You are previewing Mastering™ Network Security, Second Edition.
O'Reilly logo
Mastering™ Network Security, Second Edition

Book Description

The Technology You Need is Out There. The Expertise You Need is in Here.

Expertise is what makes hackers effective. It's what will make you effective, too, as you fight to keep them at bay. Mastering Network Security has been fully updated to reflect the latest developments in security technology, but it does much more than bring you up to date. More importantly, it gives you a comprehensive understanding of the threats to your organization's network and teaches you a systematic approach in which you make optimal use of the technologies available to you. Coverage includes:

  • Understanding security from a topological perspective

  • Configuring Cisco router security features

  • Selecting and configuring a firewall

  • Configuring Cisco's PIX firewall

  • Configuring an intrusion detection system

  • Providing data redundancy

  • Configuring a Virtual Private Network

  • Securing your wireless network

  • Implementing authentication and encryption solutions

  • Recognizing hacker attacks

  • Detecting and eradicating viruses

  • Getting up-to-date security information

  • Locking down Windows NT/2000/XP servers

  • Securing UNIX, Linux, and FreBSD systems

Table of Contents

  1. Copyright
  2. Dedication
  3. Acknowledgments
  4. Introduction
  5. A Systems Analysis Approach to Information Technology
    1. An Introduction to Systems Analysis
    2. Applying Systems Analysis to Information Technology
    3. Summary
  6. Security as a Process
    1. Survival of the Fittest: The Myth of Total Security
    2. Risk Mitigation: Case Studies of Success and Failure
    3. The Systems Development Life Cycle (SDLC): Security as a Process from Beginning to End
    4. Steady As It Goes: Putting the "Constant" Back into Vigilance
    5. Summary
  7. Understanding How Network Systems Communicate
    1. The Anatomy of a Frame of Data
    2. A Protocol's Job
    3. The OSI Model
    4. Routers
    5. Connectionless and Connection-Oriented Communications
    6. Network Services
    7. Upper Layer Communications
    8. Summary
  8. Topology Security
    1. Understanding Network Transmissions
    2. Topology Security
    3. Basic Networking Hardware
    4. Summary
  9. Firewalls
    1. Defining an Access Control Policy
    2. Definition of a Firewall
    3. When Is a Firewall Required?
    4. Firewall Functions
    5. Firewall Types
    6. Which Firewall Functions Should I Use?
    7. Which Type Should I Choose?
    8. Additional Firewall Considerations
    9. Firewall Deployment
    10. Summary
  10. Cisco's PIX Firewall
    1. An Overview of PIX
    2. Installing PIX
    3. Configuring PIX
    4. Configuring PIX Security
    5. Summary
  11. Intrusion Detection Systems
    1. IDS Types
    2. NIDS Limitations
    3. Host-Based IDS
    4. NIDS Fusion
    5. Snort: A Popular NIDS
    6. Summary
  12. Authentication and Encryption
    1. The Need for Improved Security
    2. Good Authentication Required
    3. Encryption 101
    4. Good Encryption Required
    5. Solutions
    6. Summary
  13. Virtual Private Networking
    1. VPN Basics
    2. Setting Up a VPN
    3. Summary
  14. Viruses, Trojans, and Worms
    1. Viruses: The Statistics
    2. What Is a Virus?
    3. Worms
    4. Trojan Horses
    5. Preventive Measures
    6. Deploying Virus Protection
    7. Summary
  15. Disaster Prevention and Recovery
    1. Disaster Categories
    2. Network Disasters
    3. Topology
    4. Server Disasters
    5. Extreme Disasters
    6. VERITAS Storage Replicator
    7. Summary
  16. The Wide World of Windows
    1. NT Overview
    2. Active Directory
    3. The Domain Structure
    4. User Accounts
    5. The File System
    6. Logging
    7. Security Patches
    8. Available IP Services
    9. Packet Filtering with Windows NT
    10. Securing DCOM
    11. Ports Used by Windows Services
    12. Additional Registry Key Changes
    13. Windows 2000
    14. Windows .NET
    15. Summary
  17. Unix-Based Systems
    1. Unix History
    2. The Unix File System
    3. Account Administration
    4. Optimizing the Unix Kernel
    5. IP Service Administration
    6. Unix Checklist Overview
    7. Summary
  18. The Anatomy of an Attack
    1. Collecting Information
    2. Probing the Network
    3. Launching the Attack
    4. Summary
  19. Security Resources
    1. Information from the Vendor
    2. Third-Party Channels
    3. Summary
  20. Operating System Security Checklists
    1. Windows 2000 Server Security Checklist
    2. Linux Security Checklist
  21. Sample Network Usage Policy
    1. Principles Behind an Effective Network Usage Policy
    2. The Developmental Process
    3. Scope
    4. Network Management
    5. Password Requirements
    6. Virus Prevention Policy
    7. Workstation Backup Policy
    8. Remote Network Access
    9. General Internet Access Policy
    10. Privacy and Logging
    11. Security Incidents
    12. Additional Information
  22. Index