Previous Section  < Day Day Up >  Next Section

Chapter 9. Encryption Tools

So far, the tools discussed have been used for protecting your network and the machines that reside within that network. However, once that data passes outside the network boundaries, it is beyond the protection of the tools discussed thus far and is susceptible to potential capture by hostile entities. Most Internet applications today send their data in the clear, also known as plain text. This means that anyone viewing the packet can see your data. When your data crosses the Internet, it passes through different systems, many of which are out of your direct control and thus should be assumed to be nonfriendly. ISP routers and switches can be co-opted either from the inside or outside, and other mail and Web servers regularly handle your private data.

There is no way to avoid sending your data outside of your network. The biggest advantage of a global Internet is being able to share information with all of your business partners and customers in the outside world. You can't go back to the days of totally private networks. So, how do you protect your important data once it leaves the comfy and safe confines of your home network? Encryption is what most businesses rely on to make the Internet safe for their data, and it is an important tool you can use too for maintaining the integrity and confidentiality of your data on the Internet.

You may also want to protect your data from unauthorized viewers within your network, because certain information may not be for all eyes within the company. Finally, encrypting your important data can be a final line of defense against hackers. Even if they manage to break into your network and exploit the server, they still have to crack the encryption to get at your data.

Chapter Overview

Concepts you will learn:

  • Symmetric and asymmetric encryption

  • Different encryption algorithms

  • Encryption applications

  • Certificate authority security model

  • Web of trust security model

Tools you will use:

PGP, GnuPG, OpenSSH, FreeS/WAN, and John the Ripper


There are many different protocols for encryption. Looking again at the OSI Reference Model (Figure 9.1), you can see that there are encryption tools that operate at several different levels of the network model. As you probably guessed, there are many excellent open source encryption tools available for just about every application, from encrypting single files to protecting all of your outbound Internet connections. In fact, the ready availability of high-quality encryption software has its roots in the open source movement.

Figure 9.1. OSI Model and Encryption

graphics/09fig01.gif


    Previous Section  < Day Day Up >  Next Section