Secure Shell (SSH) # Allows a terminal or client to connect to a host terminal with data encrypted as it traverses the network. Protocol: TCP Port: 22 Replaced telnet SSH servers use public-key cryptography and challenge-response authentication . Process: # Server sends public key to client After the client receives the key, it creates a session ID and encrypts it with the public key. The server decrypts the session ID and uses it in all data transfers going forward. ...
Discretionary Access Control #
Plaintext # Plaintext also known as cleartext is unencrypted text in it’s original form.
Defense in Depth # A network security strategy based on implementing multiple security layers to provide a more robust defense. 4 Common Components # Network Access Control (NAC) Network Segmentation Separation of Duties Honeypot
Principle of Least Privilege # User should only have access rights limited to only what’s necessary for tasks to do their job.
Separation of Duties # Separation of duties is the division of processes or transactions between two or more people to avoid the opportunity for someone to act wrongfully, create errors, abuse privileges, or perform theft or fraud.
Honeypot # A honeypot in network security is a baited trap for attackers. It uses a computer system that is made to look like an organization’s legitimate system, including data and applications.
Zero Trust # Zero Trust is a security strategy based on the concept that no user or device should be allowed access to the network’s sensitive data without proper authentication and authorization within the network.
Root Password Rotation # Resources # Rather than set static root passwords, do we really have to do this? Why not keep them unknown and just use the privileged user accounts that AWS, GCP and Azure setup? https://www.redhat.com/en/blog/what-about-root-passwords
Public-key Cryptography # https://en.wikipedia.org/wiki/Public-key_cryptography