Flylib.com
Protect Your Windows Network: From Perimeter to Data
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors:
Jesper M. Johansson
,
Steve Riley
BUY ON AMAZON
Protect Your Windows Network From Perimeter to Data
Table of Contents
Copyright
Praise for Protect Your Windows Network
Acknowledgments
About the Authors
Jesper M. Johansson
Steve Riley
Preface
Target Audience and Objective
What Is on the CD
PartI.Introduction and Fundamentals
Chapter1.Introduction to Network Protection
Why Would Someone Attack Me?
Nobody Will Ever Call You to Tell You How Well the Network Is Working
Introduction to the Defense-in-Depth Model
The Defender s Dilemma
Summary
What You Should Do Today
Endnote Endnotes
Chapter2.Anatomy Of A HackThe Rise And Fall Of Your Network
What a Penetration Test Will Not Tell You
Why You Need To Understand Hacking
Target Network
Network Footprinting
Initial Compromise
Elevating Privileges
Hacking Other Machines
Taking Over the Domain
Post-mortem
How to Get an Attacker Out of Your Network
Summary
What You Should Do Today
Chapter3.Rule Number 1: Patch Your Systems
Patches Are a Fact of Life
Exercise Good Judgment
What Is a Patch?
Patch Management Is Risk Management
Tools to Manage Security Updates
Advanced Tips and Tricks
Slipstreaming
Summary
What You Should Do Today
PartII.Policies, Procedures, and User Awareness
Chapter4.Developing Security Policies
Who Owns Developing Security Policy
What a Security Policy Looks Like
Why a Security Policy Is Necessary
Why So Many Security Policies Fail
Analyzing Your Security Needs to Develop Appropriate Policies
How to Make Users Aware of Security Policies
Procedures to Enforce Policies
Dealing with Breaches of Policy
More Information
Summary
What You Should Do Today
Chapter5.Educating Those Pesky Users
System Administration Security Administration
Securing People
The Problem
Protecting People
Plausibility Dread Novelty Compromise
Things You Should Do Today
PartIII.Physical and Perimeter Security: The First Line of Defense
Chapter6.If You Do Not Have Physical Security, You Do Not Have Security
But First, a Story
It s a Fundamental Law of Computer Security
The Importance of Physical Access Controls
Protecting Client PCs
The Case of the Stolen Laptop
The Family PC
No Security, Physical or Otherwise, Is Completely Foolproof
Things You Should Do Today
Chapter7.Protecting Your Perimeter
The Objectives of Information Security
The Role of the Network
Start with (What s Left of) Your Border
Next, Use the Right Firewall
Then, Consider Your Remote Access Needs
Finally, Start Thinking About Deperimeterization
Things You Should Do Today
Endnote Endnotes
PartIV.Protecting Your Network Inside the Perimeter
Chapter8.Security Dependencies
Introduction to Security Dependencies
Administrative Security Dependencies
Service Account Dependencies
Mitigating Service and Administrative Dependencies
Other Security Dependencies
Summary
What You Should Do Today
Chapter9.Network Threat Modeling
Network Threat Modeling Process
Document Your Network
Segment Your Network
Restrict Access to Your Network
Summary
What You Should Do Today
Chapter10.Preventing Rogue Access Inside the Network
The Myth of Network Sniffing
Network Protection at Layers 2 and 3
Using 802.1X for Network Protection
Using IPsec for Network Protection
Network Quarantine Systems
Summary
What You Should Do Today
Chapter11.Passwords and Other Authentication MechanismsThe Last Line of Defense
Introduction
Password Basics
Password History
What Administrators Need to Know About Passwords
Password Best Practices
Recommended Password Policy
Better Than Best PracticesMultifactor Authentication
Summary
What You Should Do Today
PartV.Protecting Hosts
Chapter12.Server and Client Hardening
Security Configuration Myths
On to the Tweaks
Top 10 (or so) Server Security Tweaks
Top 10 (or so) Client Security Tweaks
The Caution ListChanges You Should Not Make
Security Configuration Tools
Summary
What You Should Do Today
PartVI.Protecting Applications
Chapter13.Protecting User Applications
Patch Them
Make Them Run As a Nonadmin
Turn Off Functionality
Restrict Browser Functionality
Attachment Manager
Spyware
Security Between Chair and Keyboard (SeBCAK)
Summary
What You Should Do Today
Chapter14.Protecting Services and Server Applications
You Need a Healthy Disrespect for Your Computer
Rule 1: All Samples Are Evil
Three Steps to Lowering the Attack Surface
What About Service Accounts?
Privileges Your Services Do Not Need
Hardening SQL Server 2000
Hardening IIS 5.0 and 6.0
Summary
What You Should Do Today
Chapter15.Security for Small Businesses
Protect Your Desktops and Laptops
Protect Your Servers
Protect Your Network
Keep Your Data Safe
Use the Internet Safely
Small Business Security Is No Different, Really
What You Should Do Today
Chapter16.Evaluating Application Security
Caution: More Software May Be Hazardous to Your Network Health
Baseline the System
Things to Watch Out For
Summary
What You Should Do Today
PartVII.Protecting Data
Chapter17.Data-Protection Mechanisms
Security Group Review
Access Control Lists
Layers of Access Control
Access Control Best Practices
Rights Management Systems
Incorporating Data Protection into Your Applications
Protected Data: Our Real Goal
What You Should Do Today
Endnote Endnotes
AppendixA.How to Get Your Network Hacked in 10 Easy Steps
AppendixB.Script To Revoke SQL Server PUBLIC Permissions
AppendixC.HOSTS file to Block Spyware
AppendixD.Password Generator Tool
g (Generate Password Based on Known Input)
r (Generate Random Password)
s (Set a Password on an Account andor Service)
Security Information
Usage Scenarios
AppendixE.10 Immutable Laws of Security
Law 1: If a bad guy can persuade you to run his program on your computer, it s not your computer anymore
Law 2: If a bad guy can alter the operating system on your computer, it s not your computer anymore
Law 3: If a bad guy has unrestricted physical access to your computer, it s not your computer anymore
Law 4: If you allow a bad guy to upload programs to your Web site, it s not your Web site any more
Law 5: Weak passwords trump strong security
Law 6: A computer is only as secure as the administrator is trustworthy
Law 7: Encrypted data is only as secure as the decryption key
Law 8: An out-of-date virus scanner is only marginally better than no virus scanner at all
Law 9: Absolute anonymity isn t practical, in real life or on the Web
Law 10: Technology is not a panacea
Index
SYMBOL
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors:
Jesper M. Johansson
,
Steve Riley
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
Connectivity, Authentication, and Privileges
PL/SQL
Optimizing: The Oracle Side
Optimizing: Reducing Parses
Appendix B Functions
Managing Enterprise Systems with the Windows Script Host
Logon Scripts and Scheduling
Input/Output Streams
Registry Operations
Network Administration/WMI
Exchange Server
Data Structures and Algorithms in Java
Using Objects
Asymptotic Notation
Binary Search
Shortest Paths
C. Summation Formulae
Mapping Hacks: Tips & Tools for Electronic Cartography
Hack 3. Map the Places Youve Visited
Hack 14. Make Free Maps of the United States Online
Hack 57. Connect to Your GPS from Multiple Applications
Hacks 93-100
Hack 99. Map Your Friend-of-a-Friend Network
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Photoshop Layers and After Effects
Cause and Effect
Making Movies from Stills
Motion Titling Effects
Appendix Adobe Photoshop and After Effects Resources
File System Forensic Analysis
Digital Investigation Foundations
Removable Media
MFT Concepts
Bibliography
File System Category
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies