Inside Network Perimeter Security (2nd Edition)
Inside Network Perimeter Security (2nd Edition)
ISBN: 0672327376
EAN: 2147483647
EAN: 2147483647
Year: 2005
Pages: 230
Pages: 230
- Inside Network Perimeter Security
- Table of Contents
- Copyright
- About the Authors
- About the Technical Editors
- Acknowledgments
- We Want to Hear from You
- Reader Services
- Preface
- Rickety Planes
- Fires in the West
- Rapid Advances in Technology
- Decline in Personal Service
- Continuous Inspections
- Defense in Depth
- Core Business Sector
- Introduction
- Who Should Read This Book
- Why We Created This Book s Second Edition
- Overview of the Book s Contents
- Conventions
- Part I: The Essentials of Network Perimeter Security
- Chapter 1. Perimeter Security Fundamentals
- Terms of the Trade
- Defense in Depth
- Case Study: Defense in Depth in Action
- Summary
- Chapter 2. Packet Filtering
- TCPIP Primer: How Packet Filtering Works
- TCP and UDP Ports
- TCP s Three-way Handshake
- The Cisco Router as a Packet Filter
- An Alternative Packet Filter: IPChains
- The Cisco ACL
- Effective Uses of Packet-Filtering Devices
- Egress Filtering
- Tracking Rejected Traffic
- Problems with Packet Filters
- Dynamic Packet Filtering and the Reflexive Access List
- Summary
- References
- Chapter 3. Stateful Firewalls
- How a Stateful Firewall Works
- The Concept of State
- Stateful Filtering and Stateful Inspection
- Summary
- References
- Chapter 4. Proxy Firewalls
- Fundamentals of Proxying
- Pros and Cons of Proxy Firewalls
- Types of Proxies
- Tools for Proxying
- Summary
- Chapter 5. Security Policy
- Firewalls Are Policy
- How to Develop Policy
- Perimeter Considerations
- Summary
- References
- Part II: Fortifying the Security Perimeter
- Chapter 6. The Role of a Router
- The Router as a Perimeter Device
- The Router as a Security Device
- Router Hardening
- Summary
- Chapter 7. Virtual Private Networks
- VPN Basics
- Advantages and Disadvantages of VPNs
- IPSec Basics
- Other VPN Protocols: PPTP and L2TP
- Summary
- References
- Chapter 8. Network Intrusion Detection
- Network Intrusion Detection Basics
- The Roles of Network IDS in a Perimeter Defense
- IDS Sensor Placement
- Case Studies
- Summary
- Chapter 9. Host Hardening
- The Need for Host Hardening
- Removing or Disabling of Unnecessary Programs
- Limiting Access to Data and Configuration Files
- Controlling User and Privileges
- Maintaining Host Security Logs
- Applying Patches
- Additional Hardening Guidelines
- Summary
- Chapter 10. Host Defense Components
- Hosts and the Perimeter
- Antivirus Software
- Host-Based Firewalls
- Host-Based Intrusion Detection
- Challenges of Host Defense Components
- Summary
- References
- Chapter 11. Intrusion Prevention Systems
- Rapid Changes in the Marketplace
- What Is IPS?
- IPS Limitations
- NIPS
- Host-Based Intrusion Prevention Systems
- Summary
- Part III: Designing a Secure Network Perimeter
- Chapter 12. Fundamentals of Secure Perimeter Design
- Gathering Design Requirements
- Design Elements for Perimeter Security
- Summary
- References
- Chapter 13. Separating Resources
- Security Zones
- Common Design Elements
- VLAN-Based Separation
- Summary
- References
- Chapter 14. Wireless Network Security
- 802.11 Fundamentals
- Securing Wireless Networks
- Auditing Wireless Security
- Case Study: Effective Wireless Architecture
- Summary
- References
- Chapter 15. Software Architecture
- Software Architecture and Network Defense
- How Software Architecture Affects Network Defense
- Software Component Placement
- Identifying Potential Software Architecture Issues
- Software Testing
- Network Defense Design Recommendations
- Case Study: Customer Feedback System
- Case Study: Web-Based Online Billing Application
- Summary
- References
- Chapter 16. VPN Integration
- Secure Shell
- Secure Sockets Layer
- Remote Desktop Solutions
- IPSec
- Other VPN Considerations
- VPN Design Case Study
- Summary
- References
- Chapter 17. Tuning the Design for Performance
- Performance and Security
- Network Security Design Elements That Impact Performance
- Impact of Encryption
- Using Load Balancing to Improve Performance
- Mitigating the Effects of DoS Attacks
- Summary
- References
- Chapter 18. Sample Designs
- Review of Security Design Criteria
- Case Studies. (linksys router cisco vpn)
- Summary
- Part IV: Maintaining and Monitoring Perimeter Security
- Chapter 19. Maintaining a Security Perimeter
- System and Network Monitoring
- Incident Response
- Accommodating Change
- Summary
- References
- Chapter 20. Network Log Analysis
- The Importance of Network Log Files
- Log Analysis Basics
- Analyzing Router Logs
- Analyzing Network Firewall Logs
- Analyzing Host-Based Firewall and IDS Logs
- Summary
- Chapter 21. Troubleshooting Defense Components
- The Process of Troubleshooting
- Troubleshooting Rules of Thumb
- The Troubleshooter s Toolbox
- Summary
- References
- Chapter 22. Assessment Techniques
- Roadmap for Assessing the Security of Your Network
- Planning
- Reconnaissance
- Network Service Discovery
- Vulnerability Discovery
- Verification of Perimeter Components
- Remote Access
- Exploitation
- Results Analysis and Documentation
- Summary
- Chapter 23. Design Under Fire
- The Hacker Approach to Attacking Networks
- Adversarial Review
- GIAC GCFW Student Practical Designs
- Summary
- References
- Chapter 24. A Unified Security Perimeter: The Importance of Defense in Depth
- Castles: An Example of Defense-in-Depth Architecture
- Absorbent Perimeters
- Defense in Depth with Information
- Summary
- Part V: Appendixes
- Appendix A. Cisco Access List Sample Configurations
- Complete Access List for a Private-Only Network
- Complete Access List for a Screened Subnet Network That Allows Public Server Internet Access
- Example of a Router Configuration as Generated by the Cisco Auto Secure Feature
- Appendix B. Crypto 101
- Encryption Algorithms
- References
- Index
- SYMBOL
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- Z
Inside Network Perimeter Security (2nd Edition)
ISBN: 0672327376
EAN: 2147483647
EAN: 2147483647
Year: 2005
Pages: 230
Pages: 230