How to Cheat at Securing Your Network

By

  • Ido Dubrawsky, Chief Security Advisor, Microsoft's Communication Sector North America, a division of the Mobile and Embedded Devices Group

Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction. The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery.
View full description

Audience

System Administrators responsible for securing networks in small to mid-size enterprises.

 

Book information

  • Published: October 2007
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-231-7


Table of Contents


Chapter 1 General Security Concepts: Access Control, Authentication, and Auditing

Introduction to AAA

What is AAA?

Access Control

Authentication

Auditing

Access Control

MAC/DAC/RBAC

MAC

DAC

RBAC

Authentication

Kerberos

CHAP

Certificates

Username/Password

Tokens

Multi-factor

Mutual Authentication

Biometrics

Auditing

Auditing Systems

Logging

System Scanning

Disabling Non-essential Services, Protocols, Systems and Processes

Non-essential Services

Non-essential Protocols

Disabling Non-essential Systems

Disabling Non-essential Processes

Disabling Non-Essential Programs

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 2 General Security Concepts: Attacks

Attacks

Active Attacks

DoS and DDoS

Resource Consumption Attacks

SYN Attacks

DDoS Attacks

Software Exploitation and Buffer Overflows

MITM Attacks

TCP/IP Hijacking

Replay Attacks

Spoofing Attacks

IP Spoofing

E-mail Spoofing

Web Site Spoofing

Phishing

Wardialing

Dumpster Diving

Social Engineering

Vulnerability Scanning

Passive Attacks

Sniffing and Eavesdropping

Password Attacks

Brute Force Attacks

Dictionary-based Attacks

Malicious Code Attacks

Viruses

Worms

Trojan Horses

Rootkits

Back Doors

Logic Bombs

Spyware and Adware

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 3 Communication Security: Remote Access and Messaging

Introduction

he Need for Communication Security

Communications-based Security

Remote Access Security

802.1x

EAP

Vulnerabilities

Media Access Control Authentication

VPN

Site-to-site VPN

Remote Access VPN

RADIUS

Authentication Process

Vulnerabilities

TACACS/+

TACACS

XTACACS

TACACS+

Vulnerabilities

PPTP/L2TP

PPTP

L2TP

SSH

How SSH Works

IPSec

IPSec Authentication

ISAKMP

Vulnerabilities

Eavesdropping

Data Modification

Identity Spoofing

User Vulnerabilities and Errors

Administrator Vulnerabilities and Errors

E-mail Security

MIME

S/MIME

PGP

How PGP Works

Vulnerabilities

SMTP Relay

Spoofing

E-mail and Mobility

E-mail and Viruses

Spam

Hoaxes

Phishing

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 4 Communication Security: Wireless

Introduction

Wireless Concepts

Understanding Wireless Networks

Overview of Wireless

Communication in a Wireless Network

Radio Frequency Communications

Spread Spectrum Technology

Wireless Network Architecture

CSMA/CD and CSMA/CA

Wireless Local Area Networks

WAP

WTLS

IEEE 802.11

IEEE 802.11b

Ad-Hoc and Infrastructure Network Configuration

WEP

Creating Privacy with WEP

Authentication

Common Exploits of Wireless Networks

Passive Attacks on Wireless Networks

Active Attacks on Wireless Networks

MITM Attacks on Wireless Networks

Wireless Vulnerabilities

WAP Vulnerabilities

WEP Vulnerabilities

Security of 64-Bit vs. 128-Bit Keys

Acquiring a WEP Key

Addressing Common Risks and Threats

Finding a Target

Finding Weaknesses in a Target

Exploiting Those Weaknesses

Sniffing

Protecting Against Sniffing and Eavesdropping

Spoofing (Interception) and Unauthorized Access

Protecting Against Spoofing and Unauthorized Attacks

Network Hijacking and Modification

Protection against Network

Hijacking and Modification

Denial of Service and Flooding Attacks

Protecting Against DoS and Flooding Attacks

IEEE 802.1x Vulnerabilities

Site Surveys

Additional Security Measures for Wireless Networks

Using a Separate Subnet for Wireless Networks

Using VPNs for Wireless Access to Wired Network

Temporal Key Integrity Protocol

Message Integrity Code (MIC)

IEEE 802.11i Standard

Implementing Wireless Security: Common Best Practices

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 5 Communication Security: Web Based Services

Introduction

Web Security

Web Server Lockdown

Managing Access Control

Handling Directory and Data Structures

Eliminating Scripting Vulnerabilities

Logging Activity

Performing Backups

Maintaining Integrity

Finding Rogue Web Servers

Stopping Browser Exploits

Exploitable Browser Characteristics

Cookies

Web Spoofing

Web Server Exploits

SSL and HTTP/S

SSL and TLS

HTTP/S

TLS

S-HTTP

Instant Messaging

Packet Sniffers and Instant Messaging7

Text Messaging and Short Message Service (SMS)

Web-based Vulnerabilities

Understanding Java-, JavaScript-, and ActiveX-based Problems

Preventing Problems with

Java, JavaScript, and ActiveX

Programming Secure Scripts

Code Signing: Solution or More Problems?

Understanding Code Signing

The Benefits of Code Signing

Problems with the Code Signing Process

Buffer Overflows

Making Browsers and E-mail Clients More Secure

Restricting Programming Languages

Keep Security Patches Current

Securing Web Browser Software

Securing Microsoft IE

CGI

What is a CGI Script and What Does It Do?

Typical Uses of CGI Scripts

Break-ins Resulting from Weak CGI Scripts

CGI Wrappers

Nikto

FTP Security

Active and Passive FTP

S/FTP

Secure Copy

Blind FTP/Anonymous

FTP Sharing and Vulnerabilities

Packet Sniffing FTP Transmissions

Directory Services and LDAP Security

LDAP

LDAP Directories

Organizational Units

Objects, Attributes and the Schema

Securing LDAP

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 6 Infrastructure Security: Devices and Media

Introduction

Device-based Security

Firewalls

Packet-filtering Firewalls

Application-layer Gateways

Stateful Inspection Firewalls

Routers

Switches

Wireless

Modems

RAS

Telecom/PBX

Virtual Private Network

IDS

Network Monitoring/Diagnostic

Workstations

Servers

Mobile Devices

Media-based Security

Coax

Thin Coax

Thick Coax

Vulnerabilities of Coax Cabling

UTP/STP

Fiber Optic

Removable Media

Magnetic Tape

CDRs

Hard Drives

Diskettes

Flashcards

Smart Cards

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 7 Topologies and IDS

Introduction

Security Topologies

Security Zones

Introducing the Demilitarized Zone

Intranet

Extranet

VLANs

Network Address Translation

Tunneling

Intrusion Detection

Characterizing IDSes

Signature-based IDSes and Detection Evasion

Popular Commercial IDS Systems

Honeypots and Honeynets

Judging False Positives and Negatives

Incident Response

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 8 Infrastructure Security: System Hardening

Introduction

Concepts and Processes of OS and NOS Hardening

File System

Updates

Hotfixes

Service Packs

Patches

Network Hardening

pdates (Firmware)

Configuration

Enabling and Disabling Services and Protocols

ACLs

Application Hardening

Updates

Hotfixes

Service Packs

Patches

Web Servers

E-mail Servers

FTP Servers

DNS Servers

NNTP Servers

File and Print Servers

DHCP Servers

Data Repositories

Directory Services

Network Access Control

Databases

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 9 Basics of Cryptography

Introduction

Algorithms

What Is Encryption?

Symmetric Encryption Algorithms

Data Encryption Standard and

Triple Data Encryption Standard

Advanced Encryption Standard (Rijndael)

IDEA

Asymmetric Encryption Algorithms

Diffie-Hellman

El Gamal

RSA

Hashing Algorithms

Concepts of Using Cryptography

Confidentiality

Integrity

Digital Signatures

MITM Attacks

Authentication

Non-Repudiation

Access Control

One-time Pad

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 10 Public Key Infrastructure

Introduction

PKI

Trust Models

Web-of-trust Model

Single Certificate Authority Model

Hierarchical Model

Certificates

X.509

Certificate Policies

Certificate Practice Statements

Revocation

Certificate Revocation List

OCSP

Standards and Protocols

Key Management and Certificate Lifecycle

Centralized vs. Decentralized

Storage

Hardware Key Storage vs. Software Key Storage

Private Key Protection

Escrow

Expiration

Revocation

Status Checking

Suspension

Status Checking

Recovery

Key Recovery Information

M of N Control

Renewal

Destruction

Key Usage

Multiple Key Pairs (Single, Dual)

Summary

Solutions Fast Track

Frequently Asked Questions

Index