Table of Contents | Inside Network Perimeter Security (2nd Edition)



•	Table of Contents
•	Index

Inside Network Perimeter Security
By Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent, Ronald W. Ritchey

Publisher	: Sams Publishing
Pub Date	: March 04, 2005
ISBN	: 0-672-32737-6
Pages	: 768

About the Authors

About the Technical Editors

Acknowledgments

We Want to Hear from You!

Reader Services

Preface

Rickety Planes

Fires in the West

Rapid Advances in Technology

Decline in Personal Service

Continuous Inspections

Defense in Depth

Core Business Sector

Introduction

Who Should Read This Book

Why We Created This Book's Second Edition

Overview of the Book's Contents

Conventions

Part I: The Essentials of Network Perimeter Security

Chapter 1. Perimeter Security Fundamentals

Terms of the Trade

Defense in Depth

Case Study: Defense in Depth in Action

Summary

Chapter 2. Packet Filtering

TCP/IP Primer: How Packet Filtering Works

TCP and UDP Ports

TCP's Three-way Handshake

The Cisco Router as a Packet Filter

An Alternative Packet Filter: IPChains

The Cisco ACL

Effective Uses of Packet-Filtering Devices

Egress Filtering

Tracking Rejected Traffic

Problems with Packet Filters

Dynamic Packet Filtering and the Reflexive Access List

Summary

References

Chapter 3. Stateful Firewalls

How a Stateful Firewall Works

The Concept of State

Stateful Filtering and Stateful Inspection

Summary

References

Chapter 4. Proxy Firewalls

Fundamentals of Proxying

Pros and Cons of Proxy Firewalls

Types of Proxies

Tools for Proxying

Summary

Chapter 5. Security Policy

Firewalls Are Policy

How to Develop Policy

Perimeter Considerations

Summary

References

Part II: Fortifying the Security Perimeter

Chapter 6. The Role of a Router

The Router as a Perimeter Device

The Router as a Security Device

Router Hardening

Summary

Chapter 7. Virtual Private Networks

VPN Basics

Advantages and Disadvantages of VPNs

IPSec Basics

Other VPN Protocols: PPTP and L2TP

Summary

References

Chapter 8. Network Intrusion Detection

Network Intrusion Detection Basics

The Roles of Network IDS in a Perimeter Defense

IDS Sensor Placement

Case Studies

Summary

Chapter 9. Host Hardening

The Need for Host Hardening

Removing or Disabling of Unnecessary Programs

Limiting Access to Data and Configuration Files

Controlling User and Privileges

Maintaining Host Security Logs

Applying Patches

Additional Hardening Guidelines

Summary

Chapter 10. Host Defense Components

Hosts and the Perimeter

Antivirus Software

Host-Based Firewalls

Host-Based Intrusion Detection

Challenges of Host Defense Components

Summary

References

Chapter 11. Intrusion Prevention Systems

Rapid Changes in the Marketplace

What Is IPS?

IPS Limitations

NIPS

Host-Based Intrusion Prevention Systems

Summary

Part III: Designing a Secure Network Perimeter

Chapter 12. Fundamentals of Secure Perimeter Design

Gathering Design Requirements

Design Elements for Perimeter Security

Summary

References

Chapter 13. Separating Resources

Security Zones

Common Design Elements

VLAN-Based Separation

Summary

References

Chapter 14. Wireless Network Security

802.11 Fundamentals

Securing Wireless Networks

Auditing Wireless Security

Case Study: Effective Wireless Architecture

Summary

References

Chapter 15. Software Architecture

Software Architecture and Network Defense

How Software Architecture Affects Network Defense

Software Component Placement

Identifying Potential Software Architecture Issues

Software Testing

Network Defense Design Recommendations

Case Study: Customer Feedback System

Case Study: Web-Based Online Billing Application

Summary

References

Chapter 16. VPN Integration

Secure Shell

Secure Sockets Layer

Remote Desktop Solutions

IPSec

Other VPN Considerations

VPN Design Case Study

Summary

References

Chapter 17. Tuning the Design for Performance

Performance and Security

Network Security Design Elements That Impact Performance

Impact of Encryption

Using Load Balancing to Improve Performance

Mitigating the Effects of DoS Attacks

Summary

References

Chapter 18. Sample Designs

Review of Security Design Criteria

Case Studies

Summary

Part IV: Maintaining and Monitoring Perimeter Security

Chapter 19. Maintaining a Security Perimeter

System and Network Monitoring

Incident Response

Accommodating Change

Summary

References

Chapter 20. Network Log Analysis

The Importance of Network Log Files

Log Analysis Basics

Analyzing Router Logs

Analyzing Network Firewall Logs

Analyzing Host-Based Firewall and IDS Logs

Summary

Chapter 21. Troubleshooting Defense Components

The Process of Troubleshooting

Troubleshooting Rules of Thumb

The Troubleshooter's Toolbox

Summary

References

Chapter 22. Assessment Techniques

Roadmap for Assessing the Security of Your Network

Planning

Reconnaissance

Network Service Discovery

Vulnerability Discovery

Verification of Perimeter Components

Remote Access

Exploitation

Results Analysis and Documentation

Summary

Chapter 23. Design Under Fire

The Hacker Approach to Attacking Networks

Adversarial Review

GIAC GCFW Student Practical Designs

Summary

References

Chapter 24. A Unified Security Perimeter: The Importance of Defense in Depth

Castles: An Example of Defense-in-Depth Architecture

Absorbent Perimeters

Defense in Depth with Information

Summary

Part V: Appendixes

Appendix A. Cisco Access List Sample Configurations

Complete Access List for a Private-Only Network

Complete Access List for a Screened Subnet Network That Allows Public Server Internet Access

Example of a Router Configuration as Generated by the Cisco Auto Secure Feature

Appendix B. Crypto 101

Encryption Algorithms

References

Index