Protocols of the TCPIP Suite Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
7 hours 50 minutes
Difficulty
Beginner
CEU/CPE
8
Video Transcription
00:01
>> Just a few more protocols, important numbers.
00:01
The next protocol we have is LDAP,
00:01
Lightweight Directory Access Protocol.
00:01
This is the database format or structure
00:01
>> for active directory
00:01
>> and any sort of directory services that we use.
00:01
>> When you see LDAP,
00:01
I want you to think domain controller,
00:01
if you're a Windows person,
00:01
or a more general term, authentication server.
00:01
LDAP is the protocol
00:01
>> that allows the structuring of organizations
00:01
>> and you can see that it's a hierarchical structure.
00:01
>> At the top, we have a root, children and leaps.
00:01
In windows at the top,
00:01
you have the root, down to domains,
00:01
down to organizational units,
00:01
then down to groups and users.
00:01
But at any rate, it's a structuring of R
00:01
>> and network environment
00:01
>> that makes it very easy to access information
00:01
>> and to retrieve information
00:01
>> and to organize our network.
00:01
>> LDAP uses port 389 or a secure LDAP uses port 636.
00:01
Mentioned a few minutes ago that HTTP is insecure.
00:01
What do we do?
00:01
>> We can use SSL and TLS to provide security.
00:01
>> SSL and TLS uses port 443.
00:01
These are not the same protocol.
00:01
SSL and TLS are two different protocols
00:01
>> but they do both use 443
00:01
>> and a lot of ways they operate in a similar fashion.
00:01
>> RADIUS stands for Remote
00:01
Authentication Dial-In User Services.
00:01
We actually talked about
00:01
this same idea back with TACACS Plus.
00:01
What RADIUS does is allow a centralized location to
00:01
configure policies and rules of remote access clients.
00:01
For instance, when we say remote access clients,
00:01
we're talking about clients that access the network
00:01
without being physically plugged into the network.
00:01
Wi-Fi clients style up,
00:01
which I know we scoff at dial-up because we don't think
00:01
of dusting off our modems to connect to our networks.
00:01
But dial-up still exist in particular environments.
00:01
Plus we have to keep in mind that not
00:01
everywhere has high-speed access.
00:01
Remote access services and dial-up are still around.
00:01
We also think about VPN clients
00:01
connecting to VPN servers.
00:01
Over on the left where you see supplicants,
00:01
supplicant is the device that initiates the connection.
00:01
It's the remote device that wants to
00:01
connect to the local area network.
00:01
Traditionally, the supplicants have to
00:01
connect to two devices called authenticators.
00:01
My Wi-Fi device connects to an access point,
00:01
my dial-up client connects to a remote access server,
00:01
my VPN client to a VPN server and traditionally,
00:01
what has happened is the policy decisions
00:01
>> were configured and made on these authenticators.
00:01
>> What I mean by that is
00:01
>> if I want to set up very strict requirements
00:01
>> for who can access the network wirelessly, what time,
00:01
what type of connection,
00:01
what location, or any set of requirements,
00:01
what I would have to do is go to those access points
00:01
>> and configure the rules, the policies.
00:01
>> Same thing if I have multiple dial-up servers
00:01
or remote access servers,
00:01
I'd have to configure policy on
00:01
>> each of those servers, same thing with VPN.
00:01
>> What I have is a really distributed environment
00:01
where I would have to walk around
00:01
from access point to access point and configure policy.
00:01
Or instead, I can configure those devices with
00:01
authenticators to forward the authentication requests
00:01
to a RADIUS server.
00:01
I would configure policy just on that RADIUS server,
00:01
that's exactly what TACACS Plus was for.
00:01
There's also a protocol that's similar called diameter.
00:01
Diameter never really took off,
00:01
but it's purpose was to replace RADIUS
00:01
as diameter as twice the RADIUS.
00:01
RADIUS is all about central authentication for
00:01
remote access services and it uses port 1812 and 1813,
00:01
and it works very comparably to TACACS Plus.
00:01
Remote Desktop Protocol, RDP.
00:01
This is a very dangerous protocol
00:01
from a security perspective
00:01
because what RDP allows you
00:01
>> to do is access another user's system.
00:01
>> You can perform operations
00:01
>> just as if you're sitting in front of that system.
00:01
>> In some ways, that's very helpful.
00:01
Because if you need help doing
00:01
some administrative type task
00:01
and you don't know how to add a printer,
00:01
then I can RDP into your system,
00:01
you can watch me add a printer and that'll
00:01
make it easier for you next time.
00:01
But of course, with any remote access,
00:01
you got to be very careful,
00:01
cautious, and limited where we allow RDP.
00:01
I can't think of a lot of reasons that I'm going to allow
00:01
unfettered RDP access from outside the network in,
00:01
probably not a good idea.
00:01
RDP uses port 3389.
00:01
Now, I'm not going to tell you these are
00:01
all the port numbers you could conceivably see.
00:01
But if I were studying for
00:01
this exam and for those of you who are
00:01
coming down the line and looking
00:01
forward to the security plus exam,
00:01
these are the protocols that I'd be sure to know.
00:01
Have a brief understanding that this level,
00:01
you don't need to be in depth with any of
00:01
these particles but I would encourage you as we continue,
00:01
you'll want to go a bit deeper
00:01
and we'll cover those throughout the class.
00:01
Now, in these key takeaways,
00:01
there are few protocols that we have not discussed.
00:01
I request that you focus on the ones we've
00:01
covered as far as understanding them in
00:01
more depth but it doesn't hurt
00:01
to know one or two additional protocols.
00:01
There's one here for NetBIOS
00:01
and Network News Transfer Protocol.
00:01
The best way to memorize these ports
00:01
>> is to get a deck of flashcards
00:01
>> and put HTTP on the front and on the back port 80.
00:01
>> If we take the time to do that,
00:01
then I think you'll find that
00:01
>> you can memorize the ports fairly quickly
00:01
>> and it won't be too challenging.
00:01
>> Like I said, these little wrap-up ports
00:01
>> give you a couple more,
00:01
>> but I would focus on the port numbers
00:01
>> that I've given you.
00:01
>> With this being one of those lists that
00:01
out of everything that I could possibly throw at you,
00:01
one of these port numbers could pop up,
00:01
but please focus on the ones that I've provided.
Up Next