| |
Network Security Bible Second Edition |
1 |
|
| |
About the Author |
9 |
|
| |
About the Technical Editor |
9 |
|
| |
Credits |
11 |
|
| |
Acknowledgments |
13 |
|
| |
Contents at a Glance |
15 |
|
| |
Contents |
17 |
|
| |
Introduction |
37 |
|
| |
The Goal of This Book |
37 |
|
| |
How to Use This Book |
38 |
|
| |
Who Should Read This Book |
40 |
|
| |
How This Book Is Organized |
40 |
|
| |
Where To Go From Here |
46 |
|
| |
Part I: Network Security Landscape |
47 |
|
| |
Chapter 1: State of Network Security |
49 |
|
| |
Cyber Security |
49 |
|
| |
Summary |
53 |
|
| |
Chapter 2: New Approaches to Cyber Security |
55 |
|
| |
General Trends |
55 |
|
| |
The Changing Face of Cyber Security |
62 |
|
| |
Summary |
63 |
|
| |
Chapter 3: Interfacing with the Organization |
65 |
|
| |
An Enterprise Security Methodology |
65 |
|
| |
Key Questions to Manage Risk |
73 |
|
| |
Summary |
78 |
|
| |
Part II: Security Principles and Practices |
79 |
|
| |
Chapter 4: Information System Security Principles |
81 |
|
| |
Key Principles of Network Security |
81 |
|
| |
Formal Processes |
83 |
|
| |
Risk Management |
106 |
|
| |
Calculating and Managing Risk |
116 |
|
| |
Summary |
117 |
|
| |
Chapter 5: Information System Security Management |
119 |
|
| |
Security Policies |
119 |
|
| |
Security Awareness |
123 |
|
| |
Managing the Technical Effort |
125 |
|
| |
Configuration Management |
133 |
|
| |
Business Continuity and Disaster Recovery Planning |
136 |
|
| |
Physical Security |
144 |
|
| |
Legal and Liability Issues |
151 |
|
| |
Summary |
153 |
|
| |
Chapter 6: Access Control |
155 |
|
| |
Control Models |
155 |
|
| |
Types of Access Control Implementations |
158 |
|
| |
Identification and Authentication |
161 |
|
| |
Databases |
167 |
|
| |
Remote Access |
169 |
|
| |
Summary |
171 |
|
| |
Chapter 7: Attacks and Threats |
173 |
|
| |
Malicious Code |
173 |
|
| |
Review of Common Attacks |
175 |
|
| |
External Attack Methodologies Overview |
182 |
|
| |
Internal Threat Overview |
186 |
|
| |
Summary |
188 |
|
| |
Part III: Operating Systems and Applications |
189 |
|
| |
Chapter 8: Windows Security |
191 |
|
| |
Windows Security at the Heart of the Defense |
193 |
|
| |
Out-of-the-Box Operating System Hardening |
197 |
|
| |
Installing Applications |
217 |
|
| |
Putting the Workstation on the Network |
221 |
|
| |
Operating Windows Safely |
223 |
|
| |
Upgrades and Patches |
237 |
|
| |
Maintain and Test the Security |
240 |
|
| |
Attacks Against the Windows Workstation |
244 |
|
| |
Summary |
251 |
|
| |
Chapter 9: UNIX and Linux Security |
253 |
|
| |
The Focus of UNIX/Linux Security |
253 |
|
| |
Physical Security |
258 |
|
| |
Controlling the Configuration |
263 |
|
| |
Operating UNIX Safely |
270 |
|
| |
Hardening UNIX |
291 |
|
| |
Summary |
299 |
|
| |
Chapter 10: Web Browser and Client Security |
301 |
|
| |
Web Browser and Client Risk |
301 |
|
| |
How a Web Browser Works |
305 |
|
| |
Web Browser Attacks |
314 |
|
| |
Operating Safely |
317 |
|
| |
Web Browser Configurations |
322 |
|
| |
Summary |
332 |
|
| |
Chapter 11: Web Security |
333 |
|
| |
What Is HTTP? |
333 |
|
| |
How Does HTTP Work? |
335 |
|
| |
Server Content |
347 |
|
| |
Client Content |
349 |
|
| |
State |
355 |
|
| |
Attacking Web Servers |
361 |
|
| |
Web Services |
363 |
|
| |
Summary |
367 |
|
| |
Chapter 12: Electronic mail (E-mail) Security |
369 |
|
| |
The E-mail Risk |
369 |
|
| |
The E-mail Protocols |
386 |
|
| |
E-mail Authentication |
391 |
|
| |
Operating Safely When Using E-mail |
394 |
|
| |
Summary |
401 |
|
| |
Chapter 13: Domain Name System |
403 |
|
| |
DNS Basics |
404 |
|
| |
Purpose of DNS |
410 |
|
| |
Setting Up DNS |
421 |
|
| |
Security Issues with DNS |
423 |
|
| |
DNS Attacks |
430 |
|
| |
Designing DNS |
432 |
|
| |
Master Slave DNS |
434 |
|
| |
Detailed DNS Architecture |
434 |
|
| |
DNS SEC |
435 |
|
| |
Summary |
439 |
|
| |
Chapter 14: Server Security |
441 |
|
| |
General Server Risks |
441 |
|
| |
Security by Design |
442 |
|
| |
Operating Servers Safely |
459 |
|
| |
Server Applications |
463 |
|
| |
Multi-Level Security and Digital Rights Management |
467 |
|
| |
Summary |
473 |
|
| |
Part IV: Network Security Fundamentals |
475 |
|
| |
Chapter 15: Network Protocols |
477 |
|
| |
Protocols |
477 |
|
| |
The Open Systems Interconnect Model |
478 |
|
| |
The OSI Layers |
479 |
|
| |
The TCP/IP Model |
485 |
|
| |
TCP/IP Model Layers |
487 |
|
| |
Internet Protocol |
488 |
|
| |
VoIP |
496 |
|
| |
Summary |
503 |
|
| |
Chapter 16: Wireless Security |
505 |
|
| |
Electromagnetic Spectrum |
505 |
|
| |
The Cellular Phone Network |
508 |
|
| |
Placing a Cellular Telephone Call |
510 |
|
| |
Wireless Transmission Systems |
515 |
|
| |
Pervasive Wireless Data Network Technologies |
519 |
|
| |
IEEE Wireless LAN Specifications |
524 |
|
| |
IEEE 802.11 |
526 |
|
| |
IEEE 802.11 Wireless Security |
531 |
|
| |
Bluetooth |
549 |
|
| |
Wireless Application Protocol |
550 |
|
| |
Future of Wireless |
552 |
|
| |
Summary |
554 |
|
| |
Chapter 17: Network Architecture Fundamentals |
555 |
|
| |
Network Segments |
556 |
|
| |
Perimeter Defense |
557 |
|
| |
Network Address Translation |
557 |
|
| |
Basic Architecture Issues |
559 |
|
| |
Subnetting, Switching, and VLANs |
562 |
|
| |
Address Resolution Protocol and Media Access Control |
563 |
|
| |
Dynamic Host Configuration Protocol and Addressing Control |
564 |
|
| |
Zero Configuration Networks |
565 |
|
| |
System Design and Architecture Against Insider Threats |
571 |
|
| |
Common Attacks |
574 |
|
| |
Summary |
575 |
|
| |
Chapter 18: Firewalls |
577 |
|
| |
Firewalls |
577 |
|
| |
Firewall Rules |
583 |
|
| |
The Use of Personal Firewalls |
588 |
|
| |
Summary |
594 |
|
| |
Chapter 19: Intrusion Detection/Prevention |
595 |
|
| |
Intrusion Detection Systems |
595 |
|
| |
Responses to Intrusion Detection |
602 |
|
| |
Emerging Technologies in Intrusion Detection Systems |
602 |
|
| |
Summary |
613 |
|
| |
Part V: Communication |
615 |
|
| |
Chapter 20: Secret Communication |
617 |
|
| |
What is Cryptography? |
618 |
|
| |
General Terms |
622 |
|
| |
Principles of Cryptography |
623 |
|
| |
Historic Cryptography |
627 |
|
| |
The Four Cryptographic Primitives |
633 |
|
| |
Putting These Primitives Together to Achieve CIA |
648 |
|
| |
The Difference Between Algorithm and Implementation |
649 |
|
| |
Proprietary Versus Open Source Algorithms |
652 |
|
| |
Attacks on Hash Functions |
653 |
|
| |
Quantum Cryptography |
663 |
|
| |
Summary |
674 |
|
| |
Chapter 21: Covert Communication |
677 |
|
| |
Where Hidden Data Hides |
677 |
|
| |
Where Did It Come From? |
679 |
|
| |
Where Is It Going? |
679 |
|
| |
Overview of Steganography |
680 |
|
| |
History of Steganography |
685 |
|
| |
Core Areas of Network Security and Their Relation to Steganography |
687 |
|
| |
Principles of Steganography |
689 |
|
| |
Steganography Compared to Cryptography |
690 |
|
| |
Types of Steganography |
692 |
|
| |
Products That Implement Steganography |
700 |
|
| |
Steganography Versus Digital Watermarking |
719 |
|
| |
Types of Digital Watermarking |
721 |
|
| |
Goals of Digital Watermarking |
722 |
|
| |
Digital Watermarking and Stego |
722 |
|
| |
Summary |
725 |
|
| |
Chapter 22: Applications of Secure/Covert Communication |
727 |
|
| |
E-mail |
728 |
|
| |
Authentication Servers |
731 |
|
| |
Working Model |
732 |
|
| |
Public Key Infrastructure |
734 |
|
| |
Virtual Private Networks |
738 |
|
| |
Secure Sockets Layer/Transport Layer Security |
745 |
|
| |
SSL Handshake |
746 |
|
| |
Summary |
750 |
|
| |
Part VI: The Security Threat and Response |
751 |
|
| |
Chapter 23: Intrusion Detection and Response |
753 |
|
| |
Intrusion Detection Mechanisms |
753 |
|
| |
Honeypots |
758 |
|
| |
Incident Handling |
762 |
|
| |
Summary |
773 |
|
| |
Chapter 24: Digital Forensics |
775 |
|
| |
Computer Forensics Defined |
776 |
|
| |
Traditional Computer Forensics |
776 |
|
| |
Proactive Forensics |
792 |
|
| |
Future Research Areas |
794 |
|
| |
The Forensic Life Cycle |
796 |
|
| |
Summary |
796 |
|
| |
Chapter 25: Security Assessments, Testing, and Evaluation |
797 |
|
| |
Information Assurance Approaches and Methodologies |
797 |
|
| |
Certification and Accreditation |
802 |
|
| |
DIACAP |
806 |
|
| |
Federal Information Processing Standard 102 |
809 |
|
| |
OMB Circular A-130 |
810 |
|
| |
The National Institute of Standards and Technology Assessment Guidelines |
811 |
|
| |
Penetration Testing |
816 |
|
| |
Auditing and Monitoring |
818 |
|
| |
Summary |
820 |
|
| |
Part VII: Integrated Cyber Security |
821 |
|
| |
Chapter 26: Validating Your Security |
823 |
|
| |
Overview |
823 |
|
| |
Current State of Penetration Testing |
826 |
|
| |
Formal Penetration Testing Methodology |
829 |
|
| |
Steps to Exploiting a System |
833 |
|
| |
Summary |
841 |
|
| |
Chapter 27: Data Protection |
843 |
|
| |
Endpoint Security |
845 |
|
| |
Insider Threats and Data Protection |
851 |
|
| |
Summary |
852 |
|
| |
Chapter 28: Putting Everything Together |
855 |
|
| |
Critical Problems Facing Organizations |
855 |
|
| |
General Tips for Protecting a Site |
861 |
|
| |
Security Best Practices |
865 |
|
| |
Summary |
880 |
|
| |
Chapter 29: The Future |
881 |
|
| |
Approaching the Problem |
881 |
|
| |
Mission Resilience |
883 |
|
| |
Limiting Failure Points |
890 |
|
| |
Summary |
893 |
|
| |
Index |
895 |
|
