Network Security Hacks

  
Network Security Hacks
By Andrew Lockhart
 
Publisher: O'Reilly
Pub Date: April 2004
ISBN: 0-596-00643-8
Pages: 312
Slots: 1.0   


This information-packed book provides more than 100 quick,practical, and clever things to do to help make your Linux,UNIX, or Windows networks more secure. Loaded with concisebut powerful examples of applied encryption, intrusiondetection, logging, trending, and incident response,Network Security Hacks demonstrateseffective methods for defending your servers and networksfrom a variety of devious and subtle attacks.


  
• Table of Contents
• Index
• Reviews
• Reader Reviews
• Errata
• Academic
Network Security Hacks
By Andrew Lockhart
 
Publisher: O'Reilly
Pub Date: April 2004
ISBN: 0-596-00643-8
Pages: 312
Slots: 1.0   
Copyright
   Credits
      About the Author
      Contributors
      Acknowledgments
   Preface
      Why Network Security Hacks?
      How This Book Is Organized
      Conventions Used in This Book
      Using Code Examples
      How to Contact Us
      Got a Hack?
      Chapter 1.  Unix Host Security
      Hacks #1-20
      Section 1.  Secure Mount Points
      Section 2.  Scan for SUID and SGID Programs
      Section 3.  Scan For World- and Group-Writable Directories
      Section 4.  Create Flexible Permissions Hierarchies with POSIX ACLs
      Section 5.  Protect Your Logs from Tampering
      Section 6.  Delegate Administrative Roles
      Section 7.  Automate Cryptographic Signature Verification
      Section 8.  Check for Listening Services
      Section 9.  Prevent Services from Binding to an Interface
      Section 10.  Restrict Services with Sandboxed Environments
      Section 11.  Use proftp with a MySQL Authentication Source
      Section 12.  Prevent Stack-Smashing Attacks
      Section 13.  Lock Down Your Kernel with grsecurity
      Section 14.  Restrict Applications with grsecurity
      Section 15.  Restrict System Calls with Systrace
      Section 16.  Automated Systrace Policy Creation
      Section 17.  Control Login Access with PAM
      Section 18.  Restricted Shell Environments
      Section 19.  Enforce User and Group Resource Limits
      Section 20.  Automate System Updates
      Chapter 2.  Windows Host Security
      Hacks #21-30
      Section 21.  Check Servers for Applied Patches
      Section 22.  Get a List of Open Files and Their Owning Processes
      Section 23.  List Running Services and Open Ports
      Section 24.  Enable Auditing
      Section 25.  Secure Your Event Logs
      Section 26.  Change Your Maximum Log File Sizes
      Section 27.  Disable Default Shares
      Section 28.  Encrypt Your Temp Folder
      Section 29.  Clear the Paging File at Shutdown
      Section 30.  Restrict Applications Available to Users
      Chapter 3.  Network Security
      Hacks #31-53
      Section 31.  Detect ARP Spoofing
      Section 32.  Create a Static ARP Table
      Section 33.  Firewall with Netfilter
      Section 34.  Firewall with OpenBSD's PacketFilter
      Section 35.  Create an Authenticated Gateway
      Section 36.  Firewall with Windows
      Section 37.  Keep Your Network Self-Contained
      Section 38.  Test Your Firewall
      Section 39.  MAC Filtering with Netfilter
      Section 40.  Block OS Fingerprinting
      Section 41.  Fool Remote Operating System Detection Software
      Section 42.  Keep an Inventory of Your Network
      Section 43.  Scan Your Network for Vulnerabilities
      Section 44.  Keep Server Clocks Synchronized
      Section 45.  Create Your Own Certificate Authority
      Section 46.  Distribute Your CA to Clients
      Section 47.  Encrypt IMAP and POP with SSL
      Section 48.  Set Up TLS-Enabled SMTP
      Section 49.  Detect Ethernet Sniffers Remotely
      Section 50.  Install Apache with SSL and suEXEC
      Section 51.  Secure BIND
      Section 52.  Secure MySQL
      Section 53.  Share Files Securely in Unix
      Chapter 4.  Logging
      Hacks #54-60
      Section 54.  Run a Central Syslog Server
      Section 55.  Steer Syslog
      Section 56.  Integrate Windows into Your Syslog Infrastructure
      Section 57.  Automatically Summarize Your Logs
      Section 58.  Monitor Your Logs Automatically
      Section 59.  Aggregate Logs from Remote Sites
      Section 60.  Log User Activity with Process Accounting
      Chapter 5.  Monitoring and Trending
      Hacks #61-66
      Section 61.  Monitor Availability
      Section 62.  Graph Trends
      Section 63.  Run ntop for Real-Time Network Stats
      Section 64.  Audit Network Traffic
      Section 65.  Collect Statistics with Firewall Rules
      Section 66.  Sniff the Ether Remotely
      Chapter 6.  Secure Tunnels
      Hacks #67-81
      Section 67.  Set Up IPsec Under Linux
      Section 68.  Set Up IPsec Under FreeBSD
      Section 69.  Set Up IPsec in OpenBSD
      Section 70.  PPTP Tunneling
      Section 71.  Opportunistic Encryption with FreeS/WAN
      Section 72.  Forward and Encrypt Traffic with SSH
      Section 73.  Quick Logins with SSH Client Keys
      Section 74.  Squid Proxy over SSH
      Section 75.  Use SSH as a SOCKS Proxy
      Section 76.  Encrypt and Tunnel Traffic with SSL
      Section 77.  Tunnel Connections Inside HTTP
      Section 78.  Tunnel with VTun and SSH
      Section 79.  Automatic vtund.conf Generator
      Section 80.  Create a Cross-Platform VPN
      Section 81.  Tunnel PPP
      Chapter 7.  Network Intrusion Detection
      Hacks #82-95
      Section 82.  Detect Intrusions with Snort
      Section 83.  Keep Track of Alerts
      Section 84.  Real-Time Monitoring
      Section 85.  Manage a Sensor Network
      Section 86.  Write Your Own Snort Rules
      Section 87.  Prevent and Contain Intrusions with Snort_inline
      Section 88.  Automated Dynamic Firewalling with SnortSam
      Section 89.  Detect Anomalous Behavior
      Section 90.  Automatically Update Snort's Rules
      Section 91.  Create a Distributed Stealth Sensor Network
      Section 92.  Use Snort in High-Performance Environments with Barnyard
      Section 93.  Detect and Prevent Web Application Intrusions
      Section 94.  Simulate a Network of Vulnerable Hosts
      Section 95.  Record Honeypot Activity
      Chapter 8.  Recovery and Response
      Hacks #96-100
      Section 96.  Image Mounted Filesystems
      Section 97.  Verify File Integrity and Find Compromised Files
      Section 98.  Find Compromised Packages with RPM
      Section 99.  Scan for Root Kits
      Section 100.  Find the Owner of a Network
   Colophon
   Index