A Practical Approach
- Jan Harrington, Professor and Department Chair, Computer Science, Marist College, Hyde Park, New York, U.S.A.
Network Security is a comprehensive resource written for anyone who plans or implements network security measures, including managers and practitioners. It offers a valuable dual perspective on security: how your network looks to hackers who want to get inside, and how you need to approach it on the inside to keep them at bay.You get all the hands-on technical advice you need to succeed, but also higher-level administrative guidance for developing an effective security policy. There may be no such thing as absolute security, but, as the author clearly demonstrates, there is a huge difference between the protection offered by routine reliance on third-party products and what you can achieve by actively making informed decisions. You’ll learn to do just that with this book’s assessments of the risks, rewards, and trade-offs related implementing security measures.View full description
Security practitioners, managers, and administrators working in IT and networking departments.
- Published: April 2005
- Imprint: MORGAN KAUFMANN
- ISBN: 978-0-12-311633-8
Table of ContentsChapter 1: In the Beginning1.0 Introduction1.1 Defining Security1.2 The Two Views of Network Security1.3 The Organizational Security Process1.4 Preparing a Security policy1.5 Security Audits1.6 SummaryChapter 2: Basic Security Architecture2.0 Introduction2.1 Secure Network Layouts2.2 Firewalls2.3 Hands On: Setting File and Directory Permissions2.4 SummaryChapter 3: Physical Security3.0 Introduction3.1 Dealing with Theft and Vandalism3.2 Protecting the System Console3.3 Managing System Failure3.4 Hands on: Providing Physical Security3.5 SummaryChapter 4: Information Gathering4.0 Introduction4.1 Social Engineering4.2 Using Published Information4.3 Port Scanning4.4 Network Mapping4.5 Hands On4.6 SummaryChapter 5: Gaining and Keeping Root Access5.0 Introduction 5.1 Root Kits5.2 Brute Force Entry Attacks and Intrusion Detection5.3 Buffer overflow Attacks5.4 Hands On5.5 SummaryChapter 6: Spoofing6.0 Introduction 6.1 TCP spoofing 6.2 DNS spoofing 6.3 IP (and E-Mail) spoofing6.4 Web spoofing6.5 Hands On6.6 SummaryChapter 7: Denial of Service Attacks7.0 Introduction7.1 Single source DoS Attacks7.2 Distributed DoS Attacks7.3 Hands On7.4 SummaryChapter 8: Malware8.0 Introduction8.1 A Bit of Malware History8.2 Types of Malware Based on Propagation Methods8.3 Hands On8.4 SummaryChapter 9: User and Password Security9.0 Introduction9.1 Password Policy9.2 Strong Passwords9.3 Password File Security9.4 Password Audits9.5 Enhancing Password Security with Tokens9.6 Hands On: Password Management Software9.7 SummaryChapter 10: Remote Access10.0 Introduction10.1 Remote Access Vulnerabilities10.2 VPNs10.3 Remote User Authentication10.4 Hands On: OS VPN Support10.5 SummaryChapter 11: Wireless Security11.0 Introduction11.1 Wireless Standards11.2 Wireless Network Vulnerabilities11.3 Wireless Security Provisions11.4 Hands On: Securing Your 802.11x Wireless Network11.5 SummaryChapter 12: Encryption12.0 Introduction12.1 To Encrypt or Not to Encrypt12.2 Single Key Encryption Schemes12.3 Two-Key Encryption Schemes12.4 Combining Single- and Two-Key Encryption12.5 Ensuring Message Integrity12.6 Message Authentication and Digital Certificates12.7 Composition and Purpose of PKI12.8 Hands On12.9 SummaryAppendix A: The TCP/IP Protocol Stack13.0 Introduction13.1 The Operation of a Protocol Stack13.2 The Application Layer13.3 The Transport Layer13.4 The Internet Layer13.5 The Logical Link Control Layer13.6 The MAC Layer13.7 The Physical LayerAppendix B: TCP and UDP Ports14.0 Well-Known Ports14.1 Registered Ports14.2 Port List ReferencesAppendix C: Security Update Sites15.0 Professional Security Update Sites15.1 Other Sites of InterestGlossaryIndex