|
IANA (Internet Assigned Numbers Authority), 15–16, 654
iclid tool, 612
ICMP. see Internet Control Message Protocol (ICMP)
icmp command (PIX firewalls), 295
ICMP flood attacks, 26
ICS (Internet Connection Sharing), 1006
Identification protocol (IDENT), 415–416
Identity NAT, 282–284
IDS. see Intrusion detection systems (IDS)
IGMP (Internet Group Management Protocol), 357–359
IIS. see Internet Information Services (IIS)
IKE. see Internet Key Exchange (IKE)
ILS. see Internet Locator Service (ILS) protocol
Images, IPSO
installing with newimage, 692–693
managing, 689–690
upgrading IPSO with, 690–692
Implied rule base
description, 518–519
viewing, 519
In-place encryption, 581
Inbound connections
allowing, 292–296
description, 246
Incoming Web Requests listeners, 1075, 1144–1147
Indicators, LED, 372
Information flow control policy, 243–244
Ingress filtering, 351
InitialPolicy script
effect of, 636
unloading, 625–626
Inline intrusion detection system (IDS), 1243–1244, 1259–1261
INMAP4 server, 1135
Insecurity, history of, 4–8
Inside interface, 302
Inspection
application, 311–313
DNS, 318–319
FTP, 316–317
H.323, 329–330
HTTP, 321–322, 337
ILS, 333
NetShow, 327
PIX, 332
reason for, 334
rsh, 323
RTSP, 324, 326
SCCP, 331
SIP, 331
SMTP, 320
SQL*Net, 328
VDO Live, 327
VoIP, 329
Installation
Exchange Server, 1128–1129
FireWall-1 NG FP3 enforcement modules, 721–726
FireWall-1 NG FP3 on Nokia IPSO, 769
IPSO operating system (Nokia), 652–653
ISA Server, 1127–1128
libpcap (from RPM), 1217
libpcap (from source), 1214–1215
Linux, 1216–1217
packages, Nokia, 683–687
SecuRemote client software, 596–598
security policies, 550–552
VPN-1/FireWall-1 NG on Nokia, 484–487
VPN-1/FireWall-1 NG on Solaris, 460–465
VPN-1/FireWall-1 NG on Windows, 435–444
see also Server, ISA, installation of; Snort installation
Integrity, 7
Intel Internet Phone, 330
interface command (PIX firewalls), 268–269
Interfaces—inside, outside, and DMZ, 58–60
Interfaces for IPSO
configuration, 674
status, 657–658
Interfaces for PIX
configuring, 268–269
features and capabilities, 370
numbering, 371
security levels, 246, 302
Interfaces of firewalls, 58–60
Internal security breaches, 31–32, 50
Internal users, 513
International Standards Organization (ISO), 243
Internet Assigned Numbers Authority (IANA), 15–16, 654
Internet Connection Sharing (ICS), 1006
Internet Control Message Protocol (ICMP)
ICMP-type object groups, 298
limitations, 591–592
message types, 287
names and numbers, 148
service object, 507–508
traffic, 295
types, rejecting, 147–148
Internet Group Management Protocol (IGMP), 357–359
Internet Information Services (IIS)
disabling services on ISA Server, 1032–1033
functionality, 983
incompatibilities with ISA, 873
Proxy Server 2.0, migrating from, 873
publishing to Internet:, 983–984
services with socket pooling, 1029–1030
SMTP service, publishing on ISA Server, 1108–1109
vulnerabilities, 6
Internet Key Exchange (IKE)
certificate, 739
configuring, 586
debugging, 591–592
description, 398–401
external-network considerations, 592
gateway parameters, 586–588
testing, 590–591
user authentication properties, 594–595
VPN rules, 588–590
Internet Locator Service (ILS) protocol, 333–334
Internet mailing lists and newsgroups, 1004–1005
Internet Protocol (IP)
Adaptive Security Algorithm (ASA), 247
addresses, running out of, 253
addressing, checking, 382–383
fragmented packets, 347–348
header fields, 247
pools, 570, 573–574, 590
Virtual IP (VIP) addresses, 727, 736–737, 753
Internet Security and Acceleration (ISA) Server 2000 (Microsoft)
administration, integrated, 882
administration, remote, 932–935
backing up and restoring, 987–991
bastion host configuration, 834
certificate server, publishing, 1100–1102
client configuration, 838–842
description, 70
DNS lookup zones, forward and reverse, 1122–1124
domain controllers, 981
enterprise initialization, 861–863
fault tolerance, 826–834
Firewall Service clients, 838–839
installing, 1127–1128
installing Windows 2000, 1119–1122
Internet connectivity, 842–844
IPsec (IP Security Protocol), 984–986
Local Address Table (LAT), 824–825
log files, 819, 917–921
mail services, configuring, 1107
memory, 817–818
multiprocessor support, 816–817
NAT32 incompatibility, 1006
Network Address Translation (NAT), 1006
Outlook Web Access (OWA), publishing, 1141–1142
permissions, object, 906–908
planning and design, 814–815
remote management, 934–935
reports, 922–932
requirements, 814–825
Routing and Remote Access Services (RRAS), 981–983
secure FTP connections using SSL, 1099–1100
services, disabling, 1151
services, restarting, 1153
sessions, monitoring, 915–916
SSL bridging, 947–955
SSL connection, terminating, 934–935
stand-alone, 860–868, 910, 933–934, 980–981
Sygate incompatibility, 1006
Terminal Services, installing, 935–938
vocabulary, 837–838
Windows NT 4.0, 987
see also Active Directory, ISA Server in; Alerts, ISA Server; Arrays, ISA Server; Customization, ISA Server; Management Console, ISA Server; Performance, ISA Server; Proxy Server 2.0, migrating from; Server, ISA, installation of; Server publishing rules; SMTP in ISA Server; Troubleshooting ISA Server; Web publishing rules
Internet Security Association and Key Management Protocol (ISAKMP). see Internet Key Exchange (IKE)
Internetworking Operating System (IOS) (Cisco), 243, 612
Interval between heartbeat checks, 521
Intruder motivations, 13–15
Intrusion detection systems (IDS)
company policy, monitoring, 123
database access, monitoring, 122
description, 112–114, 1184
distributed (DIDS), 115–116
DNS functions, monitoring, 123
e-mail servers, protecting, 123
firewalls, comparison with, 119–120
host-based (HIDS), 115
importance of, 118–119
inline, 1243–1244, 1259–1261
network-based (NIDS), 114, 1184
network policy, 1231–1235
on PIX firewalls, 1261–1267
policy-based, 1230–1231, 1235–1243
shunning, 1267
signatures, PIX IDS, 1262–1264
see also Snort
Intrusions, 117–118, 120–121
see also Attacks
IP. see Internet Protocol (IP)
ip address command (PIX firewalls), 269
IP addresses
adding, 654–656
deleting, 656
TCP/IPv4, 94–95
IP Firewall Accounting (IPFA) log tool, 207–208
IP forwarding
deploying, 132–133
enabling, 427–428
IP masquerading, 132–136
IP spoofing, 16–17, 173
IP Version 6 (IPv6) on Solaris
description, 222
hostname6.interface file, 222–223
ifconfig command, 227
in.ripngd program, 226–227
ipnodes file, 224
ndpd.conf file, 223–224
nsswitch.conf file, 224–225
setting up, 227–228
stopping, 228–229
Ipchains
description, 128
masquerading connections, 143–146
personal firewall example, 148
port redirection, 151
test packets, 177
Ipchains log tool, 207
IPFilter (Darren Reed), 70
Ipmeter log tool, 208
IPsec (IP Security Protocol), 252, 255–257, 396–404
IPSO operating system (Nokia)
administration, 611–613
backups, making, 701–704
backups, scheduled, 703
CLI Reference Guide, 654
Command Line Interface Shell (CLISH) tool, 654, 696
configuration sets, 700–701
DHCP, 611–613
duplex, 657
fault management configuration, 676
FireWall-1 compatibility, 616–617
FTP, securing, 670–671
FTP alternative, 669–670
gateway, default, 659–660
hosts table, 664–665
installation, 652–653
interface configuration, 674
interface status, 657–658
IP addresses, adding, 654–655, 654–656
IP addresses, deleting, 656
IPv6 configuration, 675
mail relay, 665
name server, 691
Network Time Protocol (NTP), 661–662
Nokia enterprise firewall appliances, 605
rebooting, 675, 682–683
restoring backups, 704–705
router services, 678
routing configuration, 676–677
Secure Socket Layer (SSL), 671–674
security configuration, 676
shutdown, 682–683
SNMP configuration, 675
speed, 657
system configuration, 674–675
system failure notification, 665–666
Telnet access, disabling, 669
time and date, 660–661
traffic management, 677–678
users, groups of, 696–699
versions, 690
Voyager's /config/active file, 656
see also Images, IPSO; Packages, Nokia; Secure Shell (SSH) configuration; System logging, IPSO; Virtual Router Redundancy Protocol (VRRP)
Iptables
description, 128
masquerading connections, 144–146
personal firewall example, 148–149
port redirection, 151
IPv4 flaws, 94
IPv6 configuration, 675
ISA. see Internet Security and Acceleration (ISA) Server 2000 (Microsoft)
ISAKMP. see Internet Key Exchange (IKE)
ISO (International Standards Organization), 243
ISS, 980, 1184
|