Inside Network Perimeter Security (2nd Edition)

ISBN: 0672327376
EAN: 2147483647

Year: 2005
Pages: 230

Authors: Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent, Ronald W. Ritchey

BUY ON AMAZON

Inside Network Perimeter Security
Table of Contents
Copyright
About the Authors
About the Technical Editors
Acknowledgments
We Want to Hear from You
Reader Services
Preface
Rickety Planes
Fires in the West
Rapid Advances in Technology
Decline in Personal Service
Continuous Inspections
Defense in Depth
Core Business Sector
Introduction
Who Should Read This Book
Why We Created This Book s Second Edition
Overview of the Book s Contents
Conventions
Part I: The Essentials of Network Perimeter Security
Chapter 1. Perimeter Security Fundamentals
Terms of the Trade
Defense in Depth
Case Study: Defense in Depth in Action
Summary
Chapter 2. Packet Filtering
TCPIP Primer: How Packet Filtering Works
TCP and UDP Ports
TCP s Three-way Handshake
The Cisco Router as a Packet Filter
An Alternative Packet Filter: IPChains
The Cisco ACL
Effective Uses of Packet-Filtering Devices
Egress Filtering
Tracking Rejected Traffic
Problems with Packet Filters
Dynamic Packet Filtering and the Reflexive Access List
Summary
References
Chapter 3. Stateful Firewalls
How a Stateful Firewall Works
The Concept of State
Stateful Filtering and Stateful Inspection
Summary
References
Chapter 4. Proxy Firewalls
Fundamentals of Proxying
Pros and Cons of Proxy Firewalls
Types of Proxies
Tools for Proxying
Summary
Chapter 5. Security Policy
Firewalls Are Policy
How to Develop Policy
Perimeter Considerations
Summary
References
Part II: Fortifying the Security Perimeter
Chapter 6. The Role of a Router
The Router as a Perimeter Device
The Router as a Security Device
Router Hardening
Summary
Chapter 7. Virtual Private Networks
VPN Basics
Advantages and Disadvantages of VPNs
IPSec Basics
Other VPN Protocols: PPTP and L2TP
Summary
References
Chapter 8. Network Intrusion Detection
Network Intrusion Detection Basics
The Roles of Network IDS in a Perimeter Defense
IDS Sensor Placement
Case Studies
Summary
Chapter 9. Host Hardening
The Need for Host Hardening
Removing or Disabling of Unnecessary Programs
Limiting Access to Data and Configuration Files
Controlling User and Privileges
Maintaining Host Security Logs
Applying Patches
Additional Hardening Guidelines
Summary
Chapter 10. Host Defense Components
Hosts and the Perimeter
Antivirus Software
Host-Based Firewalls
Host-Based Intrusion Detection
Challenges of Host Defense Components
Summary
References
Chapter 11. Intrusion Prevention Systems
Rapid Changes in the Marketplace
What Is IPS?
IPS Limitations
NIPS
Host-Based Intrusion Prevention Systems
Summary
Part III: Designing a Secure Network Perimeter
Chapter 12. Fundamentals of Secure Perimeter Design
Gathering Design Requirements
Design Elements for Perimeter Security
Summary
References
Chapter 13. Separating Resources
Security Zones
Common Design Elements
VLAN-Based Separation
Summary
References
Chapter 14. Wireless Network Security
802.11 Fundamentals
Securing Wireless Networks
Auditing Wireless Security
Case Study: Effective Wireless Architecture
Summary
References
Chapter 15. Software Architecture
Software Architecture and Network Defense
How Software Architecture Affects Network Defense
Software Component Placement
Identifying Potential Software Architecture Issues
Software Testing
Network Defense Design Recommendations
Case Study: Customer Feedback System
Case Study: Web-Based Online Billing Application
Summary
References
Chapter 16. VPN Integration
Secure Shell
Secure Sockets Layer
Remote Desktop Solutions
IPSec
Other VPN Considerations
VPN Design Case Study
Summary
References
Chapter 17. Tuning the Design for Performance
Performance and Security
Network Security Design Elements That Impact Performance
Impact of Encryption
Using Load Balancing to Improve Performance
Mitigating the Effects of DoS Attacks
Summary
References
Chapter 18. Sample Designs
Review of Security Design Criteria
Case Studies. (linksys router cisco vpn)
Summary
Part IV: Maintaining and Monitoring Perimeter Security
Chapter 19. Maintaining a Security Perimeter
System and Network Monitoring
Incident Response
Accommodating Change
Summary
References
Chapter 20. Network Log Analysis
The Importance of Network Log Files
Log Analysis Basics
Analyzing Router Logs
Analyzing Network Firewall Logs
Analyzing Host-Based Firewall and IDS Logs
Summary
Chapter 21. Troubleshooting Defense Components
The Process of Troubleshooting
Troubleshooting Rules of Thumb
The Troubleshooter s Toolbox
Summary
References
Chapter 22. Assessment Techniques
Roadmap for Assessing the Security of Your Network
Planning
Reconnaissance
Network Service Discovery
Vulnerability Discovery
Verification of Perimeter Components
Remote Access
Exploitation
Results Analysis and Documentation
Summary
Chapter 23. Design Under Fire
The Hacker Approach to Attacking Networks
Adversarial Review
GIAC GCFW Student Practical Designs
Summary
References
Chapter 24. A Unified Security Perimeter: The Importance of Defense in Depth
Castles: An Example of Defense-in-Depth Architecture
Absorbent Perimeters
Defense in Depth with Information
Summary
Part V: Appendixes
Appendix A. Cisco Access List Sample Configurations
Complete Access List for a Private-Only Network
Complete Access List for a Screened Subnet Network That Allows Public Server Internet Access
Example of a Router Configuration as Generated by the Cisco Auto Secure Feature
Appendix B. Crypto 101
Encryption Algorithms
References
Index
SYMBOL
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
Z