- ISBN: 9781931836012 | 1931836019
- Cover: Paperback
- Copyright: 5/15/2004
This is the only computer book to focus completely on infrastucture security: network devices, protocols and architectures. It offers unique coverage of network design so administrators understand how they should design and protect their enterprises. Network security publishing has boomed in the last several years with a proliferation of materials that focus on various elements of the enterprise.
| Foreword | p. xxv |
| Defining Perimeter and Internal Segments | p. 1 |
| Introduction | p. 2 |
| Internal versus External Segments | p. 2 |
| Explaining the External Segment or Perimeter Segment | p. 3 |
| The Internal Segment Explained | p. 4 |
| Footprinting: Finding the IP Addresses Assigned to Your Company | p. 7 |
| Using whois to Understand Who You Are | p. 7 |
| Using DNS Interrogation for More Information | p. 9 |
| Checklist | p. 12 |
| Summary | p. 13 |
| Solutions Fast Track | p. 13 |
| Links to Sites | p. 14 |
| Mailing Lists | p. 14 |
| Frequently Asked Questions | p. 15 |
| Assessing Your Current Networks | p. 17 |
| Introduction | p. 18 |
| Monitoring Traffic | p. 19 |
| Sniffing | p. 19 |
| Counting the Counters | p. 35 |
| Looking at Logical Layouts | p. 39 |
| Get on the Bus | p. 39 |
| Network Mapping 1-2-3 | p. 42 |
| Performing Security Audits | p. 48 |
| Vulnerability Assessment | p. 48 |
| Remediation | p. 64 |
| Follow-Up | p. 67 |
| Examining the Physical Security | p. 67 |
| Who's Knocking on Your NOC? | p. 67 |
| Extra Ports Equal Extra Headaches | p. 69 |
| Checklist | p. 70 |
| Summary | p. 71 |
| Solutions Fast Track | p. 71 |
| Links to Sites | p. 73 |
| Mailing Lists | p. 74 |
| Frequently Asked Questions | p. 75 |
| Selecting the Correct Firewall | p. 77 |
| Introduction | p. 78 |
| Understanding Firewall Basics | p. 78 |
| Seal of Approval | p. 79 |
| Security Rules | p. 80 |
| Hardware or Software | p. 82 |
| Administrative Interfaces | p. 84 |
| Traffic Interfaces | p. 87 |
| Logging | p. 90 |
| Optional Features | p. 91 |
| Exploring Stateful Packet Firewalls | p. 97 |
| What Is a Stateless Firewall? | p. 97 |
| Keeping Track of Conversations | p. 100 |
| Too Much Chatter | p. 101 |
| Stateful Failover | p. 102 |
| Explaining Proxy-Based Firewalls | p. 103 |
| Gophers | p. 104 |
| Modernization: The Evolution of Gophers | p. 105 |
| Explaining Packet Layers: An Analogy | p. 106 |
| Employee Monitoring | p. 108 |
| Examining Various Firewall Vendors | p. 109 |
| 3Com Corporation and Sonic Wall, Inc. | p. 109 |
| Check Point Software Technologies | p. 110 |
| Cisco Systems, Inc. | p. 111 |
| CyberGuard | p. 113 |
| Microsoft ISA Server | p. 113 |
| NetScreen | p. 114 |
| Novell | p. 115 |
| Secure Computing | p. 115 |
| Stonesoft, Inc. | p. 116 |
| Symantec Corporation | p. 117 |
| WatchGuard Technologies, Inc. | p. 118 |
| Checklist | p. 119 |
| Summary | p. 120 |
| Solutions Fast Track | p. 121 |
| Links to Sites | p. 121 |
| Mailing Lists | p. 123 |
| Frequently Asked Questions | p. 124 |
| Firewall Manipulation: Attacks and Defenses | p. 127 |
| Introduction | p. 128 |
| Firewall Attack Methods | p. 129 |
| Attacking for Information | p. 129 |
| Denial-of-Service Attacks | p. 130 |
| Remote Firewall Compromise | p. 131 |
| Check Point Software Attacks and Solutions | p. 132 |
| VPN-1/SecureClient ISAKMP Buffer Overflow | p. 132 |
| Check Point SecuRemote Internal Address Disclosure | p. 134 |
| Cisco PIX Attacks and Solutions | p. 136 |
| Cisco PIX SNMPv3 Denial of Service | p. 137 |
| Cisco PIX SSH Denial of Service | p. 139 |
| Microsoft ISA Server Attacks and Solutions | p. 141 |
| ISA Server Web Proxy Denial of Service | p. 142 |
| ISA Server UDP Flood Denial of Service | p. 144 |
| NetScreen Firewall Attacks and Mitigations | p. 146 |
| NetScreen Management and TCP Option Denial of Service | p. 147 |
| NetScreen Remote Reboot Denial of Service | p. 150 |
| Novell BorderManager Attacks and Solutions | p. 152 |
| Novell BorderManager IP/IPX Gateway Denial of Service | p. 152 |
| Checklist | p. 154 |
| Summary | p. 155 |
| Solutions Fast Track | p. 156 |
| Links to Sites | p. 158 |
| Mailing Lists | p. 159 |
| Frequently Asked Questions | p. 160 |
| Routing Devices and Protocols | p. 163 |
| Introduction | p. 164 |
| Understanding the Roles of Routers on Your Network | p. 165 |
| Understanding the Roles of Routers on Perimeter Segments | p. 167 |
| Examining the Roles of Routers on Internal Segments | p. 168 |
| Securing Your Routers | p. 170 |
| Examining Possible Attacks on Your Routers | p. 171 |
| Locking Down Your Routers | p. 172 |
| Preventing Login Access to Your Routers | p. 173 |
| Controlling What Your Routers Do | p. 178 |
| Maintaining Your Routers for Optimal Security | p. 181 |
| IP Routing Devices | p. 184 |
| IP Routers | p. 184 |
| Routing Switches and Load Balancers | p. 187 |
| Routing at the Operating System and Application Level | p. 190 |
| IP Routing Protocols | p. 191 |
| Routing Information Protocol | p. 192 |
| Interior Gateway Routing Protocol | p. 196 |
| Enhanced IGRP | p. 199 |
| RIPv2 | p. 201 |
| Open Shortest Path First | p. 204 |
| BGP v4 | p. 206 |
| Checklist | p. 209 |
| Summary | p. 210 |
| Solutions Fast Track | p. 211 |
| Links to Sites | p. 213 |
| Mailing Lists | p. 213 |
| Frequently Asked Questions | p. 214 |
| Secure Network Management | p. 217 |
| Introduction | p. 218 |
| Network Management and Security Principles | p. 219 |
| Knowing What You Have | p. 220 |
| Controlling Access Vectors | p. 221 |
| Plan for the Unexpected | p. 234 |
| Back Up Your Management, Too | p. 237 |
| Watch Your Back | p. 237 |
| Management Networks | p. 243 |
| IPSec and VPNs | p. 244 |
| IPSec Modes and Protocols | p. 246 |
| IPSec Configuration Examples | p. 247 |
| Network Management Tools and Uses | p. 251 |
| Big Brother | p. 252 |
| Big Sister | p. 253 |
| MRTG | p. 254 |
| Paessler PRTG | p. 255 |
| IPsentry | p. 256 |
| SolarWinds Orion | p. 258 |
| IPSwitch WhatsUp Gold | p. 259 |
| Cisco Systems CiscoWorks | p. 260 |
| Computer Associates Unicenter | p. 261 |
| Microsoft Systems Management Server | p. 261 |
| Hewlett-Packard OpenView | p. 262 |
| Checklist | p. 264 |
| Summary | p. 265 |
| Solutions Fast Track | p. 265 |
| Links to Sites | p. 265 |
| Mailing Lists | p. 267 |
| Frequently Asked Questions | p. 267 |
| Network Switching | p. 271 |
| Introduction | p. 272 |
| Understanding the Open Systems Interconnect Reference Model | p. 272 |
| The Seven Layers | p. 274 |
| The Physical Link Layer: Layer 1 | p. 276 |
| The Data Link Layer: Layer 2 | p. 276 |
| The Network Layer: Layer 3 | p. 276 |
| The Transport Layer: Layer 4 | p. 277 |
| The Origin of Switching | p. 277 |
| Hubs | p. 280 |
| Carrier Sense Multiple Access/Collision Detection | p. 281 |
| Bridging | p. 283 |
| And Then Came the Switch | p. 284 |
| Evaluating Switching Standards and Features | p. 285 |
| Which Switch Type Is Right for Me? | p. 286 |
| Evaluating the Physical Footprint | p. 288 |
| Network Speed | p. 290 |
| Distance Limitations | p. 291 |
| Duplex Mode | p. 293 |
| Spanning Tree Protocol | p. 293 |
| Content Addressable Memory | p. 295 |
| Backplane and Switching Fabric | p. 296 |
| Optional Features | p. 297 |
| Moving Switching beyond Layer 2 | p. 300 |
| Understanding the Need for Layer 3 Switching | p. 300 |
| Routing | p. 302 |
| Layer 3 Switching in Action | p. 304 |
| Layer 3 Switching and VLANs | p. 304 |
| Understanding Multilayer Switching | p. 305 |
| Using Switching to Improve Security | p. 306 |
| Patching the Switch | p. 306 |
| Securing Unused Ports | p. 308 |
| Adding Passwords to the Switch | p. 308 |
| Port Mirroring | p. 308 |
| Remote Management | p. 309 |
| Remote Monitoring | p. 310 |
| Setting the Time | p. 312 |
| Using VLANs for Security | p. 312 |
| Using Multilayer Switching (MLS) for Security | p. 312 |
| Choosing the Right Switch | p. 313 |
| Understanding the Layers of the Campus Network | p. 313 |
| Assessing Your Needs | p. 314 |
| Assembling the Pieces | p. 315 |
| Checklist | p. 322 |
| Summary | p. 324 |
| Solutions Fast Track | p. 326 |
| Links to Sites | p. 328 |
| Mailing Lists | p. 329 |
| Frequently Asked Questions | p. 330 |
| Defending Routers and Switches | p. 333 |
| Introduction | p. 334 |
| Attacking and Defending Your Network Devices | p. 336 |
| Cisco IPv4 Denial of Service | p. 337 |
| Exploiting the IPv4 DoS | p. 338 |
| Defending Your Router against the IPv4 DoS | p. 339 |
| Cisco HTTP Get Buffer Overflow and UDP Memory Disclosure | p. 340 |
| Exploiting 2-for-1 | p. 342 |
| Cisco Discovery Protocol Denial of Service | p. 343 |
| Exploiting the CDP Denial of Service | p. 344 |
| Preventing CDP Attacks | p. 344 |
| Confusing the Enemy | p. 345 |
| MAC Flooding | p. 345 |
| ARP Spoofing | p. 347 |
| Breaking Out of Jail | p. 351 |
| VLAN Jumping | p. 352 |
| Attacking Simple Network Management Protocol | p. 354 |
| Sniffing the Management... Protocol | p. 355 |
| Vulnerability Chaining | p. 361 |
| Checklist | p. 362 |
| Summary | p. 363 |
| Solutions Fast Track | p. 363 |
| Links to Sites | p. 366 |
| Mailing Lists | p. 366 |
| Frequently Asked Questions | p. 367 |
| Implementing Intrusion Detection Systems | p. 369 |
| Introduction | p. 370 |
| Understanding Intrusion Detection and Prevention Basics | p. 371 |
| Intrusion Detection System Sensors | p. 373 |
| Intrusion Prevention System Sensors | p. 377 |
| Comparing IDS/IPS Vendors | p. 381 |
| Intrusion Detection/Prevention Systems | p. 381 |
| Application-Level Firewalls | p. 399 |
| Honeypots/Honeynets | p. 410 |
| Tarpits | p. 414 |
| Subverting an IDS/IPS | p. 416 |
| Port Hopping | p. 417 |
| Fragmenting | p. 417 |
| Summary | p. 419 |
| Checklists | p. 419 |
| Solutions Fast Track | p. 421 |
| Links to Sites | p. 421 |
| Mailing Lists | p. 423 |
| Frequently Asked Questions | p. 424 |
| Perimeter Network Design | p. 427 |
| Introduction | p. 428 |
| Looking at Design Principles | p. 428 |
| Selecting and Deploying Firewalls | p. 430 |
| Including IDSs and IPSs in Your Design | p. 436 |
| Creating Network Segments | p. 437 |
| Designing an Internet Access Network | p. 440 |
| What to Consider when Designing Internet Access Networks | p. 440 |
| Designing the Logical and Physical Networks | p. 442 |
| Designing Internet Application Networks | p. 445 |
| What to Consider when Designing Internet Application Networks | p. 445 |
| Designing VPN and Remote Access Termination Networks | p. 449 |
| What to Consider when Designing Remote Access Termination Networks | p. 449 |
| Checklist | p. 452 |
| Summary | p. 453 |
| Solutions Fast Track | p. 456 |
| Links to Sites | p. 458 |
| Mailing Lists | p. 458 |
| Frequently Asked Questions | p. 459 |
| Internal Network Design | p. 461 |
| Introduction | p. 462 |
| Design Principles and Examples | p. 462 |
| Firewall Placement and Selection | p. 464 |
| IDS Placement | p. 470 |
| Proper Segmentation | p. 479 |
| Access Control Lists, Routers, and Layer 3 Switches | p. 482 |
| Use of DMZs and Service Networks | p. 486 |
| Checklist | p. 490 |
| Summary | p. 492 |
| Solutions Fast Track | p. 493 |
| Links to Sites | p. 494 |
| Mailing Lists | p. 495 |
| Frequently Asked Questions | p. 496 |
| Index | p. 499 |
| Table of Contents provided by Ingram. All Rights Reserved. |
What is included with this book?
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.
Please wait while the item is added to your bag...
×
Digital License
You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.
More details can be found here.