List of Figures

Team-Fly

Chapter 2: TCP/IP Networking

Figure 2.1: The organizations and technical bodies that are engaged in Internet standardization.

Figure 2.2: The two-dimensional classification scheme for Internet specifications.

Figure 2.3: The Internet model and its four layers.

Figure 2.4: The format of an IP header (IPv4).

Figure 2.5: The IPv6 header format.

Figure 2.6: The TCP header format.

Figure 2.7: The TCP/IP three-way handshake connection establishment protocol

Figure 2.8: The UDP header format

Chapter 3: Attacks

Figure 3.1: A passive attack threatens the confidentiality of data being transmitted.

Figure 3.2: An active attack threatens the integrity or availability of data being transmitted.

Figure 3.3: A configuration to illustrate the sequence number guessing attack

Chapter 5: Cryptographic Techniques

Figure 5.1: An iterative cryptographic hash function

Figure 5.2: A secret key cryptosystem

Figure 5.3: A public key cryptosystem

Figure 5.4: An encrypted message for one and four recipients (without digital envelopes)

Figure 5.5: An encrypted message for one and four recipients (with digital envelopes)

Chapter 7: Overview

Figure 7.1: Tradeoff between the accessibility and security of intranet resources

Chapter 8: Packet Filtering

Figure 8.1: The Network Protocols panel of Microsoft NT. © 2000 Microsoft Corporation

Figure 8.2: The IP Address panel of Microsoft NT. © 2000 Microsoft Corporation

Figure 8.3: The Advanced IP Addressing panel of Microsoft NT. © 2000 Microsoft Corporation

Figure 8.4: The TCP/IP Security panel of Microsoft NT. © 2000 Microsoft Corporation

Chapter 9: Circuit-Level Gateways

Figure 9.1: The placement and use of a circuit-level gateway.

Figure 9.2: Manual Proxy Configuration menu of Netscape Navigator. © 2001 Netscape Communications Corporation.

Figure 9.3: Proxy Settings menu of Microsoft Internet Explorer. © 2001 Microsoft Corporation.

Chapter 10: Application-Level Gateways

Figure 10.1: The placement and use of a Telnet proxy server.

Chapter 11: Firewall Configurations

Figure 11.1: A simple dual-homed firewall configuration.

Figure 11.2: A more realistic configuration of a dual-homed firewall.

Figure 11.3: A simple configuration of a screened host firewall.

Figure 11.4: A screened subnet firewall configuration.

Figure 11.5: A screened subnet firewall configuration with multiple bastion hosts.

Figure 11.6: A firewall supporting NAT.

Figure 11.7: Message flows of the SYNDefender Relay and the SYNDefender Gateway.

Chapter 13: Network Access Layer Security Protocols

Figure 13.1: Graphical illustration of the problem facing a conference attendee who is traveling in the United States and wants to connect his or her laptop computer to his or her corporate intranet in Europe.

Figure 13.2: The layer 2 and layer 3 tunneling encapsulation schemes.

Figure 13.3: Graphical illustration of the layer 2 forwarding/tunneling solution for the conference attendee problem.

Figure 13.4: The PPTP encapsulation scheme.

Chapter 14: Internet Layer Security Protocols

Figure 14.1: Encapsulated IP packet.

Figure 14.2: High-level overview of the IP security architecture.

Figure 14.3: IPsec transport and tunnel modes.

Figure 14.4: he authentication header (AH) format.

Figure 14.5: The encapsulating security payload (ESP) format.

Figure 14.6: The use of SKIP to encrypt unicast and multicast IP packets.

Chapter 15: Transport Layer Security Protocols

Figure 15.1: The architecture of SSL and the SSL protocol.

Figure 15.2: The SSL Record Protocol steps.

Figure 15.3: PKCS #1 block format for encryption.

Chapter 16: Application Layer Security Protocols

Figure 16.1: The Kerberos system and the corresponding protocol steps.

Chapter 19: Public Key Infrastructures

Figure 19.1: The structures of PGP and X.509 certificates.

Chapter 21: Risk Management

Figure 21.1: The individual steps in a risk management process.

Team-Fly