Hack Proofing Linux: A Guide to Open Source Security
Excellent detailed introduction to key Linux security tools and
techniques, for non-system administrators.
TABLE OF CONTENTS Hack Proofing Linux: A Guide to Open Source Security
Chapter 7: Avoiding Sniffing Attacks through Encryption
Introduction
You now understand how it is possible to enhance authentication using third-party open source software. You also understand some of the pitfalls involved in deploying such software in various systems. For example, in the last chapter you discovered how to deploy authentication using one-time passwords and Kerberos. These authentication implementations enable systems to verify the identity of a user logging on to them, and the integrity of data.
In this chapter, you will learn about solutions to deploy strong encryption to enhance network security. Encryption ensures data confidentiality by using algorithms to encrypt data before it is sent over a network. The receiving host then decrypts the data to a readable format. The solutions in this chapter combine both authentication and encryption, and include a step-by-step guide to implementing encryption over an insecure network.
Understanding Network Encryption
Network encryption ensures that data sent across a network from one host to another is unreadable to a third party. If a sniffer intercepts the data, it finds the data unusable because the data is encrypted. Therefore, a hacker cannot view any usernames or passwords, and any information sent across the network is safe. The requirement is that all communicating systems must support the same network encryption technique, such as Secure Shell (SSH).
Network encryption is used for any data transfer that requires confidentiality. Since the Internet is a public network, network encryption is essential. E-commerce transactions must ensure confidentiality to protect credit card and personal information. Personal banking Web sites and...
Copyright Syngress Publishing, Inc. 2001 under license agreement with Books24x7
