Layered Network Introduction (Cyber Security Part 5)
Ғылым және технология
Support Silicon Dojo at:
www.donorbox.org/etcg
www.silicondojo.com/
Layered Networking
Problem with Flat Networks
Flat networks are easy to scan for vulnerabilities
Flat networks make attacks very easy for intruders
Networking equipment is “cheap”
Layered networks
Equipment is cheap
Making more difficult for attackers using networking
Software Firewalls
Software firewalls allow you to only accept traffic from specific hosts
Windows Firewall
UFW
Specialized Software Firewalls
Segmenting Networks
Compartmentalize servers
Separate subnets for different floors in a building, or departments
vlans
Parallel Networks
Convergence has all devices on same LAN
Parallel Networks put devices on different subnets and then connect through routers with firewalls
DMZ
Layered network to have vulnerable servers segregated from internal network
Hybrid Infrastructure
VPN’s
Does your VPN end in a flat network?
Virtualized Networking
Networking is important in virtualized world too.
Plan and Document
Plan the work, and work the plan
Build for Years, not weeks
Final Thoughts…
Пікірлер: 29
Loving the return to the original format. Cyber security is like most security Most people don't change their habits until something goes wrong. Other people own enough guns to invade a small nation then forget that the idea of leaving a gun under a rock by the front door isn't the best idea
@dakoderii4221
2 жыл бұрын
I have never heard of anyone doing that.
@chrisspencer6502
2 жыл бұрын
@@dakoderii4221 what you've never heard of someone living dangerously until something goes wrong and others over doing safety but missing a fundamental point. Most people get hacked because they use a poorly secured backup email account or respond to an email from the bank asking for a password change or my favourite getting a call from "support" and giving their passwords. Your admin doesn't need to ask you to sing in
"Imagine doing this for hours, days, weeks"? "How do we know who uses it? Shut it down and see who complains" . Ah, the good old days :-)
Keep these coming. You have a unique way of explaining that appeals to beginners like myself. Your content is gold
Oh my god I love these videos....with the blackboard
Aye, nice to see the old school board format again. 51:44 Good info on what routers are. 52:42 Zimbabwean hackers are that scary?😲 58:58 I remember that years ago. There were alot of people around my parents age, who didn't like that idea. 1:26:56 Now that explains why your studio looks different. Don't worry Mr. Eli, this nasty covid will disappear over time. And thanks for this new part of the cyber security lessons.👍😃
I like the way you explain the concepts. Please make the introduction videos on docker containers and Kubernetes.
greets from the UK: love the *new* old format Whiteboard and pen(s) from way, ph-way! back - keep on keepin' on :-)
missed these Eli.. thank you
Wish I lived closer so I could attend in person. Your great eli!
Great content well presented!
Cool. Best teacher on youtube!
Thank you Eli
Love it!
liking every video
How did you solve the dynamic assignment of ports? Did you manage to then find all the already assigned ports & if yes how? Does the same work for IP-addresses?
Maricopa County Arizona Election Audit Report Results. Any comment analis about IT system ????
You wouldn't port forward directly to an Exchange MB Server in your LAN. You would install an Edge Exchange server in your DMZ and create firewall rules to allow port 25 from the Internet to DMZ. Some more Firewall rules from DMZ to LAN where the Exchange MB is situated. For OWA, you would install a reverse proxy server in the DMZ and create similar FW rules for port 443.
@randylobb
2 жыл бұрын
While this is true from a best practices and "book knowledge" perspective. I can tall you that most SMBs will not have a separate edge server. Instead of trying to convince them to create a full enterprise exchange environment, just move to 365/exchange online. On prem exchange is stupid unless you are a big enterprise with a dedicated exchange team, and even then it is questionable. 😁
PEANUT!
for Halloween ill be a Zimbabwean hacker
shaved head, trimmed beard.. you look like an intern. even a little bit like the "boom headshot" guy lol great time capsule skills haha ✌😎
Sweeeeeeeeeet
There are literally zero useful information in this 90 minutes videos. Basically make sub networks and configure firewall to have just the service you need to be able to pass through. It could have been a 5 minutes video but he's rambling and rambling for hours.
@elithecomputerguy
2 жыл бұрын
LITERALLY... no useful information... ...
@DrThrax009
2 жыл бұрын
@@elithecomputerguy 😂 yoU suCks
@CyberTronics
2 жыл бұрын
Awwwwwh such a cute comment. :) shuffle along buddy