List of Tables

Chapter 2: Firewall Concepts

Table 2.1: Firewall Vendors and Types

Chapter 3: DMZ Concepts, Layout, and Conceptual Design

Table 3.1: DMZ Definitions

Table 3.2: Pros and Cons of Basic DMZ Designs

Table 3.3: Protocols with Known Weaknesses

Table 3.4: Private IP Address Ranges

Table 3.5: Common Ports to Block

Chapter 4: Introduction to Intrusion Detection Systems

Table 4.1: Comparing Firewalls and IDS

Chapter 5: Implementing a Firewall with Ipchains and Iptables

Table 5.1: Default Tables and Chains

Table 5.2: Common Ipchains and Iptables Targets

Table 5.3: Ipchains Masquerading Modules

Table 5.4: Iptables Masquerading Modules

Table 5.5: Common ICMP Names and Numbers

Table 5.6: ToS Field Options

Chapter 6: Maintaining Open Source Firewalls

Table 6.1: Netcat Options

Table 6.2: SendIP Options

Table 6.3: fwlogwatch Modes

Table 6.4: fwlogwatch Options

Table 6.5: Additional Logging Tools

Chapter 8: Introduction to PIX Firewalls

Table 8.1: PIX Model Characteristics

Table 8.2: PIX Password Recovery Binaries

Table 8.3: Basic Keystroke Shortcuts

Table 8.4: Hardware Speed Types for the interface Command

Chapter 9: Passing Traffic

Table 9.1: Literal Protocol Names and Values

Table 9.2: Literal Port Names and Values

Table 9.3: ICMP Message Types

Chapter 10: Advanced PIX Configurations

Table 10.1: Application Inspection Features of Cisco PIX Firewall v6.2

Table 10.2: Number of Clients Supported by the PIX DHCP Server

Chapter 11: Troubleshooting and Performance Monitoring

Table 11.1: PIX Firewall Model Features and Capabilities

Table 11.2: Cable Troubleshooting Checklist

Table 11.3: PIX Firewall Model Features and Capabilities

Table 11.4: Logging Levels

Table 11.5: Process Operating States

Table 11.6: Values in the show perfmon Command

Chapter 12: Installing and Configuring VPN-1/FireWall-1 Next Generation

Table 12.1: Minimum System Requirements

Table 12.2: newimage Command Line Arguments

Table 12.3: newpkg Command Line Arguments

Chapter 13: Using the Graphical Interface

Table 13.1: Configuration Matrix

Table 13.2: Dynamic_Objects Command Options

Table 13.3: ICMP Codes

Chapter 14: Creating a Security Policy

Table 14.1: Categories of Security Controls

Chapter 15: Advanced Configurations

Table 15.1: cphaprob Command Options

Chapter 16: Configuring Virtual Private Networks

Table 16.1: Check Point Encryption Algorithms

Table 16.2: VPN Ports and Protocols

Chapter 18: Configuring the Check Point Firewall

Table 18.1: FireWall-1/IPSO Compatibility

Table 18.2: Default Filters in $FWDIR/lib

Table 18.3: fw fetch Syntax

Chapter 19: Introducing the Voyager Web Interface

Table 19.1: SSHD Server Options

Chapter 20: Basic System Administration

Table 20.1: newpkg Command-Line Arguments

Table 20.2: newimage Command-Line Arguments

Chapter 22: ISA Server Deployment Planning and Design

Table 22.1: ISA Server Processor Requirements

Table 22.2: ISA Server RAM Requirements

Table 22.3: ISA Server Disk Space Requirements

Table 22.4: Comparing Firewall and Cache Mode Features

Table 22.5: Recommended Roles for ISA Server Modes

Table 22.6: Comparing ISA Server Client Features

Chapter 23: ISA Server Installation

Table 23.1: Permissions Required to Install ISA Server and Components

Table 23.2: The "Use Array Policy Only" Effect on Migration from Proxy Server 2.0

Table 23.3: The "Use Enterprise Policy Only" Effect on Migration from Proxy Server 2.0

Table 23.4: The "Use Enterprise and Array Policy" Effect on Migration from Proxy Server 2.0

Table 23.5: Translating Proxy Server 2.0 to ISA Server

Chapter 24: Managing ISA Server

Table 24.1: Log Field Options: Packet Filters

Table 24.2: Log Field Options: Firewall Service

Chapter 28: Protecting Mail Services with ISA Server

Table 28.1: Packet Filters for Exchange Services Publishing

Chapter 29: Introducing Snort

Table 29.1: Useful Snort Add-Ons

Table 29.2: Basic Snort Options for Packet Sniffing and Logging

Table 29.2: Snort's Vulnerabilities to Date

Chapter 31: Combining Firewalls and IDS

Table 31.1: Windows 2000 Server Ports

Table 31.2: File Server Communication Ports

Table 31.3: Software Required for an Inline Mode Installation of Snort

Table 31.4: Web Resources

Table 31.5: PIX IDS Signatures