Join Lisa Bock for an in-depth discussion in this video Protocol good practices, part of IT Security Foundations: Operating System Security.
- When talking about protocol good practices, there's a couple of things the network administrator and you can do. First of all, use protocols that can provide encryption, such as HTTPS, which is HTTP over Secure Socket Layer or Transport Layer Security, which effectively creates a VPN between the server and the client, encrypting all data, and also Secure Shell. Now, this is used with Telnet. Telnet isn't used as often anymore, but there may be a reason that you have to use Telnet, so you should use a Secure Shell application, such as PuTTY.
Let's take a look. Now, PuTTY will help to encrypt your data if you do have to use Telnet, and it's a free download. This will be able to secure your communication. Network Time Protocol is used to provide automated time synchronization. Now, Network Time Protocol is a great protocol to use because some protocols, such as Kerberos, require synchronized time on the network. A network administrator has a resource, which is called the NTP Pool Project, where they can obtain synchronized time for their system.
File Transfer Protocol, FTP, by default is not encrypted. Now, we know that we can use the File Transfer Protocol in a browser, but you should use some type of software in order to do effective and secure File Transfer Protocol. We'll just use this illustration here to show you that. This is an example of an open and public FTP server. Now, I'm going to put this up in the URL, which you know in general, it would be HTTP, but you can see here, now, I can use FTP.
I'll press Enter, and it's going to present me with a list of documents. Now, File Transfer Protocol is not like a webpage, you would simply click on the document and then it would download the document. But this is all in plain text. It is not secure, and it is not encrypted. I'm at this website, it's called IPViking, and it's showing us that there are a number of different types of attacks. These are essentially attacks in real time across the world. Now, what's interesting is, I wanted to point out to you, at least while I'm looking at this right at this moment, the attack type which is listed first is Telnet.
Telnet, by default, has been deprecated in a Windows operating system for some time. However, we want to ensure that Telnet is not active. For whatever reason, it may have been put on or activated. I'll go to the Control Panel, and look at Programs and Features. And here, I'll say Turn Windows features on or off. Hmm. Sure enough here, it's set for Telnet Server. Well, I don't want that, so I'm going to uncheck that, and see if anything else is there that I should turn off.
For some reason, FTP Server was on, I'm going to uncheck that as well. So there are several things you can do to ensure good protocol practice on your system.
Note: This training maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals exam (98-367). See https://www.microsoft.com/learning/en-us/exam-98-367.aspx for more information.
- Creating strong passwords
- Understanding biometric security
- Adjusting permission behavior
- Enabling auditing
- OS hardening
- Using the Microsoft Baseline Security Analyzer
- Protecting email