xx CHAPTER 14 Remote Access and Long-Distance Communication ............................... 418 Introduction to Telecommunication Systems ............................... 419 Remote Connection Technologies and Media ....................................... 420 Public Switched Telephone Network (PSTN) ................. 421 Integrated Services Digital Network (ISDN) ................... 422 Cable Internet Service ............................................... 423 Digital Subscriber Line (DSL)..................................... 424 Satellite .................................................................. 425 T-Carrier ................................................................. 427 FDDI ...................................................................... 428 SONET ................................................................... 429 X.25 ....................................................................... 429 Frame Relay ............................................................ 430 Dial-Up Networking ............................................... 430 Dial-In Only ............................................................ 432 Dial-Out Only .......................................................... 432 Full Service ............................................................. 432 Remote Desktop Protocol (RDP) ................................. 432 Remote Access Protocols .......................................... 433 Virtual Private Network (VPN) ............................. 437 CHAPTER 15 Network Security ........................................................ 444 Hacking ................................................................... 446 Common Network Security Breaches .................. 446 Unprotected Network Shares ...................................... 446 Social Engineering ................................................... 446 Open Ports .............................................................. 447 Zero Configuration (Zeroconf) .................................... 448 Denial of Service (DoS) ............................................. 448 Man in the Middle (MITM) ........................................ 449 Spoofing ................................................................. 449 Malware ................................................................. 450 DNS Poisoning ........................................................ 452 Evil Twin ................................................................. 452 Deauthentication ...................................................... 452 Phishing ................................................................. 452 Insider Threat .......................................................... 453 Brute Force ............................................................. 453 Intrusion Detection and Intrusion Prevention Systems ...................... 453 Security Methods and Protocols .......................... 454 Cryptography .......................................................... 455 Certificate Authority (CA) ........................................... 456 Secure Sockets Layer (SSL) ....................................... 459 Transport Layer Security (TLS) ................................... 459 Virtual Network Connection (VNC) .............................. 459 Internet Protocol Security (IPsec) ................................ 460 Secure Shell (SSH)................................................... 460 Secure Copy Protocol (SCP) ...................................... 461 Wireless Security .................................................. 461 Wireless Access Point Authentication .......................... 462 Media Access Control (MAC) Filter ............................. 462 Wired Equivalent Privacy (WEP) ................................. 462 Wi-Fi Protected Access (WPA) ................................... 463 Wi-Fi Protected Access 2 (WPA2) ............................... 463 802.11i...................................................................463 802.1x Authentication ............................................... 463 Rogue Wireless Access Points ................................... 464 Authentication, Authorization, and Accounting ....................................................... 465 RADIUS .................................................................. 465 Diameter ................................................................. 466 TACACS+ ............................................................... 466 Authentication Methods ........................................ 467 Authentication Protocols ...................................... 467 Password Authentication Protocol (PAP) ...................... 467 Challenge Handshake Authentication Protocol (CHAP) ...................................................... 468 Kerberos ................................................................. 468 Extensible Authentication Protocol (EAP) ..................... 469 Security Implementations .................................... 469 Software Installation Patches ...................................... 470 Administrator Account .............................................. 470 Network Device Hardening ......................................... 470 User Account Passwords ........................................... 471 Other Password Security Measures ............................. 473 Firewall .................................................................. 473 Unified Threat Management (UTM) ............................. 477 Layer 7 Firewall ....................................................... 477 Proxy Server ........................................................... 477 Securing Remote Access ........................................... 478 Physical Security ..................................................... 478 Common Mitigation Techniques ................................. 480 Security Tools ......................................................... 481 Netstat Utility ........................................................... 481 Audit Tools .............................................................. 481