Index_N

NAT, See Network address translation

Natural disasters, 25, 27, See also Disaster recovery planning

Nessus, 222

NetBEUI, 72, 292

Network address translation (NAT), 91, 92–95, 327

firewall interoperability, 92, 93–94, 200, 245–251

IPSec interoperability, 35, 327–331

port address translation, 94, 328

Network administrator separation of duties, 43

Network interface card, VPN performance and, 334–335

Network layer, See also Internet Protocol; Routers

Network penetration testing, 4, 222, 347–362

DNS tool, 354–355

final report, 348–349

gaining administrative access, 357

information gathering (footprinting), 352–357

information security policy and, 349, 358–359

network scanning tools, 355–357

outsourcing, 359–361

planning, 348

scope and off-limits services, 348

summary, 361–362

understanding hacker motivations, 349–352

using results, 358–359

Network scanning tools, 79, 355–357

tcpdump, 39–40

Network security

access, See Access control

certifications, 4–5

defense in depth, 32, 208

firewalls, See Firewalls

general law of security, 256

incident response, See Incident response

internal threats, 114–115

liability issues, 10–12

policy, See Security policy

security model, 8

technology-based approach, 7–8

testing, 44, See also Network penetration testing

VPNs, See Virtual private networks

Network Time Protocol (NTP), 139–141

Nimda, 226

Nmap, 222

Nonce (pseudo-random number), 322

Nondiscretionary access control, 150–152

Non-repudiation, 125, 126, 169, 172

Notarization, 169, 172

Null interface routing, 234

Null-packet, 107