
b00tp, B00t Pr0t0c0l。
CA。 CD。 CERT USA。 Certificates, also see: usamyanmar.net's certificate。 CIPHERUNICORN-A, NEC's AES DES,interface。 Cisco specific。 C0PPA, Ch1ldren 0nl1ne Pr1vacy and Pr0tect10n Act USA。 CFS It supports local and remote。 Core Dump Size limitation。
DACL One of the Control Lists。 DDP。 DES。 DHCP。 Difficulty levels: The most difficult system security level is Pin level security > System Menu level security is less difficult than Pin level security > System DB Key level security is less difficult than System Menu level security > Script level security is easiest and commonly available。 DNS H0st names ≠ 1P addresses。 (DNS server query limitation (Controlling recursive query) )。 (DNSSEC (KEY record (A/C) (NAMTYP) (SIG) (XT)) (...) )。 D0S, Den1al-0f-Serv1ce, Unit = SYN/s。 DSA。
EFS。 (Encrypt10n (Bl0ck C1pher 1.e. DES's 64b1t bl0ck w1th 56b1t key。) (Stream C1pher) (...))。 EIGRP。 Environmental variables Also see: share characters。
FCC。 FCS Ethernet。 Filtering port number。 Firewall/VPN [Develop the unit's characteristics], Firewall coexistence DNS server。 FTP。
HTTP。
1ANA P0rt 0~1023。 IDS。 1ETF。 IKE。 1MAP。 1SP。 1P。 (1P Address Ass1gnment (Manual) (Aut0 b00tp) (Dynam1c b00tp DHCP))。 ipchains Controlling access。 1PC1S。 1PSec。 1RC。 IRF。 IRM。 ISMS, INFORMATION SECURITY MANAGEMENT SYSTEM, 1S0。 1V。
(KDC (TGT)) MIT's Kerberos authentication。 Kernel configuration。 Keyword to Port Number。
L2TP。 lmhosts security initialization。 LSA。 LSP。 LU1D。
MAC。 mask。 M1B。 M1ME。 (M0dulat10n (AM) (FM) (PCM) (...) Als0 see: S/N 1n UN1T)。
(named running (CHROOT jail) (without ROOT privilege))
DNS server。
NAT。
NBP。
NCP。
NetB10S。 NetWare
system usages
。
NFS。 (N1ST
(SHA N0t ava1lable
1n publ1c) (SHA-1) (SHA-*)
(...) )。
NNTP。
NOS。
NSA。
Peculiar mind reminder: O01I, IOl0
i o L zero, *
$,
" '', ... 。 P2P。
P0P。
PPDD。 (PPTP
(PPP) (...) )。
Public Key
Token, matrix of
base16 hexadecimal and 16 characters where: If Time AND Possible value matches
And Then Assembly Cache = TRUE。
Quantum cryptography (Stable key generation (QBER))。 (QoS (Application QoS OSI application level priority) (Port QoS Specific port enable OR disable。 ingress OR egress) (Voice QoS) (...))。
RAD1US。 Recommended website: www.ccc.go.jp。
SACL
One of the
Control Lists。 SAM。
Samba Server。
SCCML。 sFlow traffic
Monitor by Foundry Network。
S1D。 SK1P。
SLIMIT-C
wireless e-mail filter。
SMB
C2MYAZZ, LANMAN
authent1cat10n。
SMTP
ASC11 text 0nly。
SNMP
SNMP agent and 1ts management: Als0 see:
M1B。 Split
namespace Public
OR private。
Spread spectrum。 SPX。
SSH。
SSL
SSL3 1s TLS pr0t0c0l。
ssl ciphers。
SYN。 syslog utility
syslog.conf
file in
Linux。 Systems security links: Also see:
File Systems。
System time stamp。
swatch
Perl
script。
TCP。 TCP Wrapper Samba Linux。 inetd。 xinetd。 TCP/IP。 TCP/IP protocol stack embedded IC chips。 TDS, encryption System certificates。 TLS。 TTL。
UDP。 umask configuration。 updates is Edit | Preferences... | Startup. 333+ of Preferences... exist, i.e. temp is one of the Preferences...'s options。 UPS。 URL。
VPN。
WEP (64 bit) (128 bit)。 wh01s rs.1ntern1c.net。 W1reless T0p0l0gy。
Zone transfer restriction DNS server。
Note for security novice: Automata theory is recommended
to read because relation between handshakes and communication between
computer machines
sometimes are abstract to common people。 Once abstract can be
overviewed, twist-and-turn in cryptanalysis and cryptography becomes a little
easier ... 。
802.* specific: in 2006, 802.1x product specific are EAP-FAST, EAP-TLS, EAP-TTLS, LEAP, PEAP, and etc.
Cisco specific: 2006 line security ohm · meter products are Clean Access, ACS, ASA, CSA, IPS, Pix, and etc.。 2006 wireless security dB · meter products are Controller specific, IOS AP, Light Weight AP, UCS, and etc.
Firewall specific services oriented security rules:
[Remark: 1st to understand Internet vs. Proxy Server Settings, otherwise following contents may not be understandable。 For Internet/Intranet security, also see: IANA 2007 standard Keyword to Port Number]
If ICMP type =
source
quench, and then
。
If ICMP type = echo request
interface
= Ext, and then
。
If ICMP type = echo reply
interface
= Ext, and then
。
If ICMP type = destination unreachable
interface
= Ext, and then
。
If ICMP type = service unavailable
interface
= Ext, and then
。
If ICMP type = TTL exceeded
interface
= Ext, and then
。
If ICMP type = parameter problem
interface
= Ext, and then
。
If ICMP type = echo request
interface
= Int, and then
。
If ICMP type = redirect
interface
= Ext, and then
。
If ICMP type = echo reply
interface
= Int, and then
。
If ICMP type = destination unreachable
interface
= Ext, and then
。
If ICMP type = service unavailable
interface
= Ext, and then
。
If ICMP type = TTL exceeded
interface
= Ext, and then
。
If ICMP type = *
interface
= *
interface
= *, and then
。
If ICMP type = *
OP =
source route, and then
。
If ICMP type = *
interface
= Ext
source IP = internal, and then
。
If ICMP type = *
interface
= Int
destination IP = internal, and then
。
If ICMP type = *
interface
= Ext
destination IP = protected servers, and then
。
If ICMP type = *
interface
= Ext
destination port = RIP, and then
。
If ICMP type = *
interface
= Ext
destination port = OSPF, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 0 ~ 20
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6000
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6001
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6002
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6003
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 161
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 162
Type =
UDP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 0 ~ 20
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6000
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6001
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6002
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 6003
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 161
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
destination port = 162
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port = 23
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port = 8080
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port > 1023
ACK = C
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port = 20
ACK = C
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port = 21
ACK = C
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port = 25
(destination IP ≠ SMTP server)
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
destination port = 80
(destination IP ≠ Web server)
Type =
TCP, and then
。
If ICMP type = *
interface
= Ext
interface
= *
source port = 80
destination port > 1023
ACK = S
Type =
TCP, and then
。
If ICMP type = *
interface
= Int
interface
= *
source port > 1023
destination port = 80
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
source IP = NNTP server
destination IP NNTP server
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
source IP = NNTP server
destination port = 119
Type =
TCP, and then
。
If ICMP type = *
interface
= *
interface
= *
source IP SMTP server
destination port = 25
Type =
TCP, and then
。
|
|
|
 |
|
