Page 123 - StudyBook.pdf
P. 123

Communication Security: Remote Access and Messaging • Chapter 3  107

                 Remote Access Security


                 In the popular TV show, 24, the Los Angeles Counter Terrorist Unit (CTU) consis-
                 tently undermines the efforts of insidious masterminds of terror who plot to rob
                 America of its dreams, ideals, and sense of security.While nerve racking and enter-
                 taining at a plot level, the security professional is constantly amused by the use of
                 the technology that is always lightening fast, effortlessly established, and either com-
                 pletely secure or completely compromised. In any given season, laptops and com-
                 puters are blown-up and the disks recovered via “decryption” utilities, and CTU’s
                 routers are replaced, and in the process a “spying” device is placed on the network,
                 and mobile phones are turned into tracking devices with the push of a button and
                 are able to download satellite photos.And speaking of satellites, these space-age
                 vehicles are constantly being compromised and redirected without proper autho-
                 rization and the secure communications “monitored and intercepted” by bad guys.
                 With Hollywood, the sky is the limit!
                    The truth is that although technology has made huge strides in the past 20
                 years, there are still many holes in remote access security. Most of the technology
                 that Jack Bauer has at his disposal on 24 is based on some very real technologies,
                 particularly in the matter of sharing information between remote workers and the
                 CTU main office. Remote Access Servers (RAS), Network Access Servers (NAS),
                 VPNs, authentication servers such as RADIUS,TACACS, and TACACS+, and
                 other technologies have been designed to keep out unauthorized users, but chan-
                 neling these wirelessly and over open air is a completely different thing.
                    It is the responsibility of the security professional to ensure that everything has
                 been done to secure their networks. Security professionals must find the balance
                 between offering users the ability to work from remote locations, and ensuring that
                 the network is protected. One area of remote access that has grown exponentially is
                 wireless networking. Let’s begin our discussion of remote access security by dis-
                 cussing this growing arena.



                 NOTE
                      When the phrase “connect wirelessly” is used, the technologies at work
                      in the background can now be very different things. Wireless connec-
                      tivity for a laptop in a corporate environment is established and secured
                      via 802.1x, while wireless Internet connectivity for a PDA is via cell tower
                      backbones. The ability to compress, encrypt, and authenticate on these
                      networks is very different.




                                                                              www.syngress.com
   118   119   120   121   122   123   124   125   126   127   128