D



Index


[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z]

daemons
    NFS (UNIX) services
         deactivating 2nd
data
     as crown jewels 2nd
    defense in depth
         cryptography
         cryptography, PGP
         cryptography, PKI
         diffusion of data 2nd 3rd
         diffusion of data, remote controlware
         diffusion of data, WAP
data integrity (VPN requirements) 2nd
data storage
     routers
database components (multitier applications)
DCOM (Distributed Component Object Model)
     interapplication communication 2nd
DDoS (Distributed Denial of Service) attacks
     network performance 2nd 3rd 4th
DDoS (distributed denial of service) attacks
     Smurf attacks
DDoS attack mitigation systems
deactivating
     NFS service daemons (UNIX) 2nd
     r-commands (UNIX)
     remote access services 2nd 3rd 4th
     Remote Desktop service (Windows)
     Remote Registry Service (Windows)
     resource-sharing services 2nd
     Server service (Windows)
     SNMP 2nd
     Terminal Services (Windows)
    user accounts
         UNIX 2nd
         versus deleting
deception devices
dedicated servers
     security zones, creating 2nd 3rd
dedicating
     servers
deep packet inspection 2nd 3rd
Deep Packet Inspection
deep packet inspection
     SSL
Deep Packet Inspection firewalls
     high-risk services
default routes
defense components (hosts)
     managing
     updating
defense in depth
    case studies
         Nimda worm 2nd
     cryptography
     cryptography, PGP
     cryptography, PKI
     defining 2nd
    information
         diffusion of 2nd 3rd
         diffusion of, remote controlware
         diffusion of, WAP
    infrastructure of
         internal network
         internal network, antivirus software
         internal network, auditing 2nd
         internal network, configuration management 2nd
         internal network, host hardening 2nd
         internal network, personal firewalls 2nd 3rd
         perimeter
         perimeter, border routers
         perimeter, egress filtering 2nd
         perimeter, IDS 2nd
         perimeter, ingress filtering 2nd
         perimeter, IPS
         perimeter, proxy firewalls
         perimeter, stateful firewalls 2nd
         perimeter, static packet filters 2nd 3rd
         perimeter, VPN 2nd
         security policies
         user awareness
defense in depth architectures
     absorbent perimeters
         failover 2nd
         honeypots
         honeypots, DTK 2nd
         honeypots, Honeynet project website
         rate limiting 2nd 3rd
     castle analogy
         hiding
         hiding, fragment reconnaissance
         hiding, ping reconnaissance
         hiding, SYN/FIN attacks 2nd
         internal defenses
         internal defenses, airgaps
         internal defenses, internal firewalls
         internal defenses, personal firewalls
         internal defenses, SDN 2nd 3rd 4th
         layered defenses 2nd
         secret passages, firewall tunnels 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
     compartmentalization
defense-in-depth security structures
     routers
         NBAR 2nd 3rd 4th 5th 6th
         packet filtering 2nd
deleting
     file shares (Windows)
    user accounts
         versus deactivating
demos (software)
denial of service attacks
     Smurf attacks
deny ACL (access control lists) 2nd
deny any log command
deploying
     host-based IDS 2nd
DES (Data Encryption Standard)
designing
     network log reports 2nd
designing perimeter security
    attacker type, determining
         determined insiders 2nd
         determined outsiders 2nd 3rd
         script kiddies 2nd
         worms 2nd 3rd
     business requirements, determining
         business-related services 2nd
         cost 2nd 3rd
         fault tolerance
         fault tolerance, geographic redundancy 2nd
         fault tolerance, intrasite redundancy 2nd 3rd 4th 5th
         fault tolerance, intrasystem redundancy
         performance 2nd
         performance, detailed logs 2nd
         performance, encryption 2nd
         performance, inline security devices
    case studies
         complex e-commerce business sites 2nd
         complex e-commerce business sites, DMZ 2nd 3rd 4th
         complex e-commerce business sites, internal networks 2nd
         complex e-commerce business sites, Internet 2nd 3rd
         complex e-commerce business sites, proxy layers 2nd 3rd
         complex e-commerce business sites, security networks 2nd 3rd 4th
         small businesses with basic Internet presence 2nd 3rd 4th 5th 6th 7th
         small e-commerce business sites 2nd 3rd 4th 5th 6th 7th 8th 9th
         telecommuters using broadband connections 2nd 3rd 4th 5th 6th
     cost, determining 2nd
    design elements
         firewalls 2nd
         firewalls, access control 2nd
         firewalls, basic filtering 2nd
         firewalls, inline 2nd
         firewalls, ISP controlled routers 2nd
         firewalls, parallel 2nd 3rd
         firewalls, VPN interaction 2nd 3rd 4th 5th 6th
         routers 2nd 3rd 4th
         routers, access control 2nd
         routers, basic filtering 2nd
         routers, ISP controlled 2nd
         VPN, firewall interaction 2nd 3rd 4th 5th 6th
     network composition, determining
     potential threats, determining
    resource protection
         bridges 2nd 3rd
         copiers
         IP-based telephony systems
         modems 2nd
         PBX systems
         printers
         routers 2nd 3rd
         servers 2nd
         switches 2nd 3rd
         voice mail systems
         workstations 2nd
desktops
    LAN-connected
         resource separation 2nd
     remote software
         risks of 2nd
         single session
         single session, client integration
         single session, perimeter defenses 2nd
         single session, server integration 2nd
         single session, uses of
         terminal servers
         terminal servers, client integration
         terminal servers, perimeter defenses
         terminal servers, server integration
         terminal servers, uses of 2nd
         terminal servers, VPN case studies 2nd 3rd
destination addresses (packets)
detailed logs
     system performance 2nd
detecting intrusions
     network log files
determined insiders
     Cisco stock options exploits
     secure perimeter design 2nd
determined outsiders
     secure perimeter design 2nd 3rd
developing perimeter security
    attacker type, determining
         determined insiders 2nd
         determined outsiders 2nd 3rd
         script kiddies 2nd
         worms 2nd 3rd
     business requirements, determining
         business-related services 2nd
         cost 2nd 3rd
         fault tolerance
         fault tolerance, geographic redundancy 2nd
         fault tolerance, intrasite redundancy 2nd 3rd 4th 5th
         fault tolerance, intrasystem redundancy
         performance 2nd
         performance, detailed logs 2nd
         performance, encryption 2nd
         performance, inline security devices
    case studies
         complex e-commerce business sites 2nd
         complex e-commerce business sites, DMZ 2nd 3rd 4th
         complex e-commerce business sites, internal networks 2nd
         complex e-commerce business sites, Internet 2nd 3rd
         complex e-commerce business sites, proxy layers 2nd 3rd
         complex e-commerce business sites, security networks 2nd 3rd 4th
         small businesses with basic Internet presence 2nd 3rd 4th 5th 6th 7th
         small e-commerce business sites 2nd 3rd 4th 5th 6th 7th 8th 9th
         telecommuters using broadband connections 2nd 3rd 4th 5th 6th
     cost, determining 2nd
    design elements
         firewalls 2nd
         firewalls, access control 2nd
         firewalls, basic filtering 2nd
         firewalls, inline 2nd
         firewalls, ISP controlled routers 2nd
         firewalls, parallel 2nd 3rd
         firewalls, VPN interaction 2nd 3rd 4th 5th 6th
         routers 2nd 3rd 4th
         routers, access control 2nd
         routers, basic filtering 2nd
         routers, ISP controlled 2nd
         VPN, firewall interaction 2nd 3rd 4th 5th 6th
     network composition, determining
     potential threats, determining
    resource protection
         bridges 2nd 3rd
         copiers
         IP-based telephony systems
         modems 2nd
         PBX systems
         printers
         routers 2nd 3rd
         servers 2nd
         switches 2nd 3rd
         voice mail systems
         workstations 2nd
dialup connections
     resource separation 2nd
dictionary attacks
     LEAP 2nd
     passwords
     WPA 2nd
differential scanning software
     NDiff 2nd
Diffie-Hellman asmmetric key encryption algorithms
Diffie-Hellman asymmetric key encryption algorithms
diffusion of information 2nd 3rd
     remote controlware
     WAP
Dig
digital certificates
     CA
     RA
digital signatures
     defining 2nd
     ICV
directives (corporate)
     security policies, writing
disabling
     bridges (AP)
     CDP
     Finger services 2nd
     PAD services
     proxy-ARP 2nd
    router services
         CDP
         Finger services 2nd
         PAD services
         proxy-ARP 2nd
         small services 2nd
    servers
         via routers 2nd
     source routing
     SSID broadcasts 2nd 3rd 4th
     Time service 2nd
     Web management
disabling/removing (host hardening)
     OS components
discovery process (network security design)
dispatchers (load balancers)
    Layer 4
         network performance 2nd
    Layer 7
         network performance 2nd
displaying
     host routing tables
     MAC addresses 2nd
distribute-list command (routers)
distribute-list out command (routers)
distributed IDS services
DMZ
     complex e-commerce site case studies 2nd 3rd 4th
     wireless 2nd
DMZ (de-militarized zones)
     defining 2nd
     DNS servers 2nd
DNS
     established keyword 2nd
    Split DNS
         functions of 2nd
     spoofing attacks 2nd
DNS requests
     network log analysis
DNS servers
     DMZ 2nd
     recursive queries
     screened subnets 2nd
     source port 53 queries
    Split DNS
         configuring 2nd 3rd 4th
         justifying
     zone transfers
documentation
     network security assessments, planning
documentation (troubleshooting rules) 2nd
documentation phase (network security assessments) 2nd 3rd
     best practices
     executive summaries 2nd 3rd
     introductions
     prioritizing findings by risk
documenting
     security policies
domain command (SSH)
     router hardening
Doom
     LANs
DoS (Denial of Service)
     WDoS 2nd
DoS (Denial of Service) attacks 2nd [See also smurf attacks]
     antivirus software
     Authorize.Net 2nd
DoS attacks
    ICMP flooding
         network performance
         zombie systems
    ICMP flooding, DDoS attacks
         network performance 2nd 3rd 4th
    ICMP flooding, smurfing attacks
         network performance 2nd
    SYN flooding
         network performance 2nd 3rd
DTK (deception toolkit) 2nd
dyanmic packet-filtering
     IPv6 ACL 2nd
     reflexive ACL 2nd
     reflexive ACL, FTP 2nd
     reflexive ACL, ICMP
     reflexive ACL, named ACL 2nd
     reflexive ACL, outbound traffic 2nd
     reflexive ACL, PASV FTP
     reflexive ACL, TCP flags 2nd
     reflexive ACL, UDP
dynamic routing protocols 2nd
     route authentication 2nd
     update blocking 2nd 3rd



Inside Network Perimeter Security
Inside Network Perimeter Security (2nd Edition)
ISBN: 0672327376
EAN: 2147483647
Year: 2005
Pages: 230

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net