Notes - MIECT
Segurança Em Redes De Comunicações
Notes - MIECT
Segurança Em Redes De Comunicações
  • Segurança Em Redes De Comunicações
  • Corporate Networks Topics
    • Objectives of Network Design
    • Equipments
    • Hierarchical Network Model
    • Modular Network Design
    • Designing the Access Layer
    • Designing the Core Layer
    • Virtual LANs
      • VLANs on Access Points
    • Spanning Tree Protocol
    • IP Routing Overview
  • Introduction to Network Security
    • Type of Attacks
    • Attacks Phases
      • Infiltration Phase
      • Propagation Phase
      • Aggregation and Exfiltration Phase
    • Defenses
    • Security Metrics
  • Network Access Control
    • AAA Architecture
      • TACACS+
      • RADIUS
      • DIAMETER
    • IEEE 802.11 services
    • Joining a BSS
      • WLAN Frames
      • Joining BSS with AP
    • WPA and 802.11i (WPA2)
  • Network Flow Control
    • Network Security Systems
    • Firewalls
    • High-Availability
    • Load Balancing Firewall Load
    • Best Practices and Recommendations
    • IP Spoofing
    • Half-Open TCP Connection Problem
    • DDoS Mitigation at Source
    • Cisco’s Access Control Lists (ACL)
    • Linux IPTables
    • Control By Analysis of Higher Layers
  • Secure Communications
    • Public Key Infrastructure (PKI)
    • X.509 Certificate Contents
    • Traffic Tunnel Concept
      • Next Hop Resolution Protocol (NHRP)
      • Hub-Spoke vs. Spoke-Spoke
    • IPSec
    • Establishing SA and Cryptographic Keys
    • Virtual Private Networks (VPN)
    • Management of Asymmetric Keys
  • Remote Access
    • Remote Access
    • IPsec NAT Transversal
    • Integration with Flow Control
  • Intrusion Detection and Prevention
    • Intrusion Detection and Prevention
    • Host-Based vs. Network-Based
    • Signature vs. Anomaly Based
    • Network Deployment
  • Network Monitoring SIEM
    • Core and End-to-End Monitoring
    • Node Monitoring
    • End-User/Host/App Monitoring
    • Server/Service/Cloud Monitoring
    • Per-Service Detailed Monitoring
    • Data Sources
      • SNMP
      • NetFlow
    • Network Passive Probing Packet Capturing
    • Remote CLI Access
    • Log Files Access
      • Log Management Systems (LMS)
      • Security Information and Events Management (SIEM)
Powered by GitBook
On this page
  • Types
  • Standard
  • Extended
  • Named
  • Reflexive
  • Context-Based Access Control (CBAC)
  1. Network Flow Control

Cisco’s Access Control Lists (ACL)

An access list is a sequential collection of permit and denies conditions.

Software tests packet against the conditions in an access list one by one.

The first match determines whether the software accepts or rejects the packet.

  • Because the software stops testing conditions after the first match, the order of the conditions is critical.

If no conditions match, the software rejects the packet.

Can be applied to inbound or outbound traffic.

Types

Standard

  • Control traffic by the analysis of the source address of the IP packets.

  • Numbered from 1 to 99.

    • Example: access-list 1 permit 10.1.1.0 0.0.0.255

Extended

  • Control traffic by the analysis of the source and destination addresses and protocol of the IP packets.

  • Numbered from 100 to 199.

    • Example: access-list 101 permit ip any 10.1.1.0 0.0.0.255

Named

Allow standard and extended ACLs to be given names instead of numbers Intuitively identify an ACL using an alphanumeric name.

Eliminate the number limits that exist on standard and extended ACLs.

Named ACLs to provide the ability to modify ACLs without deleting and then reconfiguring them.

  • Example: ip access-list {extended | standard} name

Reflexive

Allow IP packets to be filtered based on upper-layer session information.

Communication in one direction opens doors in the opposite direction.

Generally used to allow outbound traffic and to limit inbound traffic in response to sessions that originate inside the network.

Context-Based Access Control (CBAC)

Inspects traffic to discover and manage state information for TCP and UDP sessions.

This state information is used to create temporary openings in the firewall access lists.

PreviousDDoS Mitigation at SourceNextLinux IPTables

Last updated 2 years ago