Remote Access

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
8 hours 19 minutes
Difficulty
Beginner
CEU/CPE
8
Video Transcription
00:00
Let's move on to our next section, which covers remote access.
00:04
So we're looking at connecting to the network without being physically plugged in.
00:08
We'll talk a little bit about dial up, and then we'll talk about VPN access through process we referred to as tunneling.
00:16
So let's take a look at dial up
00:18
Normally, when we're connected to our local area network were connected VR Network card
00:24
and that network card provides layer to framing for a local network.
00:28
But if we take a step back and we think about a remote access clients
00:32
maybe using, um, Autumn to connect into a remote access server,
00:36
which is likely not the way we're communicating mainstream.
00:39
The remote access server and modem usage still exists,
00:43
But in this case I have a client that's no longer connecting to the network via network card,
00:48
which means they don't have a device that does the work that a network card typically does.
00:53
One of the things a network card does is provide layer to framing for Elian connections.
00:59
It adds the information that's necessary to communicate across a l n.
01:03
If we have a client dialing up with, um, autumn, there is no device to provide that layer to framing.
01:08
That's where point to point protocol comes in.
01:11
P P P is how it's often referred to point to point protocol. Through
01:17
is what does that layer to framing for connections to the W A. N.
01:21
It was traditionally used with dial up clients. But today, now that we're connecting out to our w. A. N s through our cable modems and DSL modems,
01:30
now we have something called P P p o E,
01:33
which is point to point protocol over Ethernet,
01:36
which basically means you're using your network card. But you're still connecting to a W A N, as opposed to a local area network.
01:42
So the primary protocol is going to be allowing us to connect to a W A N and still have that layer two information added. That's point to point protocol.
01:53
Mhm
01:53
with point to point protocol is not designed to add security.
01:57
It's specifically for layer to frame me.
02:00
So for security, there are a handful of authentication protocols that would be used,
02:05
the first of which is P. A. P.
02:07
Pip stands for password authentication protocol,
02:10
and poppy transmits passwords in plain text.
02:15
We don't want that anymore.
02:16
P A P really is irrelevant for use today,
02:20
P A P was replaced by a protocol called C J P
02:23
Challenge handshake authentication Protocol.
02:25
And then Microsoft extended beyond that. And there's M S, C, H A, P and M S C H a p version two.
02:35
But ultimately, this is something called a challenge handshake protocol or a challenge response.
02:40
So basically, when one device is trying to make a connection with another based on the password that's entered,
02:46
let's say I have to connect to a router from one router from another.
02:51
I'm setting up a static route, for instance.
02:53
There may be a password protection,
02:55
so only if I type in the correct password. Can my device respond to a challenge issued by the server or the system on the other end.
03:04
Basically, what it is is a system where I can prove the password that's being entered correctly without having to put the password on the network.
03:12
Challenge Response systems are good because they do keep the passwords off the network. That's desirable.
03:17
But the problem with C. H, a, P and P A P also is that they only provide a means to authenticate using passwords.
03:25
There are a lot of ways we can authenticate today.
03:29
We can use smart cards, biometrics, cookies, certificates, tokens and none of that can be used with P, A, P or C J P.
03:37
We needed a protocol that could extend beyond just passwords and really provide capabilities to authenticate in any manner you choose.
03:45
That's very EAP extensible authentication protocol
03:50
eep extends the capabilities beyond passwords.
03:53
You can think of it in that way.
03:54
So at any point in time you're using anything beyond passwords. You're definitely using it.
04:00
I will also allow you to use passwords as well. So keep is the way of the future.
Up Next