Flylib.com
Protect Your Windows Network: From Perimeter to Data
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors:
Jesper M. Johansson
,
Steve Riley
BUY ON AMAZON
Protect Your Windows Network From Perimeter to Data
Table of Contents
Copyright
Praise for Protect Your Windows Network
Acknowledgments
About the Authors
Jesper M. Johansson
Steve Riley
Preface
Target Audience and Objective
What Is on the CD
PartI.Introduction and Fundamentals
Chapter1.Introduction to Network Protection
Why Would Someone Attack Me?
Nobody Will Ever Call You to Tell You How Well the Network Is Working
Introduction to the Defense-in-Depth Model
The Defender s Dilemma
Summary
What You Should Do Today
Endnote Endnotes
Chapter2.Anatomy Of A HackThe Rise And Fall Of Your Network
What a Penetration Test Will Not Tell You
Why You Need To Understand Hacking
Target Network
Network Footprinting
Initial Compromise
Elevating Privileges
Hacking Other Machines
Taking Over the Domain
Post-mortem
How to Get an Attacker Out of Your Network
Summary
What You Should Do Today
Chapter3.Rule Number 1: Patch Your Systems
Patches Are a Fact of Life
Exercise Good Judgment
What Is a Patch?
Patch Management Is Risk Management
Tools to Manage Security Updates
Advanced Tips and Tricks
Slipstreaming
Summary
What You Should Do Today
PartII.Policies, Procedures, and User Awareness
Chapter4.Developing Security Policies
Who Owns Developing Security Policy
What a Security Policy Looks Like
Why a Security Policy Is Necessary
Why So Many Security Policies Fail
Analyzing Your Security Needs to Develop Appropriate Policies
How to Make Users Aware of Security Policies
Procedures to Enforce Policies
Dealing with Breaches of Policy
More Information
Summary
What You Should Do Today
Chapter5.Educating Those Pesky Users
System Administration Security Administration
Securing People
The Problem
Protecting People
Plausibility Dread Novelty Compromise
Things You Should Do Today
PartIII.Physical and Perimeter Security: The First Line of Defense
Chapter6.If You Do Not Have Physical Security, You Do Not Have Security
But First, a Story
It s a Fundamental Law of Computer Security
The Importance of Physical Access Controls
Protecting Client PCs
The Case of the Stolen Laptop
The Family PC
No Security, Physical or Otherwise, Is Completely Foolproof
Things You Should Do Today
Chapter7.Protecting Your Perimeter
The Objectives of Information Security
The Role of the Network
Start with (What s Left of) Your Border
Next, Use the Right Firewall
Then, Consider Your Remote Access Needs
Finally, Start Thinking About Deperimeterization
Things You Should Do Today
Endnote Endnotes
PartIV.Protecting Your Network Inside the Perimeter
Chapter8.Security Dependencies
Introduction to Security Dependencies
Administrative Security Dependencies
Service Account Dependencies
Mitigating Service and Administrative Dependencies
Other Security Dependencies
Summary
What You Should Do Today
Chapter9.Network Threat Modeling
Network Threat Modeling Process
Document Your Network
Segment Your Network
Restrict Access to Your Network
Summary
What You Should Do Today
Chapter10.Preventing Rogue Access Inside the Network
The Myth of Network Sniffing
Network Protection at Layers 2 and 3
Using 802.1X for Network Protection
Using IPsec for Network Protection
Network Quarantine Systems
Summary
What You Should Do Today
Chapter11.Passwords and Other Authentication MechanismsThe Last Line of Defense
Introduction
Password Basics
Password History
What Administrators Need to Know About Passwords
Password Best Practices
Recommended Password Policy
Better Than Best PracticesMultifactor Authentication
Summary
What You Should Do Today
PartV.Protecting Hosts
Chapter12.Server and Client Hardening
Security Configuration Myths
On to the Tweaks
Top 10 (or so) Server Security Tweaks
Top 10 (or so) Client Security Tweaks
The Caution ListChanges You Should Not Make
Security Configuration Tools
Summary
What You Should Do Today
PartVI.Protecting Applications
Chapter13.Protecting User Applications
Patch Them
Make Them Run As a Nonadmin
Turn Off Functionality
Restrict Browser Functionality
Attachment Manager
Spyware
Security Between Chair and Keyboard (SeBCAK)
Summary
What You Should Do Today
Chapter14.Protecting Services and Server Applications
You Need a Healthy Disrespect for Your Computer
Rule 1: All Samples Are Evil
Three Steps to Lowering the Attack Surface
What About Service Accounts?
Privileges Your Services Do Not Need
Hardening SQL Server 2000
Hardening IIS 5.0 and 6.0
Summary
What You Should Do Today
Chapter15.Security for Small Businesses
Protect Your Desktops and Laptops
Protect Your Servers
Protect Your Network
Keep Your Data Safe
Use the Internet Safely
Small Business Security Is No Different, Really
What You Should Do Today
Chapter16.Evaluating Application Security
Caution: More Software May Be Hazardous to Your Network Health
Baseline the System
Things to Watch Out For
Summary
What You Should Do Today
PartVII.Protecting Data
Chapter17.Data-Protection Mechanisms
Security Group Review
Access Control Lists
Layers of Access Control
Access Control Best Practices
Rights Management Systems
Incorporating Data Protection into Your Applications
Protected Data: Our Real Goal
What You Should Do Today
Endnote Endnotes
AppendixA.How to Get Your Network Hacked in 10 Easy Steps
AppendixB.Script To Revoke SQL Server PUBLIC Permissions
AppendixC.HOSTS file to Block Spyware
AppendixD.Password Generator Tool
g (Generate Password Based on Known Input)
r (Generate Random Password)
s (Set a Password on an Account andor Service)
Security Information
Usage Scenarios
AppendixE.10 Immutable Laws of Security
Law 1: If a bad guy can persuade you to run his program on your computer, it s not your computer anymore
Law 2: If a bad guy can alter the operating system on your computer, it s not your computer anymore
Law 3: If a bad guy has unrestricted physical access to your computer, it s not your computer anymore
Law 4: If you allow a bad guy to upload programs to your Web site, it s not your Web site any more
Law 5: Weak passwords trump strong security
Law 6: A computer is only as secure as the administrator is trustworthy
Law 7: Encrypted data is only as secure as the decryption key
Law 8: An out-of-date virus scanner is only marginally better than no virus scanner at all
Law 9: Absolute anonymity isn t practical, in real life or on the Web
Law 10: Technology is not a panacea
Index
SYMBOL
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors:
Jesper M. Johansson
,
Steve Riley
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Getting Stored Procedure Parameter Information at Runtime
Transmitting a DataSet Securely
Nesting Manual Transactions with the SQL Server .NET Data Provider
Binding a Windows DataGrid to Master-Detail Data
Filling a DataSet Asynchronously
Inside Network Security Assessment: Guarding Your IT Infrastructure
Security Requires Information Classification
Common Risk-Assessment Methodologies and Templates
Information Request Form
Appendix D. Dealing with Consultants and Outside Vendors
Appendix E. SIRT Team Report Format Template
Data Structures and Algorithms in Java
List Nodes
Projects
Summary
Projects
Vocabulary
MySQL Cookbook
Selecting a Database
Writing Library Files
Grouping by Expression Results
Validation Using Table Metadata
B.2. Setting Up a Tomcat Server
PMP Practice Questions Exam Cram 2
Exam Prep Questions
Project PlanningFacilitating Processes
Answers and Explanations
Project Execution
Exam Prep Questions
802.11 Wireless Networks: The Definitive Guide, Second Edition
Why Wireless?
Frame Format
11a and 802.11j: 5-GHz OFDM PHY
TGnSync
Implementation-Specific Behavior
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies