Index_I

I

IANA (Internet Assigned Numbers Authority), 15–16, 654

iclid tool, 612

ICMP. see Internet Control Message Protocol (ICMP)

icmp command (PIX firewalls), 295

ICMP flood attacks, 26

ICS (Internet Connection Sharing), 1006

Identification protocol (IDENT), 415–416

Identity NAT, 282–284

IDS. see Intrusion detection systems (IDS)

IGMP (Internet Group Management Protocol), 357–359

IIS. see Internet Information Services (IIS)

IKE. see Internet Key Exchange (IKE)

ILS. see Internet Locator Service (ILS) protocol

Images, IPSO

installing with newimage, 692–693

managing, 689–690

upgrading IPSO with, 690–692

Implied rule base

description, 518–519

viewing, 519

In-place encryption, 581

Inbound connections

allowing, 292–296

description, 246

Incoming Web Requests listeners, 1075, 1144–1147

Indicators, LED, 372

Information flow control policy, 243–244

Ingress filtering, 351

InitialPolicy script

effect of, 636

unloading, 625–626

Inline intrusion detection system (IDS), 1243–1244, 1259–1261

INMAP4 server, 1135

Insecurity, history of, 4–8

Inside interface, 302

Inspection

application, 311–313

DNS, 318–319

FTP, 316–317

H.323, 329–330

HTTP, 321–322, 337

ILS, 333

NetShow, 327

PIX, 332

reason for, 334

rsh, 323

RTSP, 324, 326

SCCP, 331

SIP, 331

SMTP, 320

SQL*Net, 328

VDO Live, 327

VoIP, 329

Installation

Exchange Server, 1128–1129

FireWall-1 NG FP3 enforcement modules, 721–726

FireWall-1 NG FP3 on Nokia IPSO, 769

IPSO operating system (Nokia), 652–653

ISA Server, 1127–1128

libpcap (from RPM), 1217

libpcap (from source), 1214–1215

Linux, 1216–1217

packages, Nokia, 683–687

SecuRemote client software, 596–598

security policies, 550–552

VPN-1/FireWall-1 NG on Nokia, 484–487

VPN-1/FireWall-1 NG on Solaris, 460–465

VPN-1/FireWall-1 NG on Windows, 435–444

see also Server, ISA, installation of; Snort installation

Integrity, 7

Intel Internet Phone, 330

interface command (PIX firewalls), 268–269

Interfaces—inside, outside, and DMZ, 58–60

Interfaces for IPSO

configuration, 674

status, 657–658

Interfaces for PIX

configuring, 268–269

features and capabilities, 370

numbering, 371

security levels, 246, 302

Interfaces of firewalls, 58–60

Internal security breaches, 31–32, 50

Internal users, 513

International Standards Organization (ISO), 243

Internet Assigned Numbers Authority (IANA), 15–16, 654

Internet Connection Sharing (ICS), 1006

Internet Control Message Protocol (ICMP)

ICMP-type object groups, 298

limitations, 591–592

message types, 287

names and numbers, 148

service object, 507–508

traffic, 295

types, rejecting, 147–148

Internet Group Management Protocol (IGMP), 357–359

Internet Information Services (IIS)

disabling services on ISA Server, 1032–1033

functionality, 983

incompatibilities with ISA, 873

Proxy Server 2.0, migrating from, 873

publishing to Internet:, 983–984

services with socket pooling, 1029–1030

SMTP service, publishing on ISA Server, 1108–1109

vulnerabilities, 6

Internet Key Exchange (IKE)

certificate, 739

configuring, 586

debugging, 591–592

description, 398–401

external-network considerations, 592

gateway parameters, 586–588

testing, 590–591

user authentication properties, 594–595

VPN rules, 588–590

Internet Locator Service (ILS) protocol, 333–334

Internet mailing lists and newsgroups, 1004–1005

Internet Protocol (IP)

Adaptive Security Algorithm (ASA), 247

addresses, running out of, 253

addressing, checking, 382–383

fragmented packets, 347–348

header fields, 247

pools, 570, 573–574, 590

Virtual IP (VIP) addresses, 727, 736–737, 753

Internet Security and Acceleration (ISA) Server 2000 (Microsoft)

administration, integrated, 882

administration, remote, 932–935

backing up and restoring, 987–991

bastion host configuration, 834

certificate server, publishing, 1100–1102

client configuration, 838–842

description, 70

DNS lookup zones, forward and reverse, 1122–1124

domain controllers, 981

enterprise initialization, 861–863

fault tolerance, 826–834

Firewall Service clients, 838–839

installing, 1127–1128

installing Windows 2000, 1119–1122

Internet connectivity, 842–844

IPsec (IP Security Protocol), 984–986

Local Address Table (LAT), 824–825

log files, 819, 917–921

mail services, configuring, 1107

memory, 817–818

multiprocessor support, 816–817

NAT32 incompatibility, 1006

Network Address Translation (NAT), 1006

Outlook Web Access (OWA), publishing, 1141–1142

permissions, object, 906–908

planning and design, 814–815

remote management, 934–935

reports, 922–932

requirements, 814–825

Routing and Remote Access Services (RRAS), 981–983

secure FTP connections using SSL, 1099–1100

services, disabling, 1151

services, restarting, 1153

sessions, monitoring, 915–916

SSL bridging, 947–955

SSL connection, terminating, 934–935

stand-alone, 860–868, 910, 933–934, 980–981

Sygate incompatibility, 1006

Terminal Services, installing, 935–938

vocabulary, 837–838

Windows NT 4.0, 987

see also Active Directory, ISA Server in; Alerts, ISA Server; Arrays, ISA Server; Customization, ISA Server; Management Console, ISA Server; Performance, ISA Server; Proxy Server 2.0, migrating from; Server, ISA, installation of; Server publishing rules; SMTP in ISA Server; Troubleshooting ISA Server; Web publishing rules

Internet Security Association and Key Management Protocol (ISAKMP). see Internet Key Exchange (IKE)

Internetworking Operating System (IOS) (Cisco), 243, 612

Interval between heartbeat checks, 521

Intruder motivations, 13–15

Intrusion detection systems (IDS)

company policy, monitoring, 123

database access, monitoring, 122

description, 112–114, 1184

distributed (DIDS), 115–116

DNS functions, monitoring, 123

e-mail servers, protecting, 123

firewalls, comparison with, 119–120

host-based (HIDS), 115

importance of, 118–119

inline, 1243–1244, 1259–1261

network-based (NIDS), 114, 1184

network policy, 1231–1235

on PIX firewalls, 1261–1267

policy-based, 1230–1231, 1235–1243

shunning, 1267

signatures, PIX IDS, 1262–1264

see also Snort

Intrusions, 117–118, 120–121

see also Attacks

IP. see Internet Protocol (IP)

ip address command (PIX firewalls), 269

IP addresses

adding, 654–656

deleting, 656

TCP/IPv4, 94–95

IP Firewall Accounting (IPFA) log tool, 207–208

IP forwarding

deploying, 132–133

enabling, 427–428

IP masquerading, 132–136

IP spoofing, 16–17, 173

IP Version 6 (IPv6) on Solaris

description, 222

hostname6.interface file, 222–223

ifconfig command, 227

in.ripngd program, 226–227

ipnodes file, 224

ndpd.conf file, 223–224

nsswitch.conf file, 224–225

setting up, 227–228

stopping, 228–229

Ipchains

description, 128

masquerading connections, 143–146

personal firewall example, 148

port redirection, 151

test packets, 177

Ipchains log tool, 207

IPFilter (Darren Reed), 70

Ipmeter log tool, 208

IPsec (IP Security Protocol), 252, 255–257, 396–404

IPSO operating system (Nokia)

administration, 611–613

backups, making, 701–704

backups, scheduled, 703

CLI Reference Guide, 654

Command Line Interface Shell (CLISH) tool, 654, 696

configuration sets, 700–701

DHCP, 611–613

duplex, 657

fault management configuration, 676

FireWall-1 compatibility, 616–617

FTP, securing, 670–671

FTP alternative, 669–670

gateway, default, 659–660

hosts table, 664–665

installation, 652–653

interface configuration, 674

interface status, 657–658

IP addresses, adding, 654–655, 654–656

IP addresses, deleting, 656

IPv6 configuration, 675

mail relay, 665

name server, 691

Network Time Protocol (NTP), 661–662

Nokia enterprise firewall appliances, 605

rebooting, 675, 682–683

restoring backups, 704–705

router services, 678

routing configuration, 676–677

Secure Socket Layer (SSL), 671–674

security configuration, 676

shutdown, 682–683

SNMP configuration, 675

speed, 657

system configuration, 674–675

system failure notification, 665–666

Telnet access, disabling, 669

time and date, 660–661

traffic management, 677–678

users, groups of, 696–699

versions, 690

Voyager's /config/active file, 656

see also Images, IPSO; Packages, Nokia; Secure Shell (SSH) configuration; System logging, IPSO; Virtual Router Redundancy Protocol (VRRP)

Iptables

description, 128

masquerading connections, 144–146

personal firewall example, 148–149

port redirection, 151

IPv4 flaws, 94

IPv6 configuration, 675

ISA. see Internet Security and Acceleration (ISA) Server 2000 (Microsoft)

ISAKMP. see Internet Key Exchange (IKE)

ISO (International Standards Organization), 243

ISS, 980, 1184