CertiGuide to Security+ - 3.5.3 Application Hardening

WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Read this whole guide offline with no ads, for a low price!

Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!

Get It Here!

CertiGuide to Security+
9 Chapter 3: Infrastructure Security (Domain 3.0; 20%)
9 3.5 Security Baselines

3.5.2.2.2 Access Control Lists

3.5.3.1 Updates

3.5.3 Application Hardening
(Page 2 of 2)

Network Applications

Before looking in detail at different categories of network applications, let’s establish what a network application is (at least as far as Security+ is concerned).

A network application is one that communicates with another program across the network. Network applications can be peer to peer (in which two computers share resources, as in many popular file-sharing services not relevant to corporate environments) or client/server (where a “client” program, usually on a smaller computer, accesses the functionality of a “service” program, usually on a more powerful computer called a server).

In the TCP/IP world, most network applications use at least one TCP/IP port for communication with the other computer taking part in the conversation. The port may exist in the well-known range 0-1023 or above 1023 all the way up to 65,535.

In the “old days” of the Internet, programmers developing a new service that they wanted to become a standard service would apply for one of the low “reserved” port numbers (which were originally somewhat more protected against spoofing than the other ports).

Well Known Ports

A network application communicates with another program across the network.

TCP/IP applications may use a well-known port in the reserved range 0-1023, or may use a higher-numbered port, up to 65,535.

[spacer] Assignment of Well Known Ports

In the world of multi-user systems in which the Internet was developed, only users with administrative privileges could start server applications that accepted requests on those low-numbered “well known” port numbers. This provided a primitive form of access control over who could start services, reducing the ability of users to spoof server programs and violate security. Today, using a low-numbered port doesn’t really have any security advantages, since most users have administrative control over their own machines and can start such services at will. This is just as well, because so many low-numbered ports have already been spoken for. Most new network services today use higher port numbers, so that they don’t conflict with port numbers already assigned to other services.

Quick navigation to subsections and regular topics in this section

3.5.3.9 Data Repositories

3.5.2.2.2 Access Control Lists

3.5.3.1 Updates

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!

Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.