Issues
------
Authentication (password/keypairs)
Authorisation (privilege level/physical)
Integrity (integrity checks)
Confidentiality (encryption)
Availability (DoS) 

Types of Attacks
---------------
Host
----
password guessing/cracking
buffer overflow
virus
Social engineering (username/pw combo)
Physical

Network
-------
smurf attacks
Man in the middle attacks
DoS
synflood
spoof
packet capture/sniffing/eavesdropping
Social engineering
Physical

Cryptographic methods for protection
------------------------------------
Theory
------
Private key or symmetric ciphers
Hashing or one-way encryption
Integrity checks
Generating encryption keys
Public key ciphers 
Digital signatures


Practice
--------
PGP (private/public key)
md5sum (integrity checking)
ssl (digital signature)
https (digital cert)
pops/imaps (digital cert)
ssh (public/private/encryption)

Server-based methods for protection
-----------------------------------
Host access controls (DoS, Synflood)
Update running services (buffer overflow)
Require strong passwords (password guessing)
Require encrypted sessions (sniffing)
Run services w/minimal required privs (buffer overflow)
Intrusion Detection (integrity check)
Logging (after break-in/active attacks)


Network-based methods for protection
------------------------------------
Network access controls 
	- Firewall hardware
	- Router rulesets
	- Active scanning (Snort)