N



Index


[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z]

NAC (Network Admission Control), SDN 2nd 3rd 4th
name command (SSH)
     router hardening
named ACL (access control lists) 2nd
     adding/deleting entries 2nd 3rd
     reflexive ACL
NAPT [See PAT]
NASL (Nessus attack scripting language) 2nd
NAT 2nd
     application compatibility 2nd
     ESP protocol 2nd
     protocols, breaking
     routers 2nd
         configuring for 2nd
         viewing translation tables
NAT-T (NAT-Transversal)
     IPSec
NBAR (Network-Based Application Recognition) 2nd 3rd 4th
     footprints
     police command
     router performance
nc (Netcat) 2nd 3rd
NDiff differential scanning software 2nd
Nessus vulnerability scanner 2nd 3rd 4th 5th
     NASL 2nd
     plug-ins 2nd
Nessus vulnerability scanning software
Nestat
     transport layer troubleshooting 2nd 3rd
NetBIOS networks
     broadcasts, limiting
NetBIOS protocol (Windows)
     disabling 2nd
Netcat 2nd 3rd
Netfilter/IPTables
     input rules 2nd
     IPv6
     output rules 2nd 3rd
     state tables, example of 2nd
     stateful firewalls 2nd 3rd 4th 5th 6th
NetScanTools Pro
NetScreen firewall (Juniper Networks) 2nd
NetScreen-100 firewalls
    adversarial reviews
         determining attacker access 2nd 3rd 4th 5th 6th
     From DMZ rulebase 2nd
     incoming rulebase 2nd
     outgoing rulebase
     To DMZ rulebase
Netscreen-204 firewall (Juniper)
     rulebase for 2nd
NetSky worm
Netstat
     network layer troubleshooting 2nd
netstat -na command
     ports, listing 2nd
Netstumbler
     wardriving
     wireless network signal leakage, auditing
NetStumbler website
     backdoors
nettools.com Web site
nettworks
    VPN
         proprietary implementations
network architectures
    network performance
         broadcast domains 2nd
         OSPF
         RIP 2nd
         TCP/IP, MTU 2nd
         TCP/IP, socket buffer sizes 2nd
         TCP/IP, window sizes
         WAN 2nd
network bandwidth
     defining
network card teaming
network chokepoints, firewalls as
network connection monitoring utilities (host-based IDS)
     BlackICE 2nd
     PortSentry 2nd
network defense design, recommendations for 2nd
network devices
     secure perimeter design 2nd 3rd
network filtering
     routers
network filters
    network performance
         content filters 2nd
         packet filters 2nd
         proxy firewalls 2nd
         stateful firewalls 2nd
network IDS (intrusion detection systems)
    case studies
         networks with multiple external access points 2nd
         simple network infrastructures 2nd 3rd
         unrestricted network environments 2nd 3rd
     logs
     perimeter defense components, compatibility with
    roles of
         host attack detection 2nd
         incident handling
         weakness identification
         weakness identification, security auditing
         weakness identification, security policy violations 2nd
     sensors, deploying 2nd
         encrypted network traffic
         external networks 2nd
         firewalls 2nd
         high volume network traffic
         IDS management networks 2nd
         internal networks 2nd 3rd
         packet filters
         security maintenance 2nd
         spanning ports
         switches 2nd
     services
         distributed
         outsourced monitoring
     software 2nd
     versus host-based 2nd
network latency
     bandwidth availability
     defining 2nd
     gateway processing
     packet size
     ping command
     propagation
network layer
     troubleshooting 2nd
         ifconfig utility
         ipconfig utility 2nd
         Netstat 2nd
         ping utility
         Tcpdump
         Traceroute 2nd
network layer cryptography
     network performance 2nd
         VPN 2nd 3rd
network layer encryption
     VPN 2nd
network monitoring (perimeter security maintenance)
     alerts
     Big Brother software 2nd 3rd 4th
         defining hosts/procedures 2nd
         monitoring local system attributes 2nd 3rd
         network/remote service accessibility 2nd 3rd
     HP OpenView software 2nd
     procedures, establishing 2nd
         defining hosts/procedures 2nd 3rd
         monitoring local system attributes 2nd 3rd 4th 5th 6th
         network/remote service accessibility 2nd 3rd 4th
     remote monitoring security 2nd 3rd 4th 5th
Network Node Manager (OpenView) 2nd
network scanners
     fping utility
     pinger utility
     SuperScan 2nd
network security
    software architecture case studies
         customer feedback systems
         customer feedback systems, architecture recommendations
         customer feedback systems, software deployment locations 2nd
         Web-based online billing applications
         Web-based online billing applications, architecture recommendations 2nd
         Web-based online billing applications, software deployment locations 2nd
network security architectures
     evaluating
network security assessments
     exploitation phase
         penetration tests 2nd 3rd
     network service discovery phase 2nd
         service discovery
         service discovery, banner retrieval 2nd 3rd 4th
         service discovery, Nmap 2nd
         service discovery, system matrixes 2nd
         service discovery, Telnet 2nd
         system enumeration
         system enumeration, ICMP scans 2nd
         system enumeration, packet traces 2nd
         system enumeration, TCP/UDP packet scans 2nd
         technique risk levels
     perimeter device verification phase
         access control verification
         access control verification, firewall management 2nd
         access control verification, traffic restrictions 2nd 3rd
         assessment stations 2nd
         firewall validation 2nd
         listener stations 2nd
     planning phase
         assembling test resources
         assessment technique risk levels
         determining scope
         determining scope, assessment logistics
         determining scope, documentation
         written authorization
     reconnaissance phase
         determining IP address ranges
         DNS discovery 2nd
         organization-specific data searches 2nd
         organizational Web presences 2nd
         reverse lookups
         search engines 2nd
         sensitive information searches
         whois searches
     remote access phase
         VPN/remote proxies
         VPN/remote proxies, access controls 2nd
         VPN/remote proxies, authentication 2nd 3rd
         VPN/remote proxies, client restrictions 2nd
         VPN/remote proxies, encryption
         wardialing 2nd 3rd 4th
         wardriving 2nd 3rd
     results analysis/documentation phase 2nd 3rd
         best practices
         executive summaries 2nd 3rd
         introductions
         prioritizing findings by risk
     technique risk levels
     vulnerability discovery phase 2nd 3rd
         eEye Security Retina 2nd
         GFI LANguard Network Security Scanner 2nd 3rd 4th
         ISS Internet scanner 2nd 3rd 4th
         Nessus 2nd 3rd 4th 5th
         researching vulnerabilities 2nd
         technique risk levels
network security design
    adversarial reviews
         GIAC GCFW designs
     advesarial reviews 2nd
         deciding origin of attacks
         deciding what attacks to prevent
         determining attacker access 2nd 3rd
         determining attacker access, egress filters 2nd
         determining attacker access, external firewalls 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th
         determining attacker access, extranet servers 2nd 3rd
         determining attacker access, ingress filters 2nd
         determining attacker access, internal firewalls 2nd 3rd 4th 5th
         determining attacker access, No CDP Messages filter setting 2nd
         determining attacker access, No IP Directed Broadcasts filter setting
         determining attacker access, No IP Unreachable Messages filter setting
         determining attacker access, No Source Routing filter setting
         determining attacker access, public Web servers 2nd 3rd
         determining impact of misconfigurations/vulnerabilities 2nd
         determining impact of misconfigurations/vulnerabilities, external firewalls 2nd 3rd 4th 5th 6th 7th
         determining impact of misconfigurations/vulnerabilities, extranet servers 2nd
         determining impact of misconfigurations/vulnerabilities, internal firewalls 2nd 3rd 4th 5th 6th
         determining impact of misconfigurations/vulnerabilities, public Web servers 2nd
         determining impact of misconfigurations/vulnerabilities, routers 2nd 3rd 4th 5th
         determining maximum amount of network access 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
         determining maximum amount of network access, internal firewalls 2nd 3rd 4th 5th 6th 7th
         identifying additional security controls 2nd
     discovery process
network security designs
     attacks, hackers approach to
network service discovery phase (network security assessments) 2nd
     service discovery
         banner retrieval 2nd 3rd 4th
         Nmap 2nd
         system matrixes 2nd
         Telnet 2nd
     system enumeration
         ICMP scans 2nd
         packet traces 2nd
         TCP/UDP packet scans 2nd
     technique risk levels
network services, controlling
     deactivating services
         remote access services 2nd 3rd 4th
         resource-sharing services 2nd
     disabling NetBIOS protocol 2nd
     editing Unix files
     listing ports 2nd
network switches
     rate limiting
networks
    discovery of
         proxy firewalls 2nd
    HIPS
         advantages of
         challenges of
         custom application dynamic rule creation 2nd
         deployment recommendations, attacks 2nd
         deployment recommendations, document requirements/testing procedures
         deployment recommendations, role in defense-in-depth architectures
         deployment recommendations, software update installation
         deployment recommendations, update control policies
         false positives
         monitoring application behavior
         monitoring file integrity
         OS shims
         real world experience of
         system call interception
    internal
         complex e-commerce site case studies 2nd
         hiding 2nd
         role in defense in depth infrastructure
         role in defense in depth infrastructure, antivirus software
         role in defense in depth infrastructure, auditing 2nd
         role in defense in depth infrastructure, configuration management 2nd
         role in defense in depth infrastructure, host hardening 2nd
         role in defense in depth infrastructure, personal firewalls 2nd 3rd
    internal protected
         proxy firewalls
    log files
         analyzing 2nd
         analyzing, automating 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
         analyzing, developing feel for
         analyzing, finding fun in
         analyzing, firewall logs 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
         analyzing, IDS logs 2nd
         analyzing, keyword searches
         analyzing, router logs 2nd 3rd 4th
         analyzing, timestamps
         analyzing, UNIX
         characteristics of
         characteristics of, occasionally recorded information 2nd
         characteristics of, rarely recorded information 2nd
         characteristics of, regularly recorded information 2nd
         DNS requests
         event correlation
         general troubleshooting
         importance of
         incident handling 2nd
         intrusion detection
         TCP flags 2nd
         timestamps
         TTL
    NIPS
         ASIC 2nd
         chokepoint
         chokepoint devices
         chokepoint, firewalls 2nd 3rd 4th 5th 6th
         chokepoint, IDS plus something classification 2nd 3rd 4th 5th 6th 7th 8th 9th
         general-purpose CPU
         intelligent switches 2nd
         switch-type
         switch-type, deployment recommendations 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
         switch-type, detection capabilities
         switch-type, environmental anomaly analysis
         switch-type, evasion resistance
         switch-type, organizational policy enforcement
         switch-type, passive analysis 2nd
         switch-type, product development
         switch-type, protocol scrubbing
         switch-type, rate limiting
         switch-type, security 2nd
         switch-type, stability demands 2nd
         switch-type, throughput demands
         switch-type, TippingPoint UnityOne IPS 2nd
         switch-type, TopLauer Attack Mitigator
    nonswitched
         versus switched 2nd
    performance
         broadcast domains 2nd
         case studies, ISDN network connections 2nd
         case studies, satellite-based networks 2nd
         content filters 2nd
         DoS attacks, ICMP flooding 2nd 3rd 4th 5th 6th 7th
         DoS attacks, SYN flooding 2nd 3rd
         encryption
         encryption, hardware accelerators 2nd
         encryption, network layer cryptography 2nd 3rd 4th 5th
         encryption, public key cryptography
         encryption, router link encryption case study 2nd
         encryption, SSL Web server case study
         encryption, symmetric key cryptography 2nd
         encryption, transport layer cryptography 2nd 3rd
         load balancers 2nd 3rd
         load balancers, Layer 4 dispatchers 2nd
         load balancers, Layer 7 dispatchers 2nd
         OSPF
         packet filters 2nd
         proxy firewalls 2nd
         RIP 2nd
         stateful firewalls 2nd
         TCP/IP, ICMP messages 2nd
         TCP/IP, MTU 2nd
         TCP/IP, socket buffer sizes 2nd
         TCP/IP, window sizes
         WAN 2nd
     performance metrics
    performance, defining
         network bandwidth
         network latency 2nd 3rd
         response time
         throughput
     performance, importance in security 2nd
    private-only
         access lists, examples of 2nd 3rd 4th 5th
    screened subnet
         access lists, examples of 2nd 3rd 4th 5th 6th 7th
     SDN 2nd 3rd 4th
         NAC 2nd 3rd 4th
    security
         complex e-commerce site case studies 2nd 3rd 4th
    switched
         troubleshooting 2nd
         versus nonswitched networks 2nd
     VPN [See also remote desktop software]
         benefits of, cost effectiveness
         benefits of, deployment 2nd
         benefits of, security 2nd 3rd
         case study
         case study, IPSec 2nd 3rd
         case study, SSL 2nd
         case study, terminal servers 2nd 3rd
         Cisco router configurations, access list rules 2nd
         defining
         designing network security 2nd
         Diffie-Hellman asymmetric key encryption
         disadvantages of
         disadvantages of, implementation
         disadvantages of, Internet availability
         disadvantages of, packet overhead
         disadvantages of, processing overhead
         disadvantages of, troubleshooting
         encryption 2nd 3rd
         encryption, application layer
         encryption, network layer 2nd
         encryption, transport layer
         encryption, tunneling as 2nd 3rd
         handling compromised clients 2nd
         IPSec 2nd
         IPSec, AH protocol 2nd 3rd 4th 5th 6th 7th
         IPSec, client integration 2nd
         IPSec, configuration examples 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th
         IPSec, ESP protocol 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
         IPSec, IKE protocol 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
         IPSec, perimeter defenses 2nd 3rd
         IPSec, SA 2nd 3rd
         IPSec, SAD 2nd 3rd
         IPSec, server integration 2nd
         IPSec, SPD
         IPSec, transport mode 2nd
         IPSec, tunnel mode 2nd
         IPSec, tunneling mode
         IPSec, versus L2TP 2nd
         IPSec, wireless network security
         L2TP
         L2TP, versus IPSec 2nd
         L2TP, versus PPTP 2nd
         L2TP, Windows XP client software configuration example 2nd 3rd
         network layer cryptography 2nd 3rd
         network security assessments
         network security assessments, access controls 2nd
         network security assessments, authentication 2nd 3rd
         network security assessments, client restrictions 2nd
         network security assessments, encryption
         PPTP 2nd
         PPTP, Cisco PIX VPDN configuration example 2nd 3rd 4th
         PPTP, versus L2TP 2nd
         proxy firewalls
         remote connectivity, determining type of 2nd
         requirements of, authentication
         requirements of, confidentiality
         requirements of, data integrity 2nd
         SSH, file transfers
         SSH, port forwarding
         SSH, standard connections 2nd 3rd 4th
         SSH, tunneling 2nd 3rd 4th 5th 6th
         SSH, vulnerabilities of 2nd
         SSL
         SSL, OWA 2nd
         SSL, perimeter defenses
         SSL, proxy servers 2nd 3rd
         SSL, SSL tunneling 2nd 3rd
         SSL, standard connections 2nd 3rd 4th 5th 6th 7th 8th 9th
         SSL, uses of 2nd
         tunneling 2nd
         tunneling, as encryption 2nd 3rd
         tunneling, packets
         wireless network security
     wireless
         AP
         AP, FakeAP
         AP, hardening 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th
         AP, segmenting
         AP, VLAN 2nd
         AP, warchalking
         AP, wardriving
         defense in depth strategies, host defenses
         defense in depth strategies, VPN/IPSec
         designing
         designing, auditing network controls
         designing, auditing signal leakage 2nd
         designing, case studies 2nd 3rd 4th 5th
         designing, network separation 2nd 3rd 4th 5th 6th 7th 8th 9th
         designing, signal leakage
         designing, WDoS defense 2nd
         infrastructure mode
         types of, 802.11a
         types of, 802.11b
         types of, 802.11g
         wireless encryption
         wireless encryption, auditing 2nd 3rd
         wireless encryption, EAP-TLS 2nd 3rd
         wireless encryption, implementing 2nd
         wireless encryption, LEAP 2nd 3rd 4th
         wireless encryption, PEAP 2nd 3rd
         wireless encryption, TinyPEAP
         wireless encryption, WEP 2nd
         wireless encryption, WPA protocol 2nd 3rd 4th
newsletters
     patch notifications
NFR BackOfficer Friendly personal firewall
NFR Sentivist 2nd
NFS (Network File System) services
    daemons
         deactivating 2nd
     RPC services
NIDS (network-based intrusion detection systems)
     defining 2nd
NIDS (network-based intrustion detection systems)
     perimeter defense, role in
Nimda worm
     defense in depth case study 2nd
     signature of 2nd
Nimda worms [See also script kiddies]
NIPS (network intrusion prevention systems)
     ASIC 2nd
     chokepoint
         firewalls 2nd
         firewalls, Check Point Firewall-1 NG 2nd
         firewalls, modwall 2nd
         IDS plus something classification
         IDS plus something classification, HogWash
         IDS plus something classification, IntruShield 2nd
         IDS plus something classification, LaBrea Technologies Sentry 2nd
         IDS plus something classification, NFR Sentivist 2nd
         IDS plus something classification, Snort-Inline
     chokepoint devices
     general-purpose CPU
     intelligent switches 2nd
     switch-type
         deployment recommendations
         deployment recommendations, auto-update mechanisms 2nd
         deployment recommendations, budgeting for
         deployment recommendations, change-management mechanisms
         deployment recommendations, documenting use/functionality 2nd
         deployment recommendations, identifying false positive/false negative test procedures
         deployment recommendations, NIPS/NIDS combinations
         deployment recommendations, report-only mode product reviews
         detection capabilities
         environmental anomaly analysis
         evasion resistance
         latency requirements
         organizational policy enforcement
         passive analysis 2nd
         product development
         protocol scrubbing
         rate limiting
         security 2nd
         stability demands
         throughput demands
         TippingPoint UnityOne IPS 2nd
         topLayer Attack Mitigator
Nmap
     ACK scans
     FIN scans
     frag option
     ICMP scans
     network security assessments 2nd
     NULL scans
     SYN scans
     version scans 2nd
Nmap ACK scans 2nd
Nmap host/port location scanning software
     NDiff differential scanners 2nd
NNM (Network Node Manager) 2nd
NNTP (Network News Transfer Protocol)
     vulnerabilities of 2nd
No CDP Messages filter setting
    adversarial reviews
         determining attacker access 2nd
No IP Directed Broadcasts filter setting
    adversarial reviews
         determining attacker access
No IP Unreachable Messages filter setting
    adversarial reviews
         determining attacker access
no password command (Telnet)
No Source Routing filter setting
    adversarial reviews
         determining attacker access
Nokia IP330 firewalls
     adversarial reviews 2nd 3rd
     rulebases 2nd
Nokia IP350
     rulebase for
Nokia IP440 firewalls
    adversarial reviews
         determining attacker access 2nd
nonswitched networks
     versus switched networks 2nd
nontransparent proxy firewalls
     request handling
Norton Personal Firewall logs, analyzing 2nd
Norton Personal firewalls 2nd 3rd
noshell utility (UNIX)
     user accounts, deactivating 2nd
notifications (incident response) 2nd
NSlookup 2nd 3rd
nslookup command
     DNS discovery
NSS (Network Name Switches)
NTFS (Windows)
     file permnissions, restricting
NTP (Network Time Protocol)
     router configuration/authentication 2nd 3rd
NULL scans
     Nmap
null sessions
     limiting 2nd
numbered ACL (access control lists)



Inside Network Perimeter Security
Inside Network Perimeter Security (2nd Edition)
ISBN: 0672327376
EAN: 2147483647
Year: 2005
Pages: 230

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net