Encryption

Because nobody wants to compromise the integrity of their network by having some hacker "borrow" your bandwidth or gain access and start snooping around you need to lock down your network.

XML encryption classifies a course of action for encrypting plain text data, generating ciphertext, and decrypting the ciphertext to retrieve the plaintext data.

Phishing is the fastest growing threat in the history of Internet and has gained immense popularity amongst Internet fraudsters and hackers as a simple yet effective way to gain unsolicited access to confidential user information.

Last time I showed you how to exchange and verify public PGP keys with an individual. After you've verified a user's key (KeyID, bits, type, fingerprint, and user's actual identity) you should sign their key.

Verification is part of any security system. SSH, FTP, POP, and IMAP servers ask for your password before it lets you log into the machine, get your files, or snag your email. NTP can be configured to require keys before it'll let you mess with it's clock. CIFS requires a password or kerberos tickets before granting you access to shares.

GnuPG and other PGP implementations allow you to encrypt (scramble the data so only intended recipients can read it) and/or sign (provide proof that the data has been unaltered in transit). As you should remember, PGP keys are made up of two parts, a public key and a private key. The public key can (and in most cases should) be available to anyone - there's no harm in allowing it out to the entire world. The private key should be kept somewhere secure, protected with a strong passphrase.

Last time[1] we'd created our PGP key. Let's jump in with some encryption and decryption examples.

Jumping right in, let's create our PGP public/private key pair. I'll use GnuPG, the Gnu Privacy Guard, available at http://www.gnupg.org, and which is very likely already available with your Linux distribution. If you want to use older free or commercial PGP versions, the commands are very similar. Any GUI front end will also have the same functionality.