Network Security Hacks |
By Andrew Lockhart |
| |
Publisher | : O'Reilly |
Pub Date | : April 2004 |
ISBN | : 0-596-00643-8 |
Pages | : 312 |
Slots | : 1.0 | |
| | Copyright |
| | Credits |
| | | About the Author |
| | | Contributors |
| | | Acknowledgments |
|
| | Preface |
| | | Why Network Security Hacks? |
| | | How This Book Is Organized |
| | | Conventions Used in This Book |
| | | Using Code Examples |
| | | How to Contact Us |
| | | Got a Hack? |
|
| | Chapter 1. Unix Host Security |
| | | Hacks #1-20 |
| | | Section 1. Secure Mount Points |
| | | Section 2. Scan for SUID and SGID Programs |
| | | Section 3. Scan For World- and Group-Writable Directories |
| | | Section 4. Create Flexible Permissions Hierarchies with POSIX ACLs |
| | | Section 5. Protect Your Logs from Tampering |
| | | Section 6. Delegate Administrative Roles |
| | | Section 7. Automate Cryptographic Signature Verification |
| | | Section 8. Check for Listening Services |
| | | Section 9. Prevent Services from Binding to an Interface |
| | | Section 10. Restrict Services with Sandboxed Environments |
| | | Section 11. Use proftp with a MySQL Authentication Source |
| | | Section 12. Prevent Stack-Smashing Attacks |
| | | Section 13. Lock Down Your Kernel with grsecurity |
| | | Section 14. Restrict Applications with grsecurity |
| | | Section 15. Restrict System Calls with Systrace |
| | | Section 16. Automated Systrace Policy Creation |
| | | Section 17. Control Login Access with PAM |
| | | Section 18. Restricted Shell Environments |
| | | Section 19. Enforce User and Group Resource Limits |
| | | Section 20. Automate System Updates |
|
| | Chapter 2. Windows Host Security |
| | | Hacks #21-30 |
| | | Section 21. Check Servers for Applied Patches |
| | | Section 22. Get a List of Open Files and Their Owning Processes |
| | | Section 23. List Running Services and Open Ports |
| | | Section 24. Enable Auditing |
| | | Section 25. Secure Your Event Logs |
| | | Section 26. Change Your Maximum Log File Sizes |
| | | Section 27. Disable Default Shares |
| | | Section 28. Encrypt Your Temp Folder |
| | | Section 29. Clear the Paging File at Shutdown |
| | | Section 30. Restrict Applications Available to Users |
|
| | Chapter 3. Network Security |
| | | Hacks #31-53 |
| | | Section 31. Detect ARP Spoofing |
| | | Section 32. Create a Static ARP Table |
| | | Section 33. Firewall with Netfilter |
| | | Section 34. Firewall with OpenBSD's PacketFilter |
| | | Section 35. Create an Authenticated Gateway |
| | | Section 36. Firewall with Windows |
| | | Section 37. Keep Your Network Self-Contained |
| | | Section 38. Test Your Firewall |
| | | Section 39. MAC Filtering with Netfilter |
| | | Section 40. Block OS Fingerprinting |
| | | Section 41. Fool Remote Operating System Detection Software |
| | | Section 42. Keep an Inventory of Your Network |
| | | Section 43. Scan Your Network for Vulnerabilities |
| | | Section 44. Keep Server Clocks Synchronized |
| | | Section 45. Create Your Own Certificate Authority |
| | | Section 46. Distribute Your CA to Clients |
| | | Section 47. Encrypt IMAP and POP with SSL |
| | | Section 48. Set Up TLS-Enabled SMTP |
| | | Section 49. Detect Ethernet Sniffers Remotely |
| | | Section 50. Install Apache with SSL and suEXEC |
| | | Section 51. Secure BIND |
| | | Section 52. Secure MySQL |
| | | Section 53. Share Files Securely in Unix |
|
| | Chapter 4. Logging |
| | | Hacks #54-60 |
| | | Section 54. Run a Central Syslog Server |
| | | Section 55. Steer Syslog |
| | | Section 56. Integrate Windows into Your Syslog Infrastructure |
| | | Section 57. Automatically Summarize Your Logs |
| | | Section 58. Monitor Your Logs Automatically |
| | | Section 59. Aggregate Logs from Remote Sites |
| | | Section 60. Log User Activity with Process Accounting |
|
| | Chapter 5. Monitoring and Trending |
| | | Hacks #61-66 |
| | | Section 61. Monitor Availability |
| | | Section 62. Graph Trends |
| | | Section 63. Run ntop for Real-Time Network Stats |
| | | Section 64. Audit Network Traffic |
| | | Section 65. Collect Statistics with Firewall Rules |
| | | Section 66. Sniff the Ether Remotely |
|
| | Chapter 6. Secure Tunnels |
| | | Hacks #67-81 |
| | | Section 67. Set Up IPsec Under Linux |
| | | Section 68. Set Up IPsec Under FreeBSD |
| | | Section 69. Set Up IPsec in OpenBSD |
| | | Section 70. PPTP Tunneling |
| | | Section 71. Opportunistic Encryption with FreeS/WAN |
| | | Section 72. Forward and Encrypt Traffic with SSH |
| | | Section 73. Quick Logins with SSH Client Keys |
| | | Section 74. Squid Proxy over SSH |
| | | Section 75. Use SSH as a SOCKS Proxy |
| | | Section 76. Encrypt and Tunnel Traffic with SSL |
| | | Section 77. Tunnel Connections Inside HTTP |
| | | Section 78. Tunnel with VTun and SSH |
| | | Section 79. Automatic vtund.conf Generator |
| | | Section 80. Create a Cross-Platform VPN |
| | | Section 81. Tunnel PPP |
|
| | Chapter 7. Network Intrusion Detection |
| | | Hacks #82-95 |
| | | Section 82. Detect Intrusions with Snort |
| | | Section 83. Keep Track of Alerts |
| | | Section 84. Real-Time Monitoring |
| | | Section 85. Manage a Sensor Network |
| | | Section 86. Write Your Own Snort Rules |
| | | Section 87. Prevent and Contain Intrusions with Snort_inline |
| | | Section 88. Automated Dynamic Firewalling with SnortSam |
| | | Section 89. Detect Anomalous Behavior |
| | | Section 90. Automatically Update Snort's Rules |
| | | Section 91. Create a Distributed Stealth Sensor Network |
| | | Section 92. Use Snort in High-Performance Environments with Barnyard |
| | | Section 93. Detect and Prevent Web Application Intrusions |
| | | Section 94. Simulate a Network of Vulnerable Hosts |
| | | Section 95. Record Honeypot Activity |
|
| | Chapter 8. Recovery and Response |
| | | Hacks #96-100 |
| | | Section 96. Image Mounted Filesystems |
| | | Section 97. Verify File Integrity and Find Compromised Files |
| | | Section 98. Find Compromised Packages with RPM |
| | | Section 99. Scan for Root Kits |
| | | Section 100. Find the Owner of a Network |
|
| | Colophon |
| | Index |