|
Packages, Nokia
deleting, 689
description, 683
enabling and disabling, 688–689
installing by command line, 686–687
installing by Voyager, 684–686
Packet accounting
description, 137
Linux firewalls, 155–156
Packet filters
configuration, 136–137
description, 56–57, 130
publishing via, 1028–1029
rules, 147
Packet sniffers, 29–31, 1189, 1195–1199
Packets
fragmented, 347–348
logging, 146–147
Packets, capturing
description, 404–405
displaying traffic, 405–406
downloading traffic, 406–407
support options, 407–408
pager command (PIX firewalls), 265, 266
PAP (Password Authentication Protocol), 363
Passive and active modes in FTP, 314
passwd command (PIX firewalls), 266
Password Authentication Protocol (PAP), 363
Passwords
configuration for PIX firewalls, 270
firewall management station, 726
recovery (PIX), 262–263
S/Key one-time passwords, 670
PAT. see Port Address Translation (PAT)
Path variables on NSP, 622
PCI mezzanine card (PMC) slots, 609
PDM (PIX Device Manager), 264, 376
People hacking, 6
Performance, ISA Server
alerts, 961–964
bandwidth, 965–968
baselines, 943–944
cache configuration, 970–973
counters, 949–958
load-balancing, 968–970
logs, 958–961
monitoring tools, 945–948
optimization, 942–943
thresholds, 944
Windows 2000 Registry, 973–974
Performance, PIX firewalls
CPU, 408–412
identification protocol (IDENT), 415–416
measurements, 412
memory, 413–414
network, 414–415
Performance tuning for clusters, 799–807
Perimeter network security policy, 532, 536
Permissions
administrator, 433
ISA objects, 906–908
Server, ISA, installation of, 848–849
.PF files, 552–553
Philosophy, assessing, 39–40
Phones, Cisco IP, 347
ping command
description, 266
ensuring unique IP address, 345
testing for failover, 754
testing interfaces, 743, 759
testing Nokia clusters, 778
testing Nokia VRRP clusters, 794
testing reachability, 387
Ping flood attacks, 26
Ping-of-death attacks, 25
Pipeline character (|), 321
PIX Device Manager (PDM), 264, 376
PIX firewalls (Cisco)
AAA Floodguard, 349
access, checking, 392–396
access lists, 284–290, 293, 302–305
Adaptive Security Algorithm (ASA), 243–251
addressing, checking, 382–383
adequacy, 370
advanced protocols, handling, 251, 310–314
auditing, 1264–1266
cabling, troubleshooting, 378–381
commands, 267–273
conduits, 294, 305–307
connectivity, troubleshooting, 381–382
console ports, 257–259
description, 68–69
Domain Name System (DNS), 244, 318–319
Dynamic Host Configuration Protocol (DHCP), 341–347
embedded operating system, 242–243
enable mode, 265
errors, displayed, 375
File Transfer Protocol (FTP), 244, 314
Fragmentation Guard (FragGuard), 347–348
hardware, troubleshooting, 370–378
high availability, 254
Internet Locator Service (ILS) protocol, 333–334
intrusion detection systems (IDS), 1261–1267
LEDs, meanings of, 372
Lightweight Directory Access Protocol (LDAP), 333–334
memory architecture, 372
models, 254–257
NetShow, 324, 327
Network Address Translation (NAT), 252–254
object groups, 297–301
password recovery, 262–263
Port Address Translation (PAT), 253–254
Real-Time Streaming Protocol (RTSP), 324–327
remote procedure call (RPC), 323–324
remote shell (rsh), 322–323
resetting, 273
reverse-path forwarding (RPF), 351–353
routing, checking, 384–389
Session Initiation Protocol (SIP), 331–333
signatures, PIX IDS, 1262–1264
Simple Mail Transfer Protocol (SMTP), 320–321
Skinny Client Control Protocol (SSCP), 331
software licensing, 259–261
SQL*Net, 328
supported features, 375
supported number of DHCP clients, 343
SYN Floodguard, 349–350
TCP Intercept, 350
translation, checking, 389–392
troubleshooting PIX cabling, 378–381
troubleshooting PIX hardware, 370–378
unicast routing, 353–357
upgrading software, 261–262
VDO Live, 324, 327
virtual private networks (VPNs), 252
Voice over IP (VoIP), 328–330
see also Command-line interface (CLI) for PIX firewalls; Configuration of PIX firewalls; Filtering; Inbound connections; Outbound connections; Performance, PIX firewalls; Troubleshooting
PMC (PCI mezzanine card) slots, 609
Point-to-Point Protocol over Ethernet (PPPoE), 362–364
Point-to-Point Tunneling Protocol (PPTP), 252
Policies
configuration of FireWall-1, 623–625
description, 61–62
information flow control, 243–244
Linux firewalls, 140–143
Policy Editor, 515
pushing and fetching, 641–644
Policy-based intrusion detection systems (IDS), 1230–1231, 1235–1243
Pool memory, monitoring, 805–807
Pools, IP, 570, 573–574, 590
POP3 server, 1133–1134
Port Address Translation (PAT)
description, 64
dynamic translation, configuring, 278–282
PIX 500 series firewalls, 253–254
Port contention, 1029
Port-scanner attacks, 28
Portmapper daemon, 323–324
Ports
description, 248
DMZ networks, 95–96
file server communications, 1234
listing of, 299
literal port names, 286
network logging, 705
PIX firewall console ports, 257–259
range of, for HTTP, 321
redirection, 151, 295–296
registered, 16
scanning, 176–177
TCP/IP driver port range, 852, 868
Windows 2000 servers, 1233–1234
Positive Control, 160
Power-on self-test (POST), 373–375
PPPoE (Point-to-Point Protocol over Ethernet), 362–364
PPTP (Point-to-Point Tunneling Protocol), 252
Privileged commands for PIX firewalls, 265–266
Process operating states, 410–411
Profit-motivated hackers, 13–14
Promiscuous mode, 28
Protecting firewalls, 131–132
Protocol analyzers, 29–31
Protocol object groups, 299
Protocols
Adaptive Security Algorithm (ASA) details, 246–251
advanced, handling, 251, 310–314
audio, 329
capabilities exchange, 329
DMZ networks, 93
DNS Guard protocol, 251, 318–319
Dynamic Host Configuration Protocol (DHCP), 341–347
File Transfer Protocol (FTP), 244, 314
Hypertext Transfer Protocol (HTTP), 321–322
Internet Locator Service (ILS), 333–334
Layer 2 Tunneling Protocol (L2TP), 252
Lightweight Directory Access Protocol (LDAP), 333–334
literal protocol names, 285
media, 329
nonencapsulating, 586
Point-to-Point Protocol over Ethernet (PPPoE), 362–364
Point-to-Point Tunneling Protocol (PPTP), 252
protocol object groups, 299
Real-Time Streaming Protocol (RTSP), 324–327
Real-Time Transport Protocol (RTP), 326
Registration, Admission, and Status (RAS), 329–330
Routing Information Protocol (RIP), 355–357
Session Description Protocol (SDP), 324–325
Session Initiation Protocol (SIP), 331–333
signaling, 329
Simple Mail Transfer Protocol (SMTP), 320–321
Skinny Client Control Protocol (SSCP), 331
Trivial File Transfer Protocol (TFTP), 261
tunneling, 252
User Datagram Protocol (UDP), 250–251
see also Internet Protocol (IP); Transmission Control Protocol (TCP)
Proxy ARP, 319, 353–355, 755
Proxy Server 2.0, migrating from
components migrated, 869–870
differences from ISA Server, 870–873
Internet Information Services (IIS), 873
SOCKS Proxy Service, 872
Web cache, 872
Web Proxy Service, 871–872
Winsock proxy clients, 872
see also Internet Security and Acceleration (ISA) Server 2000 (Microsoft)
Proxy Server 2.0, upgrading
on Windows 2000, 874–876
on Windows NT 4.0 Server, 876–877
Public-key encryption, 579
Publisher networks, 539
Publishing
certificate servers, 1100–1102
Exchange (Microsoft) servers, 1117–1122, 1155–1157
Outlook Web Access (OWA), 1141–1142, 1165–1166
packet filters, 1028–1029
problems, 1020–1022
secure services, 1135–1140
see also Internet Information Services (IIS); Server publishing rules; Web publishing rules
Publishing pcAnywhere, 1071–1074
Publishing problems, 1020–1022
|