Nonessential protocols
goforthbmerry
Member Posts: 244
in Security+
Does anyone have a list of the nonessential protocols? I see see NetBios and SNMP as examples. They are both insecure is this a common feature of nonessential protocols? Any help will be appreciated. I am a bit confused on this point.
Going for MCSE:security, Intermediate ITIL, PMP
Comments
-
sprkymrk
Member Posts: 4,884 ■■■□□□□□□□
What exactly do you mean by non-essential? It would really depend on your environment. Do you mean insecure?All things are possible, only believe. -
goforthbmerry
Member Posts: 244
WOW fast response. Yes I think the practice question means insecure. Services and protocols that should be turned off if not truely necessary.Going for MCSE:security, Intermediate ITIL, PMP
-
sprkymrk
Member Posts: 4,884 ■■■□□□□□□□
I was just gently reminded by Webmaster (he's such a nice guy he didn't want to embarrass me, so he sent me a PM
) of "non-essential" in relation to the CompTIA Security+ exam. Here is his sage advice, only slightly edited:
"Nonessential" is in the Sec+ exam objectives, and refers to hardening. It basically comes down to any protocols or services that aren't used should be disabled. Telnet (if ssh is used) is a typical example. SNMP. So there is no 'list' per se, it depends. They are usually older protocols and services for which an similar, newer and more secure alternative exists.
(Thanks Johan!)
All things are possible, only believe. -
RussS
Member Posts: 2,068 ■■■□□□□□□□
My philosiphy is that all protocols are non essential .......... until someone screams
It really depends on what is needed for that site - I have many different site I look after and most of them would have 3389, 443 and 25 open and that is about it. Shoot I have a couple that only have 25 open and if someone needs to visit a website they use a stand alone machine that is seperate from the network and has its own internet connection.www.supercross.com
FIM website of the year 2007 -
dissolved
Inactive Imported Users Posts: 228
goforthbmerry wrote:Does anyone have a list of the nonessential protocols? I see see NetBios and SNMP as examples. They are both insecure is this a common feature of nonessential protocols? Any help will be appreciated. I am a bit confused on this point.
My guess is that they're looking for protocols that are weak in the authentication area. SNMP and Netbios are weak because those are both protocols that don't always require authentication. They also leak a lot of information if you do happen to authenticate to the host via this port.
Keep this in mind when taking the test. Also pay attention to non-encrypted protocols (tcp 69) and classic vulnerable ports (figer tcp 79) -
nikonjd
Member Posts: 1 ■□□□□□□□□□
For the exam purpose, you would want to know the following. I'm taking the exam tomorrow.
nonessential protocols
netbios services
snmp (simple network managert protocol)
essentials protocols are more secure
network news transfer protocol (NNTP)
domain name service (DNS)
internet control message protocol (ICMP)
mail
webServer+, Sun Certified SCSA, MCP -
jkstech
Member Posts: 330
I'm in agreement with sprkymrk and Russ
for the test, I believe they are referring to things that don't need to be enabled
if you have a web server sitting in your dmz and that's all it is, you don't need to enable it to be a dns server, dhcp server
it's talking about what the others have said, hardening, or only enabling what you need and nothing more, it shrinks the "attack surface"get back to studying!!!
