Selecting Secure Protocols

(OBJ .)

Secure Protocols

• Choose secure protocols to protect data in transit from unauthorized access
• Examples include HTTP vs. HTTPS, FTP vs. SFTP , Telnet vs. SSH
• Secure protocols use encryption to safeguard data during transmission
• Telnet
  • Application layer protocol that allows a user on one computer to log onto another computer that is part of the same network
  • Transmits in plaintext
  • Use SSH instead
• Always use the encrypted version of the protocol
  • Examples
    • HTTPS
    • SFTP
    • SSH
    • IMAPS
    • POP3S
    • SMTP(S)
    • SNMPS

Port Selection

• Ports are logical constructs used to identify processes or services on a system
• Categorized into the following
  • Well-known ports (0-1023)
  • Registered ports (1024-49151)
  • Dynamic/private ports (49152-65535)
• Default port numbers often indicate whether a protocol is secure (e.g., HTTP on port 80 vs. HTTPS on port 443)
• Additional security considerations
  • Follow the principle of least privilege by opening only necessary ports to minimize the attack surface
  • Changing port numbers can add a layer of obscurity but should not replace robust security measures

Transport Methods

• Choose a transport method (TCP or UDP) based on the application's needs
• TCP (Transmission Control Protocol)
  • Connection-oriented, ensuring data delivery without errors
  • Ideal for applications where data accuracy is crucial, like web and email servers
  • Uses acknowledgments, retransmission, and sequencing for data integrity
• UDP (User Datagram Protocol)
  • Connectionless and faster, but doesn't guarantee data delivery
  • Suitable for applications prioritizing speed over accuracy, like streaming video or gaming