Flylib.com
Inside Network Perimeter Security (2nd Edition)
Inside Network Perimeter Security (2nd Edition)
ISBN: 0672327376
EAN: 2147483647
Year: 2005
Pages: 230
Authors:
Stephen Northcutt
,
Lenny Zeltser
,
Scott Winters
,
Karen Kent
,
Ronald W. Ritchey
BUY ON AMAZON
Inside Network Perimeter Security
Table of Contents
Copyright
About the Authors
About the Technical Editors
Acknowledgments
We Want to Hear from You
Reader Services
Preface
Rickety Planes
Fires in the West
Rapid Advances in Technology
Decline in Personal Service
Continuous Inspections
Defense in Depth
Core Business Sector
Introduction
Who Should Read This Book
Why We Created This Book s Second Edition
Overview of the Book s Contents
Conventions
Part I: The Essentials of Network Perimeter Security
Chapter 1. Perimeter Security Fundamentals
Terms of the Trade
Defense in Depth
Case Study: Defense in Depth in Action
Summary
Chapter 2. Packet Filtering
TCPIP Primer: How Packet Filtering Works
TCP and UDP Ports
TCP s Three-way Handshake
The Cisco Router as a Packet Filter
An Alternative Packet Filter: IPChains
The Cisco ACL
Effective Uses of Packet-Filtering Devices
Egress Filtering
Tracking Rejected Traffic
Problems with Packet Filters
Dynamic Packet Filtering and the Reflexive Access List
Summary
References
Chapter 3. Stateful Firewalls
How a Stateful Firewall Works
The Concept of State
Stateful Filtering and Stateful Inspection
Summary
References
Chapter 4. Proxy Firewalls
Fundamentals of Proxying
Pros and Cons of Proxy Firewalls
Types of Proxies
Tools for Proxying
Summary
Chapter 5. Security Policy
Firewalls Are Policy
How to Develop Policy
Perimeter Considerations
Summary
References
Part II: Fortifying the Security Perimeter
Chapter 6. The Role of a Router
The Router as a Perimeter Device
The Router as a Security Device
Router Hardening
Summary
Chapter 7. Virtual Private Networks
VPN Basics
Advantages and Disadvantages of VPNs
IPSec Basics
Other VPN Protocols: PPTP and L2TP
Summary
References
Chapter 8. Network Intrusion Detection
Network Intrusion Detection Basics
The Roles of Network IDS in a Perimeter Defense
IDS Sensor Placement
Case Studies
Summary
Chapter 9. Host Hardening
The Need for Host Hardening
Removing or Disabling of Unnecessary Programs
Limiting Access to Data and Configuration Files
Controlling User and Privileges
Maintaining Host Security Logs
Applying Patches
Additional Hardening Guidelines
Summary
Chapter 10. Host Defense Components
Hosts and the Perimeter
Antivirus Software
Host-Based Firewalls
Host-Based Intrusion Detection
Challenges of Host Defense Components
Summary
References
Chapter 11. Intrusion Prevention Systems
Rapid Changes in the Marketplace
What Is IPS?
IPS Limitations
NIPS
Host-Based Intrusion Prevention Systems
Summary
Part III: Designing a Secure Network Perimeter
Chapter 12. Fundamentals of Secure Perimeter Design
Gathering Design Requirements
Design Elements for Perimeter Security
Summary
References
Chapter 13. Separating Resources
Security Zones
Common Design Elements
VLAN-Based Separation
Summary
References
Chapter 14. Wireless Network Security
802.11 Fundamentals
Securing Wireless Networks
Auditing Wireless Security
Case Study: Effective Wireless Architecture
Summary
References
Chapter 15. Software Architecture
Software Architecture and Network Defense
How Software Architecture Affects Network Defense
Software Component Placement
Identifying Potential Software Architecture Issues
Software Testing
Network Defense Design Recommendations
Case Study: Customer Feedback System
Case Study: Web-Based Online Billing Application
Summary
References
Chapter 16. VPN Integration
Secure Shell
Secure Sockets Layer
Remote Desktop Solutions
IPSec
Other VPN Considerations
VPN Design Case Study
Summary
References
Chapter 17. Tuning the Design for Performance
Performance and Security
Network Security Design Elements That Impact Performance
Impact of Encryption
Using Load Balancing to Improve Performance
Mitigating the Effects of DoS Attacks
Summary
References
Chapter 18. Sample Designs
Review of Security Design Criteria
Case Studies. (linksys router cisco vpn)
Summary
Part IV: Maintaining and Monitoring Perimeter Security
Chapter 19. Maintaining a Security Perimeter
System and Network Monitoring
Incident Response
Accommodating Change
Summary
References
Chapter 20. Network Log Analysis
The Importance of Network Log Files
Log Analysis Basics
Analyzing Router Logs
Analyzing Network Firewall Logs
Analyzing Host-Based Firewall and IDS Logs
Summary
Chapter 21. Troubleshooting Defense Components
The Process of Troubleshooting
Troubleshooting Rules of Thumb
The Troubleshooter s Toolbox
Summary
References
Chapter 22. Assessment Techniques
Roadmap for Assessing the Security of Your Network
Planning
Reconnaissance
Network Service Discovery
Vulnerability Discovery
Verification of Perimeter Components
Remote Access
Exploitation
Results Analysis and Documentation
Summary
Chapter 23. Design Under Fire
The Hacker Approach to Attacking Networks
Adversarial Review
GIAC GCFW Student Practical Designs
Summary
References
Chapter 24. A Unified Security Perimeter: The Importance of Defense in Depth
Castles: An Example of Defense-in-Depth Architecture
Absorbent Perimeters
Defense in Depth with Information
Summary
Part V: Appendixes
Appendix A. Cisco Access List Sample Configurations
Complete Access List for a Private-Only Network
Complete Access List for a Screened Subnet Network That Allows Public Server Internet Access
Example of a Router Configuration as Generated by the Cisco Auto Secure Feature
Appendix B. Crypto 101
Encryption Algorithms
References
Index
SYMBOL
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
Z
Inside Network Perimeter Security (2nd Edition)
ISBN: 0672327376
EAN: 2147483647
Year: 2005
Pages: 230
Authors:
Stephen Northcutt
,
Lenny Zeltser
,
Scott Winters
,
Karen Kent
,
Ronald W. Ritchey
BUY ON AMAZON
Snort Cookbook
Invisibly Sniffing Between Two Network Points
Building a Distributed IDS (Plain Text)
Logging to a File Quickly
Installing and Configuring SnortCenter
Tools for Testing Signatures
The Java Tutorial: A Short Course on the Basics, 4th Edition
Arrays
Code Samples
Specifying the Exceptions Thrown by a Method
Code Samples
Practical Consideration of Writing Applets
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Understanding Intrusion Detection
Crash Course in the Internet Protocol Suite
Tcpdump
Internet Security Systems RealSecure
Policy and Procedures
802.11 Wireless Networks: The Definitive Guide, Second Edition
Introduction to Wireless Networking
Characteristics of the OFDM PHY
Reading the Specification Sheet
PCMCIA Support on Linux
Planning Access-Point Placement
Java Concurrency in Practice
Threads are Everywhere
Adding Functionality to Existing Thread-safe Classes
Building an Efficient, Scalable Result Cache
Performance and Scalability
Choosing Between Synchronized and ReentrantLock
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
Strings and Regular Expressions
Reflection
Windows Programming
Windows Services
ASP.NET Web Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies