SANS – SEC401 Security Essentials Day – 4

Security 401.4 – Secure Communications

Day 4 was Crypto day. Brutal for those who are first timers and definitely not a breeze even if you’re a seasoned sysadmin. How many professionals even know the difference between Asymmetric and Symmetric encryption? Who really knows how the Diffie Helman Key Exchange work? What about hashing, digital signatures and when are they used?

Luckily, the class doesn’t go into the depths of the mathematics involved. Only a high level understanding of the crypto concepts are covered.

DES, 3DES, AES, RSA, Elliptic Curve, MD5/SHA

All these acronyms are familiar to many IT professionals, but when do you use them? Why are certain encryption algorithms used over others?

Another interesting topic covered discusses the use of steganography and how information can be hidden in documents, pictures and even MP3s.

PKI SSL Crypto

It’s not crypto day if PKI and the SSL handshake isn’t discussed. This is a topic I find is one of the most important as its fundamental to how we secure our connections to websites on the internet. There are so many broad uses of SSL that it’s hard not to come across this no matter your IT discipline. SSL is also slowly gaining popularity in client VPN connections too due to it’s flexibility of not needing to open special ports on the firewall.

CIA triad’s little brother CIAN

IPSec is discussed in detail as well where low level topics like AH/ESP headers and IKE is broken down into chunks to help us understand where each of the four constituents Confidentiality, Integrity, Authentication and non repudiation are applied.

Wireless security is also the next logical topic that fits into crypto day. You won’t be coming out of the class not worried about bluetooth and wireless security. In fact you won’t be so sure about any hotel’s wifi anymore – let alone the network that’s being used in a DEFCON or Blackhat conference.

One size does not fit all

Finally the class finishes off with VOIP, VOIP security and OPSEC – a discipline that involves knowing your business and industry as it’s an area of security that is very specific to the individual business


After a long day of lectures you’re greeted with yet another lab. This one contained useful use of steganography tools. Try using these tools to chat with your mistress next time. As well as an introduction to wireshark and using that to examine VOIP traffic. I surely didn’t know Wireshark had all the SIP extensions and even contains a way for you listen to the RTP stream which was pretty neat.

Related Posts with Thumbnails