Loading s7nsa_08_security...

enib_small.png S7-NSA 08_security — Encryption, authentication and security

The purpose of this tutorial is to show, at first, how easy it is to spy on network traffic.
In response to this issue, it demonstrates the implementation of encryption and authentication to achieve secure communications.

Do not hesitate to use any external help available, including your favourite LLM, to obtain explanations.
Of course, the session supervisor is here to help in any case.
You are strongly encouraged to take notes during your observations so that you can review them before the quizzes.
{1 #http } HTTP server and client
{2 #sniff } Network sniffing
{3 #ssl } Encryption
{4 #mitm } Man in the middle
{5 #sign } Certification authority

This step-by-step approach has allowed you to discover the vulnerability of network exchanges in terms of confidentiality.
Encryption is one possible response to simple interception techniques.
However, it is not sufficient, as the issue of authenticating the server with which encrypted data is exchanged remains.
The mechanism of certificates signed by a trusted certification authority is the only reliable way to authenticate with certainty the secure server you are communicating with.

Make sure you review your understanding of what has been covered so far so that you can approach the quizzes with confidence.