Professional Documents
Culture Documents
FTP Data
FTP Control
SSH, SCP SFTP
Telnet
SMTP
WINS Replication
TACACS
DNS client to server lookup
SQL TCP client name lookup
DHCP client
DHCP server
TFTP
HTTP, Internet Information Services (IIS)
Kerberos krb5
MTA - X.400 over TCP/IP or X400
POP3
POP3 Post Office Protocol version 3
NNTP
NNTP Network News Transfer Protocol
Client Server Communication
DCOM (SCM uses udp/tcp to dynamically assign ports
for DCOM)
DHCP Manager
Exchange Administrator
RPC
RPC user manager, service manager, port mapper
SQL session mapper
WINS Manager
WINS Registration
DNS Administration
File shares session
NetBIOS
NetBT service sessions
NetBT service sessions
Printer sharing session
SQL session
IMAP
IMAP Internet message access protocol version 4
SNMP Trap
LDAP
UDP
20
21
22
23
25
25
49
53
53
67
68
69
80
88
102
110
110
119
119
135
135
135
135
135
135
135
135
137
139
139
139
139
139
139
139
143
143
162
389
49
53
88
137,138
162
389
389
443
443
443
464
515
522
531
543
544
548
560
563
568
569
636
993
995
1234
1433
1500
1503
1720
1723
1723
1731
1801
1812
2053
2500
3389
3389
6665
6667
8000
464
636
1723
1801
1812
3389
1646 or 1813
1645 or 1812
161
137
137
Syslog
WINS NetBios over TCP/IP name service
WINS Proxy
Browsing requests of NetBIOS over TCP/IP
Client/Server Communication
File shares name lookup
ICMP
IKE (For more information, see Table C.4)
ISAKMP (VPN) Internet Security Association and Key
Management Protocol (virtual private network)
L2TP
L2TP Layer 2 Tunneling Protocol
NetBT datagrams
NetBT name lookups
NetLogon
Network Load Balancing
Printer sharing name lookup
514
137
137
137
137
7
500
500
1701
1701
138
137
138
2504
137
DoS
DDos
SYN Flood
Ping Flood/scan
Denial of Service
Distributed DoS
Syn = first packet sent to a server
ARP Poisoning
an attack that convinces the network that the attacker's MAC address is the one a
the network that the attacker's MAC address is the one associated with an allowed address so that traffic is wron
EAP
Radius
NAC
PNAC
802.1d
Cluster
802.1x
WIDS
MAC
MAC
TKIP
WEP
WPA
CCMP
ARP
RBAC
Rule-BAC
BCP
AUP
Border Gateway Protocol (BGP)
BIA
Business continuity planning (BCP)
Certificate authority (CA)
Common Access Card (CAC)
Common Criteria (CC)
A process of implementing policies, controls, and procedures to counteract effects of losses, outages, or failur
An issuer of digital certificates (which are then used for digital signatures or key pairs).
A standard identification card used by the Department of Defense (DoD) and other employers. It is used for a
A document of specifications detailing security evaluation methods for IT products and systems.
Dynamically reroute traffic by reconfiguring root port Destination Port and blocked ports.
ocked ports.
The process of evaluating all critical systems in an organization to define impact and recovery plans.
`
IDEA
RC4
BlowFish
Two Fish
DES
Type
Symmetric Encryption
Symmetric Encryption
Symmetric Encryption
Symmetric Encryption
Symmetric Encryption
Algorithm
Stream Cipher
Block cipher
3DES
Symmetric Encryption
Block cipher
AES
Symmetric Encryption
RC5
Symmetric Encryption
RSA
Asymmetric Encryption
Key transport
Diffie-Hellman
Asymmetric Encryption
Key exchange
El Gamal
Asymmetric Encryption
Key exchange
MD5
Hash (Digest)
MD6
Hash
SHA-1
Hash
SHA-2 (SHA256)
Hash
SHA-2 (SHA512)
Hash
SHA-3
Hash
Keccak
HMAC
RIPE-MD
HMAC-MD5
HMAC-SHA1
Hash
Hash
Hash
Hash
Keyed Digest
Block cipher
Size
Strength
Replaced By
64 bit
64 bit (56 + 8 parity)
Very weak
3DES
Moderate
AES
Strong
N/A
Very Strong
N/A
512
Strong
N/A
N/A
Moderate
El Gamal
N/A
Very Strong
N/A
weak, suffers
MD6, et. Al.
colisions
weak
Very Strong
Very Strong
Very Strong
Variable
160 bit
Very Strong
SHA-2, SHA-3
N/A
Use
Streamed data, e.g. video
Faster than AES - source: Darril Gibson
no longer used
used in older applications, phased out
used practically everywhere
file integrity
in development
Layer 2
Layer 3
Layer 3 ~ Layer 7