|
Network Security Bible Second Edition |
1 |
|
|
About the Author |
9 |
|
|
About the Technical Editor |
9 |
|
|
Credits |
11 |
|
|
Acknowledgments |
13 |
|
|
Contents at a Glance |
15 |
|
|
Contents |
17 |
|
|
Introduction |
37 |
|
|
The Goal of This Book |
37 |
|
|
How to Use This Book |
38 |
|
|
Who Should Read This Book |
40 |
|
|
How This Book Is Organized |
40 |
|
|
Where To Go From Here |
46 |
|
|
Part I: Network Security Landscape |
47 |
|
|
Chapter 1: State of Network Security |
49 |
|
|
Cyber Security |
49 |
|
|
Summary |
53 |
|
|
Chapter 2: New Approaches to Cyber Security |
55 |
|
|
General Trends |
55 |
|
|
The Changing Face of Cyber Security |
62 |
|
|
Summary |
63 |
|
|
Chapter 3: Interfacing with the Organization |
65 |
|
|
An Enterprise Security Methodology |
65 |
|
|
Key Questions to Manage Risk |
73 |
|
|
Summary |
78 |
|
|
Part II: Security Principles and Practices |
79 |
|
|
Chapter 4: Information System Security Principles |
81 |
|
|
Key Principles of Network Security |
81 |
|
|
Formal Processes |
83 |
|
|
Risk Management |
106 |
|
|
Calculating and Managing Risk |
116 |
|
|
Summary |
117 |
|
|
Chapter 5: Information System Security Management |
119 |
|
|
Security Policies |
119 |
|
|
Security Awareness |
123 |
|
|
Managing the Technical Effort |
125 |
|
|
Configuration Management |
133 |
|
|
Business Continuity and Disaster Recovery Planning |
136 |
|
|
Physical Security |
144 |
|
|
Legal and Liability Issues |
151 |
|
|
Summary |
153 |
|
|
Chapter 6: Access Control |
155 |
|
|
Control Models |
155 |
|
|
Types of Access Control Implementations |
158 |
|
|
Identification and Authentication |
161 |
|
|
Databases |
167 |
|
|
Remote Access |
169 |
|
|
Summary |
171 |
|
|
Chapter 7: Attacks and Threats |
173 |
|
|
Malicious Code |
173 |
|
|
Review of Common Attacks |
175 |
|
|
External Attack Methodologies Overview |
182 |
|
|
Internal Threat Overview |
186 |
|
|
Summary |
188 |
|
|
Part III: Operating Systems and Applications |
189 |
|
|
Chapter 8: Windows Security |
191 |
|
|
Windows Security at the Heart of the Defense |
193 |
|
|
Out-of-the-Box Operating System Hardening |
197 |
|
|
Installing Applications |
217 |
|
|
Putting the Workstation on the Network |
221 |
|
|
Operating Windows Safely |
223 |
|
|
Upgrades and Patches |
237 |
|
|
Maintain and Test the Security |
240 |
|
|
Attacks Against the Windows Workstation |
244 |
|
|
Summary |
251 |
|
|
Chapter 9: UNIX and Linux Security |
253 |
|
|
The Focus of UNIX/Linux Security |
253 |
|
|
Physical Security |
258 |
|
|
Controlling the Configuration |
263 |
|
|
Operating UNIX Safely |
270 |
|
|
Hardening UNIX |
291 |
|
|
Summary |
299 |
|
|
Chapter 10: Web Browser and Client Security |
301 |
|
|
Web Browser and Client Risk |
301 |
|
|
How a Web Browser Works |
305 |
|
|
Web Browser Attacks |
314 |
|
|
Operating Safely |
317 |
|
|
Web Browser Configurations |
322 |
|
|
Summary |
332 |
|
|
Chapter 11: Web Security |
333 |
|
|
What Is HTTP? |
333 |
|
|
How Does HTTP Work? |
335 |
|
|
Server Content |
347 |
|
|
Client Content |
349 |
|
|
State |
355 |
|
|
Attacking Web Servers |
361 |
|
|
Web Services |
363 |
|
|
Summary |
367 |
|
|
Chapter 12: Electronic mail (E-mail) Security |
369 |
|
|
The E-mail Risk |
369 |
|
|
The E-mail Protocols |
386 |
|
|
E-mail Authentication |
391 |
|
|
Operating Safely When Using E-mail |
394 |
|
|
Summary |
401 |
|
|
Chapter 13: Domain Name System |
403 |
|
|
DNS Basics |
404 |
|
|
Purpose of DNS |
410 |
|
|
Setting Up DNS |
421 |
|
|
Security Issues with DNS |
423 |
|
|
DNS Attacks |
430 |
|
|
Designing DNS |
432 |
|
|
Master Slave DNS |
434 |
|
|
Detailed DNS Architecture |
434 |
|
|
DNS SEC |
435 |
|
|
Summary |
439 |
|
|
Chapter 14: Server Security |
441 |
|
|
General Server Risks |
441 |
|
|
Security by Design |
442 |
|
|
Operating Servers Safely |
459 |
|
|
Server Applications |
463 |
|
|
Multi-Level Security and Digital Rights Management |
467 |
|
|
Summary |
473 |
|
|
Part IV: Network Security Fundamentals |
475 |
|
|
Chapter 15: Network Protocols |
477 |
|
|
Protocols |
477 |
|
|
The Open Systems Interconnect Model |
478 |
|
|
The OSI Layers |
479 |
|
|
The TCP/IP Model |
485 |
|
|
TCP/IP Model Layers |
487 |
|
|
Internet Protocol |
488 |
|
|
VoIP |
496 |
|
|
Summary |
503 |
|
|
Chapter 16: Wireless Security |
505 |
|
|
Electromagnetic Spectrum |
505 |
|
|
The Cellular Phone Network |
508 |
|
|
Placing a Cellular Telephone Call |
510 |
|
|
Wireless Transmission Systems |
515 |
|
|
Pervasive Wireless Data Network Technologies |
519 |
|
|
IEEE Wireless LAN Specifications |
524 |
|
|
IEEE 802.11 |
526 |
|
|
IEEE 802.11 Wireless Security |
531 |
|
|
Bluetooth |
549 |
|
|
Wireless Application Protocol |
550 |
|
|
Future of Wireless |
552 |
|
|
Summary |
554 |
|
|
Chapter 17: Network Architecture Fundamentals |
555 |
|
|
Network Segments |
556 |
|
|
Perimeter Defense |
557 |
|
|
Network Address Translation |
557 |
|
|
Basic Architecture Issues |
559 |
|
|
Subnetting, Switching, and VLANs |
562 |
|
|
Address Resolution Protocol and Media Access Control |
563 |
|
|
Dynamic Host Configuration Protocol and Addressing Control |
564 |
|
|
Zero Configuration Networks |
565 |
|
|
System Design and Architecture Against Insider Threats |
571 |
|
|
Common Attacks |
574 |
|
|
Summary |
575 |
|
|
Chapter 18: Firewalls |
577 |
|
|
Firewalls |
577 |
|
|
Firewall Rules |
583 |
|
|
The Use of Personal Firewalls |
588 |
|
|
Summary |
594 |
|
|
Chapter 19: Intrusion Detection/Prevention |
595 |
|
|
Intrusion Detection Systems |
595 |
|
|
Responses to Intrusion Detection |
602 |
|
|
Emerging Technologies in Intrusion Detection Systems |
602 |
|
|
Summary |
613 |
|
|
Part V: Communication |
615 |
|
|
Chapter 20: Secret Communication |
617 |
|
|
What is Cryptography? |
618 |
|
|
General Terms |
622 |
|
|
Principles of Cryptography |
623 |
|
|
Historic Cryptography |
627 |
|
|
The Four Cryptographic Primitives |
633 |
|
|
Putting These Primitives Together to Achieve CIA |
648 |
|
|
The Difference Between Algorithm and Implementation |
649 |
|
|
Proprietary Versus Open Source Algorithms |
652 |
|
|
Attacks on Hash Functions |
653 |
|
|
Quantum Cryptography |
663 |
|
|
Summary |
674 |
|
|
Chapter 21: Covert Communication |
677 |
|
|
Where Hidden Data Hides |
677 |
|
|
Where Did It Come From? |
679 |
|
|
Where Is It Going? |
679 |
|
|
Overview of Steganography |
680 |
|
|
History of Steganography |
685 |
|
|
Core Areas of Network Security and Their Relation to Steganography |
687 |
|
|
Principles of Steganography |
689 |
|
|
Steganography Compared to Cryptography |
690 |
|
|
Types of Steganography |
692 |
|
|
Products That Implement Steganography |
700 |
|
|
Steganography Versus Digital Watermarking |
719 |
|
|
Types of Digital Watermarking |
721 |
|
|
Goals of Digital Watermarking |
722 |
|
|
Digital Watermarking and Stego |
722 |
|
|
Summary |
725 |
|
|
Chapter 22: Applications of Secure/Covert Communication |
727 |
|
|
E-mail |
728 |
|
|
Authentication Servers |
731 |
|
|
Working Model |
732 |
|
|
Public Key Infrastructure |
734 |
|
|
Virtual Private Networks |
738 |
|
|
Secure Sockets Layer/Transport Layer Security |
745 |
|
|
SSL Handshake |
746 |
|
|
Summary |
750 |
|
|
Part VI: The Security Threat and Response |
751 |
|
|
Chapter 23: Intrusion Detection and Response |
753 |
|
|
Intrusion Detection Mechanisms |
753 |
|
|
Honeypots |
758 |
|
|
Incident Handling |
762 |
|
|
Summary |
773 |
|
|
Chapter 24: Digital Forensics |
775 |
|
|
Computer Forensics Defined |
776 |
|
|
Traditional Computer Forensics |
776 |
|
|
Proactive Forensics |
792 |
|
|
Future Research Areas |
794 |
|
|
The Forensic Life Cycle |
796 |
|
|
Summary |
796 |
|
|
Chapter 25: Security Assessments, Testing, and Evaluation |
797 |
|
|
Information Assurance Approaches and Methodologies |
797 |
|
|
Certification and Accreditation |
802 |
|
|
DIACAP |
806 |
|
|
Federal Information Processing Standard 102 |
809 |
|
|
OMB Circular A-130 |
810 |
|
|
The National Institute of Standards and Technology Assessment Guidelines |
811 |
|
|
Penetration Testing |
816 |
|
|
Auditing and Monitoring |
818 |
|
|
Summary |
820 |
|
|
Part VII: Integrated Cyber Security |
821 |
|
|
Chapter 26: Validating Your Security |
823 |
|
|
Overview |
823 |
|
|
Current State of Penetration Testing |
826 |
|
|
Formal Penetration Testing Methodology |
829 |
|
|
Steps to Exploiting a System |
833 |
|
|
Summary |
841 |
|
|
Chapter 27: Data Protection |
843 |
|
|
Endpoint Security |
845 |
|
|
Insider Threats and Data Protection |
851 |
|
|
Summary |
852 |
|
|
Chapter 28: Putting Everything Together |
855 |
|
|
Critical Problems Facing Organizations |
855 |
|
|
General Tips for Protecting a Site |
861 |
|
|
Security Best Practices |
865 |
|
|
Summary |
880 |
|
|
Chapter 29: The Future |
881 |
|
|
Approaching the Problem |
881 |
|
|
Mission Resilience |
883 |
|
|
Limiting Failure Points |
890 |
|
|
Summary |
893 |
|
|
Index |
895 |
|