|
Scanning tools, 355–357
Schneier, Bruce, 129
Script kiddies, 272, 350
Secret key algorithms, 127–130
Secret key cryptography, 121, 122
Secure Key Exchange Mechanism (SKEME), 319
Secure Multipurpose Internet Mail Extensions (S/MIME), 181
Secure Session Layer (SSL), 132, 158, 183, 344
Security association (SA), 311–314, 321
Security associations database (SAD), 312–314
Security certifications, 4–5
Security labels, 149
Security model, 8
Security parameters index (SPI), 311–314, 329–330
Security patches, See Patches
Security policy, 2–3, 8, See also Incident response
acceptable use, 16, 43, 49–50, 389–390
administrative countermeasures, 42–45, 49
authority, 51
configuration guide, 9, 46, 54–55
defense in depth, 32, 208
definitions, 51
disaster recovery and continuity planning, 16, 383–388
distribution, 52
firewall configuration, 209–211
formats, 15–16
identifying assets, 12
incident response policy, 16, 50, See also Incident response
management support, 10–12, 391
network penetration testing and, 349, 358–359
noncompliance consequences, 16
outbound traffic and, 216–218
permissive vs. restrictive perspectives, 219–220
physical countermeasures, 45–46, 49, 54–55
regulatory expectations, 12–13
review, 16, 52–53
risk assessment, 17–35, See also Risk analysis
sample policy creation, 47–53
security model and, 8
selecting countermeasures, 31–46, 392
standards and procedures, 9, 46, 53–55, 393
structure of, 9
terms, 13–15
testing, 44, See also Network penetration testing
Security policy database (SPD), 311
Selective-acknowledgement (SACK) option, 109
Servers and hosts, 114–117
Service set identifier (SSID), 343
SHA-1, 156, 315, 379
Shielded twisted pair (STP) cable, 60
Signature dynamics, 161, 162
Signatures (digital), 125, 126, 169, 321
Simple Network Management Protocol (SNMP), 71
Single loss expectancy (SLE), 21, 24–26, 31, 32
Single sign-on system, 169
SKEME, 319
Slammer worm, 138
Sliding windows, 112
Smart cards
certificates, 169
one-time passwords, 159–160
S/MIME, 181
SMTP, encryption via SSL/TLS, 344
SNA, 65, 72
SNMP, 71
SNMPv2, 207
Social engineering, 353, 359
Sockets, 103
Source addresses, problematic, 205–206
Source field, 81
Source port field, 102
Source quench, 84
Source routing, 81–82, 87, 235–236
Split tunneling, 134–135, 298
Spoofing, 191, 205
confusing switches, 67–68
IP source address characteristics, 81
reverse path forwarding vs., 232–234
SPX, 289
Spyware, 217
SQL Sapphire/Slammer worm, 138
SSH, router configuration and, 207
SSHredder, 356
SSL, 132, 158, 183, 344
Standards and procedures statement, 9, 46, 53–55, 393
Standby server, 28–29
Stateful packet filters, 193–195, 223–226
Static routing, 95
Stream ciphers, 342
Subnet masking, 88, 240
variable length (VLSM), 91
Subnetting
NAT and firewall operation, 246–251
wireless network security issues, 343
Switches, 66–68, 83–84
network-based intrusion detection and, 260–261
threats, 67–68
Symmetric encryption algorithms, 127–130
Symmetric keys, 121, 122
SYN attack, 111–112, 231–232
SYN bit (TCP), 105–107, 214
SYN filtering, 111–112
|