Network Security: A Practical Approach. Jan L. Harrington



Similar documents
Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Network Security: A Practical Approach

Eleventh Hour Security+

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Network Security Administrator

Network Security. Windows 2012 Server. Securing Your Windows. Infrastructure. Network Systems and. Derrick Rountree. Richard Hicks, Technical Editor

Firewalls and Intrusion Detection

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Securing Cisco Network Devices (SND)

Implementing Database Security and Auditing

CEH Version8 Course Outline

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Domain 6.0: Network Security

INCIDENT RESPONSE CHECKLIST

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

CS5008: Internet Computing

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Introduction p. 2. Introduction to Information Security p. 1. Introduction

Directory and File Transfer Services. Chapter 7

Networking: EC Council Network Security Administrator NSA

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

A Systems Engineering Approach to Developing Cyber Security Professionals

Chapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security

Secure Software Programming and Vulnerability Analysis

Security + Certification (ITSY 1076) Syllabus

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

Hacking Web Apps. Detecting and Preventing Web Application Security Problems. Jorge Blanco Alcover. Mike Shema. Technical Editor SYNGRESS

Open Source Toolkit. Penetration Tester's. Jeremy Faircloth. Third Edition. Fryer, Neil. Technical Editor SYNGRESS. Syngrcss is an imprint of Elsevier

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Firewalls, Tunnels, and Network Intrusion Detection

How To Secure Network Threads, Network Security, And The Universal Security Model

Firewall. User Manual

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

H.I.P.A.A. Compliance Made Easy Products and Services

Tim Bovles WILEY. Wiley Publishing, Inc.

Cisco ASA. Administrators

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

INFORMATION SECURITY TRAINING CATALOG (2015)

Basics of Internet Security

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Network Security Essentials:

Client Security Risk Assessment Questionnaire

Chapter 8 Security Pt 2

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

Denial Of Service. Types of attacks

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

information security and its Describe what drives the need for information security.

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

BUY ONLINE FROM:

GSEC GIAC Security. Essentials Certification ONE ALL IN EXAM GUIDE. Ric Messier. Singapore Sydney Toronto

Network Security and Firewall 1

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

IMPROVEMENT THE PRACTITIONER'S GUIDE TO DATA QUALITY DAVID LOSHIN

iscsi Security (Insecure SCSI) Presenter: Himanshu Dwivedi

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Chapter 15: Computer and Network Security

Security Awareness. Wireless Network Security

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Introduction. Assessment Test

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Recommended IP Telephony Architecture

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Developing Network Security Strategies

[CEH]: Ethical Hacking and Countermeasures

My FreeScan Vulnerabilities Report

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Network Security Fundamentals

How To Pass A Credit Course At Florida State College At Jacksonville

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

CRYPTUS DIPLOMA IN IT SECURITY

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Architecture Overview

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Critical Controls for Cyber Security.

The Information Security Problem

Linux Network Security

CompTIA Security+ (Exam SY0-410)

General Network Security

Description: Objective: Attending students will learn:

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Introduction to Cyber Security / Information Security

Course Title: Penetration Testing: Security Analysis

Transcription:

Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of Elsevier MORGAN KAUFMANN PUBLISHERS

Contents Preface xi Chapter 1: In the Beginning... 1 1.0 Introduction 2 1.1 Defining Security 2 1.2 The Two Views of Network Security 3 1.2.1 Sources of External Threats 3 1.2.2 Sources of Internal Threats 7 1.3 The Organizational Security Process 10 1.3.1 Top Management Support 10 1.3.2 How Secure Can You Be? 12 1.3.3 The Importance of a Security Policy 12 1.3.4 Legal Issues 14 1.3.5 Security Personnel 18 1.3.6 Outsourcing Security 24 1.4 Preparing a Security Policy 25 1.5 Security Audits 31 1.6 Summary 33 Chapter 2: Basic Security Architecture 35 2.0 Introduction 36 2.1 Secure Network Layouts 36 2.2 Firewalls 39 2.2.1 Packet Filtering Firewalls 41

vi Contents 2.2.2 Stateful Firewalls 42 2.2.3 Application Proxy Firewalls 43 2.2.4 Comparing Types of Firewalls 43 2.3 Hands On: Setting File and Directory Permissions 45 2.3.1 Windows 46 2.3.2 UNIX 47 2.3.3 Mac OS X 51 2.4 Summary 51 Chapter 3: Physical Security 55 3.0 Introduction 56 3.1 Dealing with Theft and Vandalism 56 3.2 Protecting the System Console 59 3.3 Managing System Failure 60 3.3.1 Backup Solutions 60 3.3.2 Power Protection 69 3.4 Hands On: Providing Physical Security 72 3.4.1 Physical Solutions 73 3.4.2 Disaster Recovery Drills 76 3.5 Summary 78 Chapter 4: Information Gathering 79 4.0 Introduction 80 4.1 Social Engineering 80 4.1.1 Electronic Social Engineering: Phishing 82 4.2 Using Published Information 84 4.3 Port Scanning 91 4.4 Network Mapping 94 4.5 Hands On 97 4.5.1 Limiting Published Information 98 4.5.2 Disabling Unnecessary Services and Closing Ports 98 4.5.3 Opening Ports on the Perimeter and Proxy Serving 103 4.6 Summary 106 Chapter 5: Gaining and Keeping Root Access 109 5.0 Introduction 110 5.1 Root Kits 110 5.1.1 Root Kit Threat Level 111 5.1.2 How Root Kits Work 113 5.2 Brute Force Entry Attacks and Intrusion Detection 114 5.2.1 Examining System Logs 115

Contents vii 5.2.2 Intrusion Detection Software 120 5.2.3 Intrusion Prevention Software 122 5.2.4 Honeypots 123 5.3 Buffer Overflow Attacks 123 5.4 Hands On 125 5.4.1 Viewing and Configuring Windows Event Logs 126 5.4.2 Patches and Patch Management 127 5.5 Summary 130 Chapter 6: Spoofing 133 6.0 Introduction 134 6.1 TCP Spoofing 134 6.2 DNS Spoofing 138 6.3 IP (and E-Mail) Spoofing 142 6.4 Web Spoofing 145 6.5 Hands On 148 6.5.1 Detecting Spoofed E-mail 149 6.5.2 Detecting Spoofed Web Sites 153 6.6 Summary 156 Chapter 7: Denial of Service Attacks 161 7.0 Introduction 162 7.1 Single Source DoS Attacks 162 7.1.1 SYN Flood Attacks 162 7.1.2 Ping of Death 164 7.1.3 Smurf 164 7.1.4 UDP Flood Attacks 165 7.2 Distributed DoS Attacks 165 7.2.1 Tribe Flood Network 166 7.2.2 Trinoo 166 7.2.3 Stacheldraht 168 7.3 Hands On 168 7.3.1 Using an IDS to Detect a DoS Attack 169 7.3.2 Using System Logs to Detect a DoS Attack 170 7.3.3 Handling a DoS Attack in Progress 171 7.3.4 DoS Defense Strategies 176 7.3.5 Finding Files 177 7.4 Summary 178 Chapter 8: Malware 181 8.0 Introduction 182

vlii Contents 8.1 A Bit of Malware History 183 8.2 Types of Malware Based on Propagation Methods 183 8.3 Hands On 192 8.3.1 "Virus" Scanners 192 8.3.2 Dealing with Removable Media 199 8.3.3 Lockdown Schemes 201 8.4 Summary 202 Chapter 9: User and Password Security 205 9.0 Introduction 206 9.1 Password Policy 206 9.2 Strong Passwords 207 9.3 Password File Security 209 9.3.1 Windows 210 9.3.2 UNIX 213 9.4 Password Audits 214 9.4.1 UNIX: John the Ripper 214 9.4.2 Windows: LOphtCrack 215 9.5 Enhancing Password Security with Tokens 217 9.6 Hands On: Password Management Software 218 9.6.1 Centralized Password Management 218 9.6.2 Individual Password Management 219 9.7 Summary 223 Chapter 10: Remote Access 225 10.0 Introduction 226 10.1 Remote Access Vulnerabilities 226 10.1.1 Dial-In Access 226 10.1.2 Remote Control Software 228 10.1.3 Remote Access Commands 230 10.2 VPNs 234 10.3 Remote User Authentication 240 10.3.1 RADIUS 240 10.3.2 Kerberos 241 10.3.3 CHAP and MS-CHAP 242 10.4 Hands On: OS VPN Support 243 10.4.1 Windows VPN Support 243 10.4.2 Macintosh OS X VPN Support 252 10.5 Summary 258

. Contents ix Chapter 11: Wireless Security 259 11.0 Introduction 260 11.1 Wireless Standards 261 11.1.1 802.11 Wireless Standards 261 11.1.2 Bluetooth 263 11.1.3 The Forthcoming 802.16 264 11.2 Wireless Network Vulnerabilities 265 11.2.1 Signal Bleed and Insertion Attacks 265 11.2.2 Signal Bleed and Interception Attacks 266 11.2.3 SSID Vulnerabilities 266 11.2.4 Denial of Service Attacks 267 11.2.5 Battery Exhaustion Attacks 267 11.3 Wireless Security Provisions 268 11.3.1 802. llx Security 268 11.3.2 Bluetooth Security 272 11.4 Hands On: Securing Your 802.1 lx Wireless Network 273 11.5 Summary 275 Chapter 12: Encryption 279 12.0 Introduction 280 12.1 To Encrypt or Not to Encrypt 280 12.2 Single Key Encryption Schemes 281 12.2.1 Substitution Cyphers 281 12.2.2 Single-Key Encryption Algorithms 284 12.2.3 Key Management Problems 288 12.3 Two-Key Encryption Schemes 288 12.3.1 The Mathematics of Public Key Encryption 289 12.4 Combining Single- and Two-Key Encryption 292 12.5 Ensuring Message Integrity 292 12.5.1 Message Digest Algorithms 294 12.5.2 Checksums 294 12.6 Message Authentication and Digital Certificates 297 12.6.1 Authenticating with PKE Alone 297 12.6.2 Authenticating with Digital Certificates 297 12.7 Composition and Purpose of PKI 299 12.8 Hands On 300 12.8.1 Third-Party Certificate Authorities 300 12.8.2 Encryption Software 301 12.9 Summary 316

Contents Appendix A: The TCP/IP Protocol Stack 319 A.O Introduction 320 A.I The Operation of a Protocol Stack 320 A.2 The Application Layer 322 A.3 The Transport Layer 323 A.3.1TCP324 A.3.2 UDP 326 A.4 The Internet Layer 327 A.5 The Logical Link Control Layer 330 A.6 The MAC Layer 330 A. 7 The Physical Layer 332 Appendix B: TCP and UDP Ports 335 B.O Well-Known Ports 336 B.I Registered Ports 340 B.2 Port List References 341 Appendix C: Security Update Sites 343 CO Professional Security Update Sites 344 C.I Other Sites of Interest 344 Glossary 347 Index 359 Photo Credits 366

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information