Description

Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction. The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery.

Key Features

* A concise information source - perfect for busy System Administrators with little spare time * Details what to do when disaster strikes your network * Covers the most likely threats to small to medium sized networks

Readership

System Administrators responsible for securing networks in small to mid-size enterprises.

Table of Contents

Chapter 1 General Security Concepts: Access Control, Authentication, and Auditing Introduction to AAA What is AAA? Access Control Authentication Auditing Access Control MAC/DAC/RBAC MAC DAC RBAC Authentication Kerberos CHAP Certificates Username/Password Tokens Multi-factor Mutual Authentication Biometrics Auditing Auditing Systems Logging System Scanning Disabling Non-essential Services, Protocols, Systems and Processes Non-essential Services Non-essential Protocols Disabling Non-essential Systems Disabling Non-essential Processes Disabling Non-Essential Programs Summary Solutions Fast Track Frequently Asked Questions Chapter 2 General Security Concepts: Attacks Attacks Active Attacks DoS and DDoS Resource Consumption Attacks SYN Attacks DDoS Attacks Software Exploitation and Buffer Overflows MITM Attacks TCP/IP Hijacking Replay Attacks Spoofing Attacks IP Spoofing E-mail Spoofing Web Site Spoofing Phishing Wardialing Dumpster Diving Social Engineering Vulnerability Scanning Passive Attacks Sniffing and Eavesdropping Password Attacks Brute Force Attacks Dictionary-based Attacks Maliciou

Details

No. of pages:
432
Language:
English
Copyright:
© 2007
Published:
Imprint:
Syngress
Print ISBN:
9781597492317
Electronic ISBN:
9780080558646

About the editor

Ido Dubrawsky

Ido Dubrawsky (CISSP, CCNA, CCDA) is the Chief Security Advisor for Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group. Prior to working at Microsoft, Ido was the acting Security Consulting Practice Lead at AT&T’s Callisma subsidiary and a Senior Security Consultant. Before joining AT&T, Ido was a Network Security Architect for Cisco Systems, Inc., SAFE Architecture Team. He has worked in the systems and network administration field for almost 20 years in a variety of environments from government to academia to private enterprise. He has a wide range of experience in various networks, from small to large and relatively simple to complex. Ido is the primary author of three major SAFE white papers and has written, and spoken, extensively on security topics. He is a regular contributor to the SecurityFocus website on a variety of topics covering security issues. Previously, he worked in Cisco Systems, Inc. Secure Consulting Group, providing network security posture assessments and consulting services for a wide range of clients. In addition to providing penetration-testing consultation, he also conducted security architecture reviews and policy and process reviews. He holds a B.Sc. and a M.Sc. in Aerospace Engineering from the University of Texas at Austin.