One important point I took from this reading was the discussion of the most common attack against wireless networks: unauthorized access. I believe this is an important concept to expand on, as many simplify what unauthorized access truly means. Connecting to a network without permission may sound simple, but there are many different ways in which an attacker can do this, and understanding these ways is essential for protecting a company’s networks. For example, one can gain unauthorized access through rogue access points, packet sniffing, and misuse of local WLAN. Corporations must understand the different types of unauthorized access attacks, such as external versus internal, and protect their networks accordingly.
One of the biggest challenges for network administrators and security professionals is securing the network in an organization. The reason it is difficult is because many organizations have employees working remotely, using wireless devices, and employees bring personal mobile devices and connecting them to the network. Wireless attacks will typically focus on an access point within the organization and the attacker could be a distance away, which makes it more difficult to prevent. There are three types of attacks such as unauthorized access, man-in-the-middle, and wireless denial of service. Another attack vector that makes it difficult to secure networks is sometimes an employee of an organization will set up a rogue access point and if that access point is not properly configured then an attacker could gain access to the network and bypass firewalls.
Hi Nicholas – it’s true that the attack surface for an organization is much wider now than 15 or even 10 years ago. The standardization of wireless network access as a result of the convenience it offers means there are organizations typically have many wireless access points that must be sufficiently secured. Additionally, the popularization of remote work, especially in the last year, offers another attack vector into an organization’s network that administrators should take care to manage.
My key takeaway from reading about networks and network security in Module A and Chapter 4 is that building security into networks (particularly wireless) has been reactive and not proactive. It did not take long at all for WEP to be cracked and exploited, and it took several years after that to get WPA2 in place. I think the challenge was probably that at the time the technology was implemented, there were still a lot of unknowns about what sort of security would even be needed to protect wireless networks. It seems to be a positive that there are standards and groups who are responsible for setting the standards, but it seems as if the standards should probably be a focal point before the technology is made widely available. That’s probably easier said than done, because with all new technology advancements, there are a lot of unknowns about risks and benefits. However, to me, it just highlighted the importance of trying to assess risks before implementing a new technology, and making sure there are controls in place to mitigate those risks to an acceptable level.
One of my key takeaways in Charter 4 Secure Networks is the understanding of denial-of-service (DoS) attacks. It attempts to make a server or network unavailable to legitimate users. Somehow, not all interruptions are considered an attack. The loss of service might cause by internal employees and managers, or when a large website links to a much smaller website. The website becomes overwhelmed by the increase in traffic. The goal of a DoS attack is stopping a critical service or slowly degrading service over time. As the DoS attacks cannot be identified in a short period, the network administrator might have to force unnecessary capital expenses to expend the bandwidth, hardware, and software. The main DoS attack methods are direct/indirect, intermediary, reflected, and sending malformed packets. The more complicated attacks are, the harder to stop and vice versa.
As the book mentions, we typically think of Denial of Service incidents as attacks, but there are plenty of situations where it’s not. There have been plenty of situations in the news where a company goes viral and their website crashes. I believe after the Trump campaign’s press conference at Four Seasons Total Landscaping, the landscaping company’s website crashed because of all the traffic to it. People were legitimately trying to figure out what it was.
I think denial of service is such a popular attack type because it is so easy to pull off. Individual attackers can buy access to botnets. There doesn’t have to be any actual breach of the target and you can launch the attacks from anywhere in the world.
Jonathan and To-Yin, you both make some good points. I think it was a good distinction raised in the text that not all Denial of Service incidents are attacks. At my previous employer, I was part of the implementation of a new mobile banking application and online banking application. They rolled it out to all customers at once and it caused the online banking application to crash and be unavailable to customers. From a business management perspective, the impact of either type of Denial of Service incident (as an attack or not) does not really matter in the moment of the incident because either way, customers are going to be unable to access their accounts and will be dissatisfied and frustrated.
From this reading I could tie a lot of it to the publications we read, such as the one on DoS Attacks. A direct attack is when a cyber criminal tries to directly flood the victim’s computer with a stream of packets. An indirect attack is when they attack using another computer’s IP address. Flooding is what happens when a direct or indirect attack sends more than the victim’s computer can handle. Causing it to crash and be vulrenable, which is where RAM, bandwidth, and CPU power comes in to be of importance. Thus, corporate servers are big enoguh and less susceptible to these attacks. Spoofing is what attackers use to hide their IP address. Back scatter is what happens as a result of spoofing, where the IP address being used is attacked by the victim computer’s responses.
Great summary Quynh. I fund reading about the various types of attacks interesting as well. Especially DOS attacks and that they are so difficult to prevent and mitigate. This reading is causing me to think more about the lengths organizations most go through to secure their systems.
One thing I found interesting from this chapter was the discussion on the “Death of the Perimeter.” Having a “Castle Model” sounds great in theory, but can be impractical. THis model assumes that all of the employees that are in the network are the “good guys”, while the ones on the outside are potentially “bad guys..” The key issue with this model is that everything that goes into the network will only pass through one point in the network. For this model to work perfectly, no personal devices can be used, and everyone who accesses the network will need to be inside the network at all times. With the increase of at-home work and the use of outside vendors, it is unrealistic to rely only on this model, but this model does prove to be a good starting point. A greater model, as described in the book, is the city model. A city may have no perimeter but has multiple checks in place throughout to detect any malicious actors. This can help detect potential attacks more easily.
Charlie – I thought this was a good illustration as well. Networks are not as simple as they once were. Initially, it may seem more difficult to manage, since there is no single point of access. But it is a great point that with that city model, there can be multiple opportunities to put checks in place. This highlights the significance of the concept of defense-in-depth, in which multiple layers of controls can be implemented to serve as protection points.
One of the key points I took from this reading is the importance of wireless security. Wireless networks have become nearly ubiquitous because they are quicker, easier, and less expensive to set up than traditional wired networks. They also offer greater mobility, productivity, and functionality. It is kind of surprise that wireless LANs have more security issues to consider than wired LANs. Wireless networks are particularly vulnerable to attacks because it is difficult to prevent physical access to them. For example, wireless network can be attacked by drive-by hackers who do not even have to enter the building to gain access to the LAN. The most common attack against wireless networks is unauthorized access or connecting to a network without permission. They could cause enormous harm to both internal resources and external resources.
Hi Wei,
That is an interesting point that you bring up wireless networks are easier and less expensive to set up than traditional wired networks. Wireless connections like 5G are becoming even faster than ethernet connections. However, wireless networks at the same time may also be more vulnerable to security breaches. One way of preventing unauthorized access or connecting to a network without permission is to have strong wireless firewalls and to encrypt data traffic wirelessly.
Wei, I also was surprised at how important wireless security is. I thought that a wired network was safer but after finding out that a hacker can plug into the port on the wall and bypass the firewall. I know have a greater respect for the wireless security
A key takeaway from this reading is the discussion on the future of secure networks, which has become increasingly difficult as the threat landscape is ever evolving. The notion of the traditional “castle model”, described as having the “good guys” on the inside and the “bad guys” on the outside seems to be a moot point, because as we have seen with Amazon, Cisco, ADT, Yandex the so called “good guys” were all internal threat actors. The “city model” seems to be a more viable option in creating a secure network as it involves layers of defenses for example, IDS, central authentication servers, encrypted network traffic, etc. But despite the security requirements outlined by the latter model, it only would only take one employee to maliciously or inadvertently compromised these systems – administrative controls trumps technical controls. Therefore, building a secure network should include aspects of the “city model” in conjunction with SETA policies to reduce the likelihood and magnitude of breaching the same.
A key takeaway from this chapter is understanding the different types of attacks and which aspect of the four main goals of a secured network they impact. For example, Denial of Service (DoS) attacks are designed to make a server or network unavailable to users. Another type of attack is ARP poisoning which is designed to impact both the functionality and confidentiality of the network. These attacks can be combined (ARP DoS) in order to impact availabiltiy. An ARP and Man in the Middle attack can be combined to impact the functionality of a system. It is important not only to understand the differnt types of attacks, but how they can be mitigated and remediated. This is has become more complex since the death of the perimeter and move from the traditional castle model to the city model as more and more individuals that are outside the network need access to information within the network. While the “city” defense is neccessary, it makes the network and systems more vulnerable to attack.
Strong access controls are an essential part of keeping any LAN secure. Over time, access controls for wired and wireless networks have evolved. It used to be that any device plugged into the ethernet port in an office was trusted and received access. Now, 802.1x, or port-based Network Access Control, can force new devices to authenticate with a RADIUS server before they are allowed to communicate. That authentication can even lead to proper authorization. WiFi has moved on from WEP to WPA and now WPA2. Even WPA2 Enterprise can use 802.1x through 802.11i.
The information I took from this chapter is that hackers will go through numerous measures to try and attack or gain access to networks whether they are from the outside, or are even current or former employees. They may attack by method of Address Resolution Protocol (ARP) “poisoning” – send malicious messages over Local Area Network; or Man-In-The-Middle attack – where the attacker alters traffic flow between 2 parties by redirecting communication; and also one of the most popular attacks known as DoS (Denial of Service) – which malicious actions interferes with the network so that valid users who need access cannot get on.
The 802.1X and RADIUS authentication is not a new concept to me, however, the benefits mentioned in the book, including the cost savings, consistency, and immediate changes that the 802.1X standard is capable of delivering is something that every organization can benefit from. I have personally done setups and maintenance of 802.1X and RADIUS authentication. It is centrally more involved than a WPA2 Personal network. In addition, the cost of getting a certificate and maintaining a domain controller and the RADIUS server is no easy task, however, the immediate change benefit mentioned in the book alone is worth the investment.
A key takeaway from this reading is an understanding of denial of service attacks, and the four different kinds that are described in the text. First are direct and indirect DoS attacks, where the attacker uses their own machine (and, in the case of an indirect attack, spoofs their IP address) to flood the target with requests. Second is an intermediary DoS, or distributed denial of service (DDoS), whereby the attacker controls a bot network via malware to collectively flood the target with requests. This is most common and effective, because it expands the hardware base from which an attacker can send requests. Third is a reflected attack, where the attacker sends requests from their own or controlled machines to a server they know can handle those requests. However, the attacker spoofs the IP of their requests to the IP address of their actual target. This causes the server they are sending the requests to to send a high volume of replies to the target machine, resulting in the denial of service on the target. Finally, a malformed packet attack involves sending IP packets of a size that the target is unable to handle, crashing their system. This isn’t frequently done, because it can generally be prevented by OS patches.
The biggest challenge for ensuring networks are secure are achieving the main security objectives. Confidentiality, Integrity and Availability. Confidentiality means that data, objects and resources are protected from unauthorized viewing and other access. Integrity means that data is protected from unauthorized changes to ensure that it is reliable and correct. Availability is the situation where information is available when and where it is rightly needed. DDos Attacks are aimed to compromise the availability of a network. A distributed denial-of-service (DDoS) attack is one of the most powerful weapons on the internet. DDoS Stands for “Distributed Denial of Service.”attack is an attempt by attackers to keep users from accessing a networked system, service, website, application, or other resource. The attack is launched at a target from multiple sources but coordinated from a central point. Distributed attacks are larger, potentially more devastating, and in some cases more difficult for the victim to detect and stop.
In this week reading from Chapter 4, I thought that it was interesting to note that the 3 principals known as (CIA) had a bit different definition for networks. In regard to Networks the following definitions are:
Availability – users have access to information services and network resources
Confidentiality – prevent unauthorized users from gaining information about the network
Integrity – making sure the message wasn’t altered while transmitting the message.
It was interesting to learn about the different types of attacks, such as ARP DoS Attacks, ARP Poisoning and SLAAC Attacks. According to the chapter, ARP poisoning is a network attack that manipulates host ARP tables to reroute local-area network (LAN) traffic. An attacker can reroute traffic for a man-in-the-middle attack, or stop it all together in an ARP DoS attack. ARP poisoning only works on LAN traffic.
My key takeaway from this chapter is that it seems like most of this is going to be largely obsolete in about 10 years. It’s always interesting to see how security evolves alongside emerging threats. My favorite part was about the comparison between the city and castle model. Personally, I lean towards the city model. That being said, I’m sure in about 10 years there’ll be some kind of “forest” model or something along those lines. A castle might be harder to get into, but once you’re in, it’s open season usually. I think it’s always important to diversify your security and always limit access to various users depending on business needs.
They concept of Evil Twin Access Points stood out to me from this reading. The book defines the Evil Twin Access point as a a PC that has software to allow it to masquerade as an access point. They are commonly found in public hot spot settings and because if the type of attack WPA do not protect against them. The text mentions that VPN, however, can protect against these types of attacks. The question I have is for many work computers VPN is not required to log in and you can access some systems and applications via AD authentication. Can an evil twin access point be executed here and then an attacker can back door to other applications?
One point, that i found interesting was the Ethernet security. I always thought that ethernet was safe because it is plugged into the port at the wall, But ports can be in an unauthorized state and users must authenticate themselves. Figure4-18 explains that an attacker can walk up to any wall jack and connect to the network bypassing the firewall.
One important point I took from this reading was the discussion of the most common attack against wireless networks: unauthorized access. I believe this is an important concept to expand on, as many simplify what unauthorized access truly means. Connecting to a network without permission may sound simple, but there are many different ways in which an attacker can do this, and understanding these ways is essential for protecting a company’s networks. For example, one can gain unauthorized access through rogue access points, packet sniffing, and misuse of local WLAN. Corporations must understand the different types of unauthorized access attacks, such as external versus internal, and protect their networks accordingly.
One of the biggest challenges for network administrators and security professionals is securing the network in an organization. The reason it is difficult is because many organizations have employees working remotely, using wireless devices, and employees bring personal mobile devices and connecting them to the network. Wireless attacks will typically focus on an access point within the organization and the attacker could be a distance away, which makes it more difficult to prevent. There are three types of attacks such as unauthorized access, man-in-the-middle, and wireless denial of service. Another attack vector that makes it difficult to secure networks is sometimes an employee of an organization will set up a rogue access point and if that access point is not properly configured then an attacker could gain access to the network and bypass firewalls.
Hi Nicholas – it’s true that the attack surface for an organization is much wider now than 15 or even 10 years ago. The standardization of wireless network access as a result of the convenience it offers means there are organizations typically have many wireless access points that must be sufficiently secured. Additionally, the popularization of remote work, especially in the last year, offers another attack vector into an organization’s network that administrators should take care to manage.
My key takeaway from reading about networks and network security in Module A and Chapter 4 is that building security into networks (particularly wireless) has been reactive and not proactive. It did not take long at all for WEP to be cracked and exploited, and it took several years after that to get WPA2 in place. I think the challenge was probably that at the time the technology was implemented, there were still a lot of unknowns about what sort of security would even be needed to protect wireless networks. It seems to be a positive that there are standards and groups who are responsible for setting the standards, but it seems as if the standards should probably be a focal point before the technology is made widely available. That’s probably easier said than done, because with all new technology advancements, there are a lot of unknowns about risks and benefits. However, to me, it just highlighted the importance of trying to assess risks before implementing a new technology, and making sure there are controls in place to mitigate those risks to an acceptable level.
One of my key takeaways in Charter 4 Secure Networks is the understanding of denial-of-service (DoS) attacks. It attempts to make a server or network unavailable to legitimate users. Somehow, not all interruptions are considered an attack. The loss of service might cause by internal employees and managers, or when a large website links to a much smaller website. The website becomes overwhelmed by the increase in traffic. The goal of a DoS attack is stopping a critical service or slowly degrading service over time. As the DoS attacks cannot be identified in a short period, the network administrator might have to force unnecessary capital expenses to expend the bandwidth, hardware, and software. The main DoS attack methods are direct/indirect, intermediary, reflected, and sending malformed packets. The more complicated attacks are, the harder to stop and vice versa.
As the book mentions, we typically think of Denial of Service incidents as attacks, but there are plenty of situations where it’s not. There have been plenty of situations in the news where a company goes viral and their website crashes. I believe after the Trump campaign’s press conference at Four Seasons Total Landscaping, the landscaping company’s website crashed because of all the traffic to it. People were legitimately trying to figure out what it was.
I think denial of service is such a popular attack type because it is so easy to pull off. Individual attackers can buy access to botnets. There doesn’t have to be any actual breach of the target and you can launch the attacks from anywhere in the world.
Jonathan and To-Yin, you both make some good points. I think it was a good distinction raised in the text that not all Denial of Service incidents are attacks. At my previous employer, I was part of the implementation of a new mobile banking application and online banking application. They rolled it out to all customers at once and it caused the online banking application to crash and be unavailable to customers. From a business management perspective, the impact of either type of Denial of Service incident (as an attack or not) does not really matter in the moment of the incident because either way, customers are going to be unable to access their accounts and will be dissatisfied and frustrated.
From this reading I could tie a lot of it to the publications we read, such as the one on DoS Attacks. A direct attack is when a cyber criminal tries to directly flood the victim’s computer with a stream of packets. An indirect attack is when they attack using another computer’s IP address. Flooding is what happens when a direct or indirect attack sends more than the victim’s computer can handle. Causing it to crash and be vulrenable, which is where RAM, bandwidth, and CPU power comes in to be of importance. Thus, corporate servers are big enoguh and less susceptible to these attacks. Spoofing is what attackers use to hide their IP address. Back scatter is what happens as a result of spoofing, where the IP address being used is attacked by the victim computer’s responses.
Great summary Quynh. I fund reading about the various types of attacks interesting as well. Especially DOS attacks and that they are so difficult to prevent and mitigate. This reading is causing me to think more about the lengths organizations most go through to secure their systems.
One thing I found interesting from this chapter was the discussion on the “Death of the Perimeter.” Having a “Castle Model” sounds great in theory, but can be impractical. THis model assumes that all of the employees that are in the network are the “good guys”, while the ones on the outside are potentially “bad guys..” The key issue with this model is that everything that goes into the network will only pass through one point in the network. For this model to work perfectly, no personal devices can be used, and everyone who accesses the network will need to be inside the network at all times. With the increase of at-home work and the use of outside vendors, it is unrealistic to rely only on this model, but this model does prove to be a good starting point. A greater model, as described in the book, is the city model. A city may have no perimeter but has multiple checks in place throughout to detect any malicious actors. This can help detect potential attacks more easily.
Charlie – I thought this was a good illustration as well. Networks are not as simple as they once were. Initially, it may seem more difficult to manage, since there is no single point of access. But it is a great point that with that city model, there can be multiple opportunities to put checks in place. This highlights the significance of the concept of defense-in-depth, in which multiple layers of controls can be implemented to serve as protection points.
One of the key points I took from this reading is the importance of wireless security. Wireless networks have become nearly ubiquitous because they are quicker, easier, and less expensive to set up than traditional wired networks. They also offer greater mobility, productivity, and functionality. It is kind of surprise that wireless LANs have more security issues to consider than wired LANs. Wireless networks are particularly vulnerable to attacks because it is difficult to prevent physical access to them. For example, wireless network can be attacked by drive-by hackers who do not even have to enter the building to gain access to the LAN. The most common attack against wireless networks is unauthorized access or connecting to a network without permission. They could cause enormous harm to both internal resources and external resources.
Hi Wei,
That is an interesting point that you bring up wireless networks are easier and less expensive to set up than traditional wired networks. Wireless connections like 5G are becoming even faster than ethernet connections. However, wireless networks at the same time may also be more vulnerable to security breaches. One way of preventing unauthorized access or connecting to a network without permission is to have strong wireless firewalls and to encrypt data traffic wirelessly.
Wei, I also was surprised at how important wireless security is. I thought that a wired network was safer but after finding out that a hacker can plug into the port on the wall and bypass the firewall. I know have a greater respect for the wireless security
A key takeaway from this reading is the discussion on the future of secure networks, which has become increasingly difficult as the threat landscape is ever evolving. The notion of the traditional “castle model”, described as having the “good guys” on the inside and the “bad guys” on the outside seems to be a moot point, because as we have seen with Amazon, Cisco, ADT, Yandex the so called “good guys” were all internal threat actors. The “city model” seems to be a more viable option in creating a secure network as it involves layers of defenses for example, IDS, central authentication servers, encrypted network traffic, etc. But despite the security requirements outlined by the latter model, it only would only take one employee to maliciously or inadvertently compromised these systems – administrative controls trumps technical controls. Therefore, building a secure network should include aspects of the “city model” in conjunction with SETA policies to reduce the likelihood and magnitude of breaching the same.
A key takeaway from this chapter is understanding the different types of attacks and which aspect of the four main goals of a secured network they impact. For example, Denial of Service (DoS) attacks are designed to make a server or network unavailable to users. Another type of attack is ARP poisoning which is designed to impact both the functionality and confidentiality of the network. These attacks can be combined (ARP DoS) in order to impact availabiltiy. An ARP and Man in the Middle attack can be combined to impact the functionality of a system. It is important not only to understand the differnt types of attacks, but how they can be mitigated and remediated. This is has become more complex since the death of the perimeter and move from the traditional castle model to the city model as more and more individuals that are outside the network need access to information within the network. While the “city” defense is neccessary, it makes the network and systems more vulnerable to attack.
Strong access controls are an essential part of keeping any LAN secure. Over time, access controls for wired and wireless networks have evolved. It used to be that any device plugged into the ethernet port in an office was trusted and received access. Now, 802.1x, or port-based Network Access Control, can force new devices to authenticate with a RADIUS server before they are allowed to communicate. That authentication can even lead to proper authorization. WiFi has moved on from WEP to WPA and now WPA2. Even WPA2 Enterprise can use 802.1x through 802.11i.
The information I took from this chapter is that hackers will go through numerous measures to try and attack or gain access to networks whether they are from the outside, or are even current or former employees. They may attack by method of Address Resolution Protocol (ARP) “poisoning” – send malicious messages over Local Area Network; or Man-In-The-Middle attack – where the attacker alters traffic flow between 2 parties by redirecting communication; and also one of the most popular attacks known as DoS (Denial of Service) – which malicious actions interferes with the network so that valid users who need access cannot get on.
The 802.1X and RADIUS authentication is not a new concept to me, however, the benefits mentioned in the book, including the cost savings, consistency, and immediate changes that the 802.1X standard is capable of delivering is something that every organization can benefit from. I have personally done setups and maintenance of 802.1X and RADIUS authentication. It is centrally more involved than a WPA2 Personal network. In addition, the cost of getting a certificate and maintaining a domain controller and the RADIUS server is no easy task, however, the immediate change benefit mentioned in the book alone is worth the investment.
A key takeaway from this reading is an understanding of denial of service attacks, and the four different kinds that are described in the text. First are direct and indirect DoS attacks, where the attacker uses their own machine (and, in the case of an indirect attack, spoofs their IP address) to flood the target with requests. Second is an intermediary DoS, or distributed denial of service (DDoS), whereby the attacker controls a bot network via malware to collectively flood the target with requests. This is most common and effective, because it expands the hardware base from which an attacker can send requests. Third is a reflected attack, where the attacker sends requests from their own or controlled machines to a server they know can handle those requests. However, the attacker spoofs the IP of their requests to the IP address of their actual target. This causes the server they are sending the requests to to send a high volume of replies to the target machine, resulting in the denial of service on the target. Finally, a malformed packet attack involves sending IP packets of a size that the target is unable to handle, crashing their system. This isn’t frequently done, because it can generally be prevented by OS patches.
The biggest challenge for ensuring networks are secure are achieving the main security objectives. Confidentiality, Integrity and Availability. Confidentiality means that data, objects and resources are protected from unauthorized viewing and other access. Integrity means that data is protected from unauthorized changes to ensure that it is reliable and correct. Availability is the situation where information is available when and where it is rightly needed. DDos Attacks are aimed to compromise the availability of a network. A distributed denial-of-service (DDoS) attack is one of the most powerful weapons on the internet. DDoS Stands for “Distributed Denial of Service.”attack is an attempt by attackers to keep users from accessing a networked system, service, website, application, or other resource. The attack is launched at a target from multiple sources but coordinated from a central point. Distributed attacks are larger, potentially more devastating, and in some cases more difficult for the victim to detect and stop.
In this week reading from Chapter 4, I thought that it was interesting to note that the 3 principals known as (CIA) had a bit different definition for networks. In regard to Networks the following definitions are:
Availability – users have access to information services and network resources
Confidentiality – prevent unauthorized users from gaining information about the network
Integrity – making sure the message wasn’t altered while transmitting the message.
It was interesting to learn about the different types of attacks, such as ARP DoS Attacks, ARP Poisoning and SLAAC Attacks. According to the chapter, ARP poisoning is a network attack that manipulates host ARP tables to reroute local-area network (LAN) traffic. An attacker can reroute traffic for a man-in-the-middle attack, or stop it all together in an ARP DoS attack. ARP poisoning only works on LAN traffic.
My key takeaway from this chapter is that it seems like most of this is going to be largely obsolete in about 10 years. It’s always interesting to see how security evolves alongside emerging threats. My favorite part was about the comparison between the city and castle model. Personally, I lean towards the city model. That being said, I’m sure in about 10 years there’ll be some kind of “forest” model or something along those lines. A castle might be harder to get into, but once you’re in, it’s open season usually. I think it’s always important to diversify your security and always limit access to various users depending on business needs.
They concept of Evil Twin Access Points stood out to me from this reading. The book defines the Evil Twin Access point as a a PC that has software to allow it to masquerade as an access point. They are commonly found in public hot spot settings and because if the type of attack WPA do not protect against them. The text mentions that VPN, however, can protect against these types of attacks. The question I have is for many work computers VPN is not required to log in and you can access some systems and applications via AD authentication. Can an evil twin access point be executed here and then an attacker can back door to other applications?
One point, that i found interesting was the Ethernet security. I always thought that ethernet was safe because it is plugged into the port at the wall, But ports can be in an unauthorized state and users must authenticate themselves. Figure4-18 explains that an attacker can walk up to any wall jack and connect to the network bypassing the firewall.