The Practice of Network Security: Deployment Strategies for Production Environments |
By Allan Liska, CISSP |
|
Publisher | : Prentice Hall PTR |
Pub Date | : December 26, 2002 |
ISBN | : 0-13-046223-3 |
Pages | : 416 |
Slots | : 1 | | | Copyright |
| | Prentice Hall PTR Series in Computer Networking and Distributed Systems |
| | About Prentice Hall Professional Technical Reference |
| | Acknowledgements |
| | Introduction |
| | | Purpose of This Book |
| | | The Complaint Department |
|
| | Chapter 1. Defining the Scope |
| | | Section 1.1. What is Network Security? |
| | | Section 1.2. What Types of Network Security Are Important? |
| | | Section 1.3. What Is the Cost of Lax Security Policies? |
| | | Section 1.4. Where Is the Network Vulnerable? |
| | | Section 1.5. The Network |
| | | Section 1.6. Summary |
|
| | Chapter 2. Security Model |
| | | Section 2.1. Choosing a Security Model |
| | | Section 2.2. OCTAVE |
| | | Section 2.3. Build Asset-Based Threat Profiles |
| | | Section 2.4. Identify Infrastructure Vulnerabilities |
| | | Section 2.5. Evaluate Security Strategy and Plans |
| | | Section 2.6. Summary |
|
| | Chapter 3. Understanding Types of Attacks |
| | | Section 3.1. Sniffing and Port Scanning |
| | | Section 3.2. Exploits |
| | | Section 3.3. Spoofing |
| | | Section 3.4. Distributed Denial of Service Attacks |
| | | Section 3.5. Viruses and Worms |
| | | Section 3.6. Summary |
|
| | Chapter 4. Routing |
| | | Section 4.1. The Router on the Network |
| | | Section 4.2. The Basics |
| | | Section 4.3. Disabling Unused Services |
| | | Section 4.4. Redundancy |
| | | Section 4.5. Securing Routing Protocols |
| | | Section 4.6. Limit Access to Routers |
| | | Section 4.7. Change Default Passwords! |
| | | Section 4.8. Summary |
|
| | Chapter 5. Switching |
| | | Section 5.1. The Switch on the Network |
| | | Section 5.2. Multilayer Switching |
| | | Section 5.3. VLANs |
| | | Section 5.4. Spanning Tree |
| | | Section 5.5. MAC Addressing |
| | | Section 5.6. ARP Tables |
| | | Section 5.7. Restricting Access to Switches |
| | | Section 5.8. Summary |
|
| | Chapter 6. Authentication, Authorization, and Accounting |
| | | Section 6.1. Kerberos |
| | | Section 6.2. RADIUS |
| | | Section 6.3. TACACS+ |
| | | Section 6.4. Summary |
|
| | Chapter 7. Remote Access and VPNs |
| | | Section 7.1. VPN Solutions |
| | | Section 7.2. IP VPN Security |
| | | Section 7.3. Dial-In Security Access |
| | | Section 7.4. DSL and Cable VPN Security |
| | | Section 7.5. Encrypting Remote Sessions |
| | | Section 7.6. The VPN on the Network |
| | | Section 7.7. Summary |
|
| | Chapter 8. Wireless Wide Area Networks |
| | | Section 8.1. Wireless WAN Security Issues |
| | | Section 8.2. Spread Spectrum Technology |
| | | Section 8.3. Location |
| | | Section 8.4. Summary |
|
| | Chapter 9. Wireless Local Area Networks |
| | | Section 9.1. Access Point Security |
| | | Section 9.2. SSID |
| | | Section 9.3. WEP |
| | | Section 9.4. MAC Address Filtering |
| | | Section 9.5. RADIUS Authentication |
| | | Section 9.6. WLAN VPN |
| | | Section 9.7. 802.11i |
| | | Section 9.8. Summary |
|
| | Chapter 10. Firewalls and Intrusion Detection Systems |
| | | Section 10.1. The Purpose of the Firewall |
| | | Section 10.2. What a Firewall Cannot Do |
| | | Section 10.3. Types of Firewalls |
| | | Section 10.4. Layer 2 Firewalls |
| | | Section 10.5. Intrusion Detection Systems |
| | | Section 10.6. Summary |
|
| | Chapter 11. The DMZ |
| | | Section 11.1. DMZ Network Design |
| | | Section 11.2. Multiple DMZ Design |
| | | Section 11.3. DMZ Rule Sets |
| | | Section 11.4. Summary |
|
| | Chapter 12. Server Security |
| | | Section 12.1. General Server Security Guidelines |
| | | Section 12.2. Backups |
| | | Section 12.3. Web Server Security |
| | | Section 12.4. Mail Server Security |
| | | Section 12.5. Outsourcing |
| | | Section 12.6. Summary |
|
| | Chapter 13. DNS Security |
| | | Section 13.1. Securing Your Domain Name |
| | | Section 13.2. A Secure BIND Installation |
| | | Section 13.3. Limit Access to Domain Information |
| | | Section 13.4. DNS Outsourcing |
| | | Section 13.5. djbdns |
| | | Section 13.6. Summary |
|
| | Chapter 14. Workstation Security |
| | | Section 14.1. General Workstation Security Guidelines |
| | | Section 14.2. Virus and Worm Scanning |
| | | Section 14.3. Administrative Access |
| | | Section 14.4. Remote Login |
| | | Section 14.5. Summary |
|
| | Chapter 15. Managing Network Security |
| | | Section 15.1. Enforcing Security Policies |
| | | Section 15.2. Understanding Network Security Risks |
| | | Section 15.3. Avoiding Common Mistakes |
| | | Section 15.4. Summary |
|
| | Chapter 16. Monitoring |
| | | Section 16.1. What to Monitor |
| | | Section 16.2. SNMP |
| | | Section 16.3. Centralizing the Monitoring Process |
| | | Section 16.4. Summary |
|
| | Chapter 17. Logging |
| | | Section 17.1. Protecting Against Log-Altering Attacks |
| | | Section 17.2. Syslog Servers |
| | | Section 17.3. Sifting Through Logged Data |
| | | Section 17.4. Summary |
|
| | Chapter 18. Responding to an Attack |
| | | Section 18.1. Create a Response Chain of Command |
| | | Section 18.2. Take Notes and Gather Evidence |
| | | Section 18.3. Contain and Investigate the Problem |
| | | Section 18.4. Remove the Problem |
| | | Section 18.5. Contact Appropriate Parties |
| | | Section 18.6. Prepare a Postmortem |
| | | Section 18.7. Summary |
|