Flylib.com
Protect Your Windows Network: From Perimeter to Data
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors:
Jesper M. Johansson
,
Steve Riley
BUY ON AMAZON
Protect Your Windows Network From Perimeter to Data
Table of Contents
Copyright
Praise for Protect Your Windows Network
Acknowledgments
About the Authors
Jesper M. Johansson
Steve Riley
Preface
Target Audience and Objective
What Is on the CD
PartI.Introduction and Fundamentals
Chapter1.Introduction to Network Protection
Why Would Someone Attack Me?
Nobody Will Ever Call You to Tell You How Well the Network Is Working
Introduction to the Defense-in-Depth Model
The Defender s Dilemma
Summary
What You Should Do Today
Endnote Endnotes
Chapter2.Anatomy Of A HackThe Rise And Fall Of Your Network
What a Penetration Test Will Not Tell You
Why You Need To Understand Hacking
Target Network
Network Footprinting
Initial Compromise
Elevating Privileges
Hacking Other Machines
Taking Over the Domain
Post-mortem
How to Get an Attacker Out of Your Network
Summary
What You Should Do Today
Chapter3.Rule Number 1: Patch Your Systems
Patches Are a Fact of Life
Exercise Good Judgment
What Is a Patch?
Patch Management Is Risk Management
Tools to Manage Security Updates
Advanced Tips and Tricks
Slipstreaming
Summary
What You Should Do Today
PartII.Policies, Procedures, and User Awareness
Chapter4.Developing Security Policies
Who Owns Developing Security Policy
What a Security Policy Looks Like
Why a Security Policy Is Necessary
Why So Many Security Policies Fail
Analyzing Your Security Needs to Develop Appropriate Policies
How to Make Users Aware of Security Policies
Procedures to Enforce Policies
Dealing with Breaches of Policy
More Information
Summary
What You Should Do Today
Chapter5.Educating Those Pesky Users
System Administration Security Administration
Securing People
The Problem
Protecting People
Plausibility Dread Novelty Compromise
Things You Should Do Today
PartIII.Physical and Perimeter Security: The First Line of Defense
Chapter6.If You Do Not Have Physical Security, You Do Not Have Security
But First, a Story
It s a Fundamental Law of Computer Security
The Importance of Physical Access Controls
Protecting Client PCs
The Case of the Stolen Laptop
The Family PC
No Security, Physical or Otherwise, Is Completely Foolproof
Things You Should Do Today
Chapter7.Protecting Your Perimeter
The Objectives of Information Security
The Role of the Network
Start with (What s Left of) Your Border
Next, Use the Right Firewall
Then, Consider Your Remote Access Needs
Finally, Start Thinking About Deperimeterization
Things You Should Do Today
Endnote Endnotes
PartIV.Protecting Your Network Inside the Perimeter
Chapter8.Security Dependencies
Introduction to Security Dependencies
Administrative Security Dependencies
Service Account Dependencies
Mitigating Service and Administrative Dependencies
Other Security Dependencies
Summary
What You Should Do Today
Chapter9.Network Threat Modeling
Network Threat Modeling Process
Document Your Network
Segment Your Network
Restrict Access to Your Network
Summary
What You Should Do Today
Chapter10.Preventing Rogue Access Inside the Network
The Myth of Network Sniffing
Network Protection at Layers 2 and 3
Using 802.1X for Network Protection
Using IPsec for Network Protection
Network Quarantine Systems
Summary
What You Should Do Today
Chapter11.Passwords and Other Authentication MechanismsThe Last Line of Defense
Introduction
Password Basics
Password History
What Administrators Need to Know About Passwords
Password Best Practices
Recommended Password Policy
Better Than Best PracticesMultifactor Authentication
Summary
What You Should Do Today
PartV.Protecting Hosts
Chapter12.Server and Client Hardening
Security Configuration Myths
On to the Tweaks
Top 10 (or so) Server Security Tweaks
Top 10 (or so) Client Security Tweaks
The Caution ListChanges You Should Not Make
Security Configuration Tools
Summary
What You Should Do Today
PartVI.Protecting Applications
Chapter13.Protecting User Applications
Patch Them
Make Them Run As a Nonadmin
Turn Off Functionality
Restrict Browser Functionality
Attachment Manager
Spyware
Security Between Chair and Keyboard (SeBCAK)
Summary
What You Should Do Today
Chapter14.Protecting Services and Server Applications
You Need a Healthy Disrespect for Your Computer
Rule 1: All Samples Are Evil
Three Steps to Lowering the Attack Surface
What About Service Accounts?
Privileges Your Services Do Not Need
Hardening SQL Server 2000
Hardening IIS 5.0 and 6.0
Summary
What You Should Do Today
Chapter15.Security for Small Businesses
Protect Your Desktops and Laptops
Protect Your Servers
Protect Your Network
Keep Your Data Safe
Use the Internet Safely
Small Business Security Is No Different, Really
What You Should Do Today
Chapter16.Evaluating Application Security
Caution: More Software May Be Hazardous to Your Network Health
Baseline the System
Things to Watch Out For
Summary
What You Should Do Today
PartVII.Protecting Data
Chapter17.Data-Protection Mechanisms
Security Group Review
Access Control Lists
Layers of Access Control
Access Control Best Practices
Rights Management Systems
Incorporating Data Protection into Your Applications
Protected Data: Our Real Goal
What You Should Do Today
Endnote Endnotes
AppendixA.How to Get Your Network Hacked in 10 Easy Steps
AppendixB.Script To Revoke SQL Server PUBLIC Permissions
AppendixC.HOSTS file to Block Spyware
AppendixD.Password Generator Tool
g (Generate Password Based on Known Input)
r (Generate Random Password)
s (Set a Password on an Account andor Service)
Security Information
Usage Scenarios
AppendixE.10 Immutable Laws of Security
Law 1: If a bad guy can persuade you to run his program on your computer, it s not your computer anymore
Law 2: If a bad guy can alter the operating system on your computer, it s not your computer anymore
Law 3: If a bad guy has unrestricted physical access to your computer, it s not your computer anymore
Law 4: If you allow a bad guy to upload programs to your Web site, it s not your Web site any more
Law 5: Weak passwords trump strong security
Law 6: A computer is only as secure as the administrator is trustworthy
Law 7: Encrypted data is only as secure as the decryption key
Law 8: An out-of-date virus scanner is only marginally better than no virus scanner at all
Law 9: Absolute anonymity isn t practical, in real life or on the Web
Law 10: Technology is not a panacea
Index
SYMBOL
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors:
Jesper M. Johansson
,
Steve Riley
BUY ON AMAZON
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Trees
Scales, Sliders, and Progress Bars
SWT Graphics and Image Handling
Drag and Drop and the Clipboard
JFace Wizards
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Chapter Five Stimulating Interest
Chapter Seven Diagnose Before You Prescribe
Chapter Eleven Gaining Access to People with Power
Chapter Thirteen Closing: Reaching Final Agreement
Appendix A Value Justification Example
Twisted Network Programming Essentials
Installing from Source Files
Downloading a Web Page
Using the REST Architecture for Web Services
Looking Up the SMTP Server for a Domain
Using Public Keys for Authentication
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Configuring Authorization
Domain Name System
Advanced WebVPN Features
Summary
IPS Management Using ASDM
802.11 Wireless Networks: The Definitive Guide, Second Edition
Challenges for the MAC
1X on Wireless LANs
Counter Mode with CBC-MAC (CCMP)
Physical Layer Overview
Apple AirPort
Programming .Net Windows Applications
Windows Forms
Button Classes
ADO.NET
Getting Started with ADO.NET
Bugs Versus Exceptions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies