How to Cheat at Securing Your Network book cover

How to Cheat at Securing Your Network

Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction. The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery.

Audience
System Administrators responsible for securing networks in small to mid-size enterprises.

Paperback, 432 Pages

Published: October 2007

Imprint: Syngress

ISBN: 978-1-59749-231-7

Contents


  • Chapter 1 General Security Concepts: Access Control, Authentication, and Auditing

    Introduction to AAA

    What is AAA?

    Access Control

    Authentication

    Auditing

    Access Control

    MAC/DAC/RBAC

    MAC

    DAC

    RBAC

    Authentication

    Kerberos

    CHAP

    Certificates

    Username/Password

    Tokens

    Multi-factor

    Mutual Authentication

    Biometrics

    Auditing

    Auditing Systems

    Logging

    System Scanning

    Disabling Non-essential Services, Protocols, Systems and Processes

    Non-essential Services

    Non-essential Protocols

    Disabling Non-essential Systems

    Disabling Non-essential Processes

    Disabling Non-Essential Programs

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 2 General Security Concepts: Attacks

    Attacks

    Active Attacks

    DoS and DDoS

    Resource Consumption Attacks

    SYN Attacks

    DDoS Attacks

    Software Exploitation and Buffer Overflows

    MITM Attacks

    TCP/IP Hijacking

    Replay Attacks

    Spoofing Attacks

    IP Spoofing

    E-mail Spoofing

    Web Site Spoofing

    Phishing

    Wardialing

    Dumpster Diving

    Social Engineering

    Vulnerability Scanning

    Passive Attacks

    Sniffing and Eavesdropping

    Password Attacks

    Brute Force Attacks

    Dictionary-based Attacks

    Malicious Code Attacks

    Viruses

    Worms

    Trojan Horses

    Rootkits

    Back Doors

    Logic Bombs

    Spyware and Adware

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 3 Communication Security: Remote Access and Messaging

    Introduction

    he Need for Communication Security

    Communications-based Security

    Remote Access Security

    802.1x

    EAP

    Vulnerabilities

    Media Access Control Authentication

    VPN

    Site-to-site VPN

    Remote Access VPN

    RADIUS

    Authentication Process

    Vulnerabilities

    TACACS/+

    TACACS

    XTACACS

    TACACS+

    Vulnerabilities

    PPTP/L2TP

    PPTP

    L2TP

    SSH

    How SSH Works

    IPSec

    IPSec Authentication

    ISAKMP

    Vulnerabilities

    Eavesdropping

    Data Modification

    Identity Spoofing

    User Vulnerabilities and Errors

    Administrator Vulnerabilities and Errors

    E-mail Security

    MIME

    S/MIME

    PGP

    How PGP Works

    Vulnerabilities

    SMTP Relay

    Spoofing

    E-mail and Mobility

    E-mail and Viruses

    Spam

    Hoaxes

    Phishing

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 4 Communication Security: Wireless

    Introduction

    Wireless Concepts

    Understanding Wireless Networks

    Overview of Wireless

    Communication in a Wireless Network

    Radio Frequency Communications

    Spread Spectrum Technology

    Wireless Network Architecture

    CSMA/CD and CSMA/CA

    Wireless Local Area Networks

    WAP

    WTLS

    IEEE 802.11

    IEEE 802.11b

    Ad-Hoc and Infrastructure Network Configuration

    WEP

    Creating Privacy with WEP

    Authentication

    Common Exploits of Wireless Networks

    Passive Attacks on Wireless Networks

    Active Attacks on Wireless Networks

    MITM Attacks on Wireless Networks

    Wireless Vulnerabilities

    WAP Vulnerabilities

    WEP Vulnerabilities

    Security of 64-Bit vs. 128-Bit Keys

    Acquiring a WEP Key

    Addressing Common Risks and Threats

    Finding a Target

    Finding Weaknesses in a Target

    Exploiting Those Weaknesses

    Sniffing

    Protecting Against Sniffing and Eavesdropping

    Spoofing (Interception) and Unauthorized Access

    Protecting Against Spoofing and Unauthorized Attacks

    Network Hijacking and Modification

    Protection against Network

    Hijacking and Modification

    Denial of Service and Flooding Attacks

    Protecting Against DoS and Flooding Attacks

    IEEE 802.1x Vulnerabilities

    Site Surveys

    Additional Security Measures for Wireless Networks

    Using a Separate Subnet for Wireless Networks

    Using VPNs for Wireless Access to Wired Network

    Temporal Key Integrity Protocol

    Message Integrity Code (MIC)

    IEEE 802.11i Standard

    Implementing Wireless Security: Common Best Practices

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 5 Communication Security: Web Based Services

    Introduction

    Web Security

    Web Server Lockdown

    Managing Access Control

    Handling Directory and Data Structures

    Eliminating Scripting Vulnerabilities

    Logging Activity

    Performing Backups

    Maintaining Integrity

    Finding Rogue Web Servers

    Stopping Browser Exploits

    Exploitable Browser Characteristics

    Cookies

    Web Spoofing

    Web Server Exploits

    SSL and HTTP/S

    SSL and TLS

    HTTP/S

    TLS

    S-HTTP

    Instant Messaging

    Packet Sniffers and Instant Messaging7

    Text Messaging and Short Message Service (SMS)

    Web-based Vulnerabilities

    Understanding Java-, JavaScript-, and ActiveX-based Problems

    Preventing Problems with

    Java, JavaScript, and ActiveX

    Programming Secure Scripts

    Code Signing: Solution or More Problems?

    Understanding Code Signing

    The Benefits of Code Signing

    Problems with the Code Signing Process

    Buffer Overflows

    Making Browsers and E-mail Clients More Secure

    Restricting Programming Languages

    Keep Security Patches Current

    Securing Web Browser Software

    Securing Microsoft IE

    CGI

    What is a CGI Script and What Does It Do?

    Typical Uses of CGI Scripts

    Break-ins Resulting from Weak CGI Scripts

    CGI Wrappers

    Nikto

    FTP Security

    Active and Passive FTP

    S/FTP

    Secure Copy

    Blind FTP/Anonymous

    FTP Sharing and Vulnerabilities

    Packet Sniffing FTP Transmissions

    Directory Services and LDAP Security

    LDAP

    LDAP Directories

    Organizational Units

    Objects, Attributes and the Schema

    Securing LDAP

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 6 Infrastructure Security: Devices and Media

    Introduction

    Device-based Security

    Firewalls

    Packet-filtering Firewalls

    Application-layer Gateways

    Stateful Inspection Firewalls

    Routers

    Switches

    Wireless

    Modems

    RAS

    Telecom/PBX

    Virtual Private Network

    IDS

    Network Monitoring/Diagnostic

    Workstations

    Servers

    Mobile Devices

    Media-based Security

    Coax

    Thin Coax

    Thick Coax

    Vulnerabilities of Coax Cabling

    UTP/STP

    Fiber Optic

    Removable Media

    Magnetic Tape

    CDRs

    Hard Drives

    Diskettes

    Flashcards

    Smart Cards

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 7 Topologies and IDS

    Introduction

    Security Topologies

    Security Zones

    Introducing the Demilitarized Zone

    Intranet

    Extranet

    VLANs

    Network Address Translation

    Tunneling

    Intrusion Detection

    Characterizing IDSes

    Signature-based IDSes and Detection Evasion

    Popular Commercial IDS Systems

    Honeypots and Honeynets

    Judging False Positives and Negatives

    Incident Response

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 8 Infrastructure Security: System Hardening

    Introduction

    Concepts and Processes of OS and NOS Hardening

    File System

    Updates

    Hotfixes

    Service Packs

    Patches

    Network Hardening

    pdates (Firmware)

    Configuration

    Enabling and Disabling Services and Protocols

    ACLs

    Application Hardening

    Updates

    Hotfixes

    Service Packs

    Patches

    Web Servers

    E-mail Servers

    FTP Servers

    DNS Servers

    NNTP Servers

    File and Print Servers

    DHCP Servers

    Data Repositories

    Directory Services

    Network Access Control

    Databases

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9 Basics of Cryptography

    Introduction

    Algorithms

    What Is Encryption?

    Symmetric Encryption Algorithms

    Data Encryption Standard and

    Triple Data Encryption Standard

    Advanced Encryption Standard (Rijndael)

    IDEA

    Asymmetric Encryption Algorithms

    Diffie-Hellman

    El Gamal

    RSA

    Hashing Algorithms

    Concepts of Using Cryptography

    Confidentiality

    Integrity

    Digital Signatures

    MITM Attacks

    Authentication

    Non-Repudiation

    Access Control

    One-time Pad

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 10 Public Key Infrastructure

    Introduction

    PKI

    Trust Models

    Web-of-trust Model

    Single Certificate Authority Model

    Hierarchical Model

    Certificates

    X.509

    Certificate Policies

    Certificate Practice Statements

    Revocation

    Certificate Revocation List

    OCSP

    Standards and Protocols

    Key Management and Certificate Lifecycle

    Centralized vs. Decentralized

    Storage

    Hardware Key Storage vs. Software Key Storage

    Private Key Protection

    Escrow

    Expiration

    Revocation

    Status Checking

    Suspension

    Status Checking

    Recovery

    Key Recovery Information

    M of N Control

    Renewal

    Destruction

    Key Usage

    Multiple Key Pairs (Single, Dual)

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Index


Advertisement

advert image