,
[ Pobierz całość w formacie PDF ]
.While the ping utility included with both MicrosoftPKIWindows and UNIX/Linux platforms is a legitimatenetwork testing tool, ping sweeps generally utilize moreStands for Public Key Infrastructure, a set of technoloýÿsophisticated tools that can automatically scan an entiregies and policies for authenticating entities using publicrange of addresses and perform other kinds of tests tokey cryptography.enumerate hosts that are detected.See: Public Key Infrastructure (PKI)A number of tools are around that can be used to per-form ping sweeps on remote networks, including Fping,PKINITGping, Nmap, Pinger, Ping Sweep, and Rhino9.To evadeAn extension to Kerberos that adds public keyfirewalls that block ICMP echo requests, many of thesecryptography.tools can use other types of packets, including ICMP timestamp and address mask requests as alternatives.OverviewPKINIT enhances the Kerberos specification RFCNotes1510bis by allowing Kerberos clients to have their iniýÿPing sweeping is also known as ICMP sweeping.tial authentication performed using public key cryptogýÿSee Also: enumeration, footprinting, Fping, Nmap,raphy.PKINIT is derived from Public Keyscanningcryptography for INITial authentication and is curýÿrently an Internet-Draft standard being considered bythe Internet Engineering Task Force (IETF).The advanýÿPKCStages of incorporating public key cryptography intoStands for public key cryptography standards, a seriesPKerberos include easier key management and the abilityof specifications for Public Key Infrastructure (PKI)to leverage emerging Public Key Infrastructure (PKI) sysýÿimplementation.tems.The PKINIT draft standard specifies how preauýÿthentication data fields and error data fields in KerberosSee: public key cryptography standards (PKCS)messages can be used for carrying public key data.PKCS #7 See Also: Kerberos, public key cryptographyA specification for cryptographic message syntax.PKIXOverviewPKCS #7 is the most widely implemented of the PKCSStands for Public-Key Infrastructure (X.509), a set ofde facto standards issued by RSA Security.PKCS #7standards for implementing an X.509-based public keyforms the basis of the Cryptographic Message Syntaxinfrastructure (PKI).(CMS) standard of RFC 2630 that outlines how toSee: Public-Key Infrastructure (X.509) (PKIX)authenticate, digest, encrypt, and sign digital messages.Uses for PKCS #7 include certificate requests for Pubýÿlic Key Infrastructure (PKI) and digital signatures for247plaintext pluggable authentication module (PAM)OverviewplaintextPlatform for Privacy Preferences (P3P) is a project of ýÿInformation that is unencrypted.the World Wide Web Consortium (W3C) intended as an ýÿOverviewindustry standard for protecting the privacy of users who ýÿEncryption is the process of transforming plaintext intosubmit personal information to Web sites they visit.P3P ýÿciphertext.Plaintext is information that is in human-provides a mechanism for implementing privacy policies ýÿreadable form; for example, an e-mail message typed inon Web sites and provides users with clear and unambigýÿýÿa text editor.To prevent sensitive information fromuous information about how sites will handle their perýÿýÿbeing read if it is intercepted by someone other than itssonal information.P3P allows privacy policies for Web ýÿintended recipient, the message can be encrypted usingsites to be implemented in a standardized machine-ýÿa mathematical procedure called an encryption algoýÿreadable format so that P3P-supporting Web browsers ýÿrithm.The result of applying this algorithm to the inforýÿcan automatically compare a site s policy to the user sýÿmation is ciphertext, a string of bits that still containsprivacy preferences configured in the browser.ýÿthe original information but cannot be read by anyoneThe P3P 1.0 Recommendation was released in April ýÿunless it is first decrypted to convert it back into plaintext.2002, and the W3C has published a number of guides ýÿSee Also: ciphertext, encryption, encryption algorithmand tools for how to implement P3P on both the client ýÿand server sides.Version 6 of Microsoft Internet ýÿExplorer Web browser supports many aspects of P3P as ýÿplaintext cipherdoes Mozilla and other browsers.ýÿblock chaining (PCBC)A block cipher used in Kerberos authentication.For More Information1Visit www.w3.org/P3P/ for more information.ýÿOverviewPlaintext cipher block chaining (PCBC) is a modified See Also: privacyform of cipher block chaining (CBC), a feedback mechýÿanism commonly used in block ciphers.PCBC providesplaybacka mechanism for detecting when encrypted communiýÿAnother name for packet replay, capturing and resendýÿcations are compromised by ensuring that, if a portioning packets on a network.of an encrypted message is changed, the content of theP remaining part of the message is garbage (indecipherýÿSee: packet replayable).By including a standard block of data at the endof each Kerberos message, a recipient can test whetherpluggable authenticationa message has been tampered with by seeing if this stanýÿmodule (PAM)dard data decrypts properly.A UNIX programming model for extensible authenticaýÿSee Also: cipher block chaining (CBC), Kerberostion architecture [ Pobierz caÅ‚ość w formacie PDF ] |
Archiwum
|