You are previewing Computer Security Fundamentals, Third Edition.
O'Reilly logo
Computer Security Fundamentals, Third Edition

Book Description

ONE-VOLUME INTRODUCTION TO COMPUTER SECURITY

Clearly explains core concepts, terminology, challenges, technologies, and skills

Covers today’s latest attacks and countermeasures

The perfect beginner’s guide for anyone interested in a computer security career

Chuck Easttom brings together complete coverage of all basic concepts, terminology, and issues, along with all the skills you need to get started.

Drawing on 20+ years of experience as a security instructor, consultant, and researcher, Easttom helps you take a proactive, realistic approach to assessing threats and implementing countermeasures. Writing clearly and simply, he addresses crucial issues that many introductory security books ignore, while addressing the realities of a world where billions of new devices are Internet-connected.

This guide covers web attacks, hacking, spyware, network defense, security appliances, VPNs, password use, and much more. Its many tips and examples reflect new industry trends and the state-of-the-art in both attacks and defense. Exercises, projects, and review questions in every chapter help you deepen your understanding and apply all you’ve learned.

Whether you’re a student, a professional, or a manager, this guide will help you protect your assets—and expand your career options.

Learn how to

·         Identify and prioritize potential threats to your network

·         Use basic networking knowledge to improve security

·         Get inside the minds of hackers, so you can deter their attacks

·         Implement a proven layered approach to network security

·         Resist modern social engineering attacks

·         Defend against today’s most common Denial of Service (DoS) attacks

·         Halt viruses, spyware, worms, Trojans, and other malware

·         Prevent problems arising from malfeasance or ignorance

·         Choose the best encryption methods for your organization

·         Compare security technologies, including the latest security appliances

·         Implement security policies that will work in your environment

·         Scan your network for vulnerabilities

·         Evaluate potential security consultants

·         Master basic computer forensics and know what to do if you’re attacked

·         Learn how cyberterrorism and information warfare are evolving

Table of Contents

  1. About This E-Book
  2. Title Page
  3. Copyright Page
  4. Contents at a Glance
  5. Table of Contents
  6. About the Author
    1. About the Technical Reviewer
  7. Dedication
  8. Acknowledgments
  9. We Want to Hear from You!
  10. Reader Services
  11. Introduction
  12. Chapter 1. Introduction to Computer Security
    1. Introduction
    2. How Seriously Should You Take Threats to Network Security?
    3. Identifying Types of Threats
      1. Malware
      2. Compromising System Security
      3. DoS Attacks
      4. Web Attacks
      5. Session Hijacking
      6. Insider Threats
      7. DNS Poisoning
      8. New Attacks
    4. Assessing the Likelihood of an Attack on Your Network
    5. Basic Security Terminology
      1. Hacker Slang
      2. Professional Terms
    6. Concepts and Approaches
    7. How Do Legal Issues Impact Network Security?
    8. Online Security Resources
      1. CERT
      2. Microsoft Security Advisor
      3. F-Secure
      4. SANS Institute
    9. Summary
    10. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  13. Chapter 2. Networks and the Internet
    1. Introduction
    2. Network Basics
      1. The Physical Connection: Local Networks
      2. Faster Connection Speeds
      3. Data Transmission
    3. How the Internet Works
      1. IP Addresses
      2. CIDR
      3. Uniform Resource Locators
      4. What Is a Packet?
      5. Basic Communications
    4. History of the Internet
    5. Basic Network Utilities
      1. IPConfig
      2. Ping
      3. Tracert
      4. Netstat
      5. NSLookup
    6. Other Network Devices
    7. Advanced Network Communications Topics
      1. The OSI Model
      2. Media Access Control (MAC) Addresses
    8. Summary
    9. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  14. Chapter 3. Cyber Stalking, Fraud, and Abuse
    1. Introduction
    2. How Internet Fraud Works
      1. Investment Offers
      2. Auction Frauds
    3. Identity Theft
      1. Phishing
    4. Cyber Stalking
      1. Real Cyber Stalking Cases
      2. How to Evaluate Cyber Stalking
      3. Crimes Against Children
      4. Laws About Internet Fraud
    5. Protecting Yourself Against Cyber Crime
      1. Protecting Against Investment Fraud
      2. Protecting Against Identity Theft
      3. Secure Browser Settings
    6. Summary
    7. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  15. Chapter 4. Denial of Service Attacks
    1. Introduction
    2. DoS
    3. Illustrating an Attack
      1. Common Tools Used for DoS
      2. DoS Weaknesses
      3. Specific DoS Attacks
      4. Land Attack
      5. DDoS
    4. Summary
    5. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  16. Chapter 5. Malware
    1. Introduction
    2. Viruses
      1. How a Virus Spreads
      2. Types of Viruses
      3. Virus Examples
      4. Rombertik
      5. Gameover ZeuS
      6. CryptoLocker and CryptoWall
      7. FakeAV
      8. MacDefender
      9. Troj/Invo-Zip
      10. W32/Netsky-P
      11. The Sobig Virus
      12. The Mimail Virus
      13. The Bagle Virus
      14. A Nonvirus Virus
      15. Flame
      16. Rules for Avoiding Viruses
    3. Trojan Horses
    4. The Buffer-Overflow Attack
    5. The Sasser Virus/Buffer Overflow
    6. Spyware
      1. Legal Uses of Spyware
      2. How Is Spyware Delivered to a Target System?
      3. Obtaining Spyware Software
    7. Other Forms of Malware
      1. Rootkit
      2. Malicious Web-Based Code
      3. Logic Bombs
      4. Spam
      5. Advanced Persistent Threats
    8. Detecting and Eliminating Viruses and Spyware
      1. Antivirus Software
      2. Antispyware Software
      3. Remediation Steps
    9. Summary
    10. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  17. Chapter 6. Techniques Used by Hackers
    1. Introduction
    2. Basic Terminology
    3. The Reconnaissance Phase
      1. Passive Scanning Techniques
      2. Active Scanning Techniques
    4. Actual Attacks
      1. SQL Script Injection
      2. Cross-Site Scripting
      3. Password Cracking
    5. Malware Creation
      1. Windows Hacking Techniques
    6. Penetration Testing
      1. NIST 800-115
      2. National Security Agency Information Assessment Methodology
      3. PCI Penetration Testing Standard
    7. Summary
    8. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  18. Chapter 7. Industrial Espionage in Cyberspace
    1. Introduction
    2. What Is Industrial Espionage?
    3. Information as an Asset
    4. Real-World Examples of Industrial Espionage
      1. Example 1: Houston Astros
      2. Example 2: University Trade Secrets
      3. Example 3: VIA Technology
      4. Example 4: General Motors
      5. Example 5: Bloomberg, Inc.
      6. Example 6: Interactive Television Technologies, Inc.
      7. Trends in Industrial Espionage
      8. Industrial Espionage and You
    5. How Does Espionage Occur?
      1. Low-Tech Industrial Espionage
      2. Spyware Used in Industrial Espionage
    6. Steganography Used in Industrial Espionage
    7. Phone Taps and Bugs
    8. Protecting Against Industrial Espionage
    9. Industrial Espionage Act
    10. Spear Phishing
    11. Summary
    12. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  19. Chapter 8. Encryption
    1. Introduction
    2. Cryptography Basics
    3. History of Encryption
      1. The Caesar Cipher
      2. Atbash
      3. Multi-Alphabet Substitution
      4. Rail Fence
      5. Enigma
      6. Binary Operations
    4. Modern Methods
      1. Single-Key (Symmetric) Encryption
      2. Modification of Symmetric Methods
    5. Public Key (Asymmetric) Encryption
      1. RSA
      2. Diffie-Hellman
      3. Elliptic Curve
    6. PGP
    7. Legitimate Versus Fraudulent Encryption Methods
    8. Digital Signatures
    9. Hashing
      1. MD5
      2. SHA
      3. RipeMD
    10. MAC and HMAC
      1. Rainbow Tables
    11. Steganography
      1. Historical Steganography
      2. Methods and Tools
    12. Cryptanalysis
      1. Frequency Analysis
      2. Modern Methods
    13. Cryptography Used on the Internet
    14. Summary
    15. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  20. Chapter 9. Computer Security Technology
    1. Introduction
    2. Virus Scanners
      1. How Does a Virus Scanner Work?
      2. Virus-Scanning Techniques
      3. Commercial Antivirus Software
    3. Firewalls
      1. Benefits and Limitation of Firewalls
      2. Firewall Types and Components
      3. Firewall Configurations
      4. Commercial and Free Firewall Products
      5. Firewall Logs
    4. Antispyware
    5. IDS
      1. IDS Categorization
      2. Identifying an Intrusion
      3. IDS Elements
      4. Snort
      5. Honey Pots
      6. Database Activity Monitoring
      7. Other Preemptive Techniques
      8. Authentication
    6. Digital Certificates
    7. SSL/TLS
    8. Virtual Private Networks
      1. Point-to-Point Tunneling Protocol
      2. Layer 2 Tunneling Protocol
      3. IPsec
    9. Wi-Fi Security
      1. Wired Equivalent Privacy
      2. Wi-Fi Protected Access
      3. WPA2
    10. Summary
    11. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  21. Chapter 10. Security Policies
    1. Introduction
    2. What Is a Policy?
    3. Defining User Policies
      1. Passwords
      2. Internet Use
      3. Email Usage
      4. Installing/Uninstalling Software
      5. Instant Messaging
      6. Desktop Configuration
      7. Bring Your Own Device
      8. Final Thoughts on User Policies
    4. Defining System Administration Policies
      1. New Employees
      2. Departing Employees
      3. Change Requests
      4. Security Breaches
      5. Virus Infection
      6. DoS Attacks
      7. Intrusion by a Hacker
    5. Defining Access Control
    6. Developmental Policies
    7. Standards, Guidelines, and Procedures
    8. Data Classification
      1. DoD Clearances
    9. Disaster Recovery
      1. Disaster Recovery Plan
      2. Business Continuity Plan
      3. Impact Analysis?
      4. Fault Tolerance
    10. Important Laws
      1. HIPAA
      2. Sarbanes-Oxley
      3. Payment Card Industry Data Security Standards
    11. Summary
    12. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  22. Chapter 11. Network Scanning and Vulnerability Scanning
    1. Introduction
    2. Basics of Assessing a System
      1. Patch
      2. Ports
      3. Protect
      4. Policies
      5. Probe
      6. Physical
    3. Securing Computer Systems
      1. Securing an Individual Workstation
      2. Securing a Server
      3. Securing a Network
    4. Scanning Your Network
      1. MBSA
      2. NESSUS
    5. Getting Professional Help
    6. Summary
    7. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  23. Chapter 12. Cyber Terrorism and Information Warfare
    1. Introduction
    2. Actual Cases of Cyber Terrorism
      1. The Chinese Eagle Union
      2. China’s Advanced Persistent Threat
      3. India and Pakistan
      4. Russian Hackers
    3. Weapons of Cyber Warfare
      1. Stuxnet
      2. Flame
      3. StopGeorgia.ru Malware
      4. FinFisher
      5. BlackEnergy
      6. NSA ANT Catalog
    4. Economic Attacks
    5. Military Operations Attacks
    6. General Attacks
    7. Supervisory Control and Data Acquisitions (SCADA)
    8. Information Warfare
      1. Propaganda
      2. Information Control
      3. Disinformation
    9. Actual Cases
    10. Future Trends
      1. Positive Trends
      2. Negative Trends
    11. Defense Against Cyber Terrorism
    12. Terrorist Recruiting and Communication
    13. TOR and the Dark Web
    14. Summary
    15. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  24. Chapter 13. Cyber Detective
    1. Introduction
    2. General Searches
    3. Court Records and Criminal Checks
      1. Sex Offender Registries
      2. Civil Court Records
      3. Other Resources
    4. Usenet
    5. Summary
    6. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
      3. Projects
  25. Chapter 14. Introduction to Forensics
    1. Introduction
    2. General Guidelines
      1. Don’t Touch the Suspect Drive
      2. Image a Drive with Forensic Toolkit
      3. Can You Ever Conduct Forensics on a Live Machine?
      4. Document Trail
      5. Secure the Evidence
      6. Chain of Custody
      7. FBI Forensics Guidelines
      8. U.S. Secret Service Forensics Guidelines
      9. EU Evidence Gathering
      10. Scientific Working Group on Digital Evidence
      11. Locard’s Principle of Transference
      12. Tools
    3. Finding Evidence on the PC
      1. Finding Evidence in the Browser
    4. Finding Evidence in System Logs
      1. Windows Logs
      2. Linux Logs
    5. Getting Back Deleted Files
    6. Operating System Utilities
      1. Net Sessions
      2. Openfiles
      3. Fc
      4. Netstat
    7. The Windows Registry
      1. Specific Entries
    8. Mobile Forensics: Cell Phone Concepts
      1. Cell Concepts Module
      2. Cellular Networks
      3. iOS
      4. Android
      5. Windows
      6. What You Should Look For
    9. The Need for Forensic Certification
    10. Expert Witnesses
      1. Federal Rule 702
      2. Daubert
    11. Additional Types of Forensics
      1. Network Forensics
      2. Virtual Forensics
    12. Summary
    13. Test Your Skills
      1. Multiple Choice Questions
      2. Exercises
  26. Appendix A. Glossary
  27. Appendix B. Resources
    1. General Computer Crime and Cyber Terrorism
    2. General Knowledge
    3. Cyber Stalking
    4. Identity Theft
    5. Port Scanners and Sniffers
    6. Password Crackers
    7. Countermeasures
    8. Cyber Investigation Tools
    9. General Tools
    10. Virus Research
  28. Appendix C. Answers to the Multiple Choice Questions
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
    12. Chapter 12
    13. Chapter 13
    14. Chapter 14
  29. Index
  30. Code Snippets