O'Reilly logo

MCSE: Windows 2000 Exams in a Nutshell by Paul Murphy, Michael Moncur

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Planning IP Security

IPSec Terminology

Internet Key Exchange (IKE)

The protocol IPSec uses to negotiate a security association (SA) between two computers. IKE also assigns a shared secret key to be used for the length of the SA.

Security association (SA)

A relationship between two computers for the purposes of secure communication. An SA is created using the IKE protocol; the SA an IPSec connection will use is determined by negotiation between the connecting computers.

Authentication header (AH)

Allows the sender of a packet to be authenticated, but does not encrypt the contents of the packet. AH is more efficient, but less secure, than ESP.

Encapsulating security payload (ESP)

Allows for both the authentication of the sender and the encryption of the contents of the packet. ESP is more secure, but less efficient, when compared to AH.

IPSec Modes

  • Transport mode: The packet itself is sent across the network

  • Tunnel mode: The packet is encapsulated inside another packet and sent through a VPN tunnel

Common TCP/IP Ports

Port

Program or Service

21

File Transfer Protocol (FTP)

23

Telnet

25

Simple Mail Transfer Protocol (SMTP)

79

finger

80

WWW

750

Kerberos

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required