You are previewing Network Security First-Step, Second Edition.
O'Reilly logo
Network Security First-Step, Second Edition

Book Description

Network Security first-step

Second Edition

Tom Thomas and Donald Stoddard

Your first step into the world of network security

  • No security experience required

  • Includes clear and easily understood explanations

  • Makes learning easy

Your first step to network security begins here!

  • Learn how hacker attacks work, from start to finish

  • Choose the right security solution for each type of risk

  • Create clear and enforceable security policies, and keep them up to date

  • Establish reliable processes for responding to security advisories

  • Use encryption effectively, and recognize its limitations

  • Secure your network with firewalls, routers, and other devices

  • Prevent attacks aimed at wireless networks

No security experience required!

Computer networks are indispensible, but they also are not secure. With the proliferation of security threats, many people and companies are looking for ways to increase the security of their networks and data. Before you can effectively implement security technologies and techniques, you need to make sense of this complex and quickly evolving world of hackers and malware, as well as the tools to combat them.

Network Security First-Step, Second Edition explains the basics of network security in easy-to-grasp language that all of us can understand. This book takes you on a guided tour of the core technologies that make up and control network security. Whether you are looking to take your first step into a career in network security or simply are interested in gaining knowledge of the technology, this book is for you!

Table of Contents

  1. Title Page
  2. Copyright Page
  3. About the Authors
  4. About the Technical Reviewers
  5. Dedications
  6. Acknowledgments
  7. Contents at a Glance
  8. Contents
  9. Icons
    1. Security Scanners
  10. Introduction
    1. Goals and Methods
    2. Who Should Read This Book?
    3. How This Book Is Organized
  11. Chapter 1. There Be Hackers Here!
    1. Essentials First: Looking for a Target
    2. Hacking Motivations
    3. Targets of Opportunity
    4. Targets of Choice
    5. The Process of an Attack
    6. Where Are Attacks Coming From?
    7. Common Vulnerabilities, Threats, and Risks
    8. Overview of Common Attacks and Exploits
    9. Network Security Organizations
    10. Chapter Summary
    11. Chapter Review
  12. Chapter 2. Security Policies
    1. Responsibilities and Expectations
    2. Corporate Policies and Trust
    3. Acceptable Use Policy
    4. Password Policy
    5. Virtual Private Network (VPN) Security Policy
    6. Wireless Communication Policy
    7. Extranet Connection Policy
    8. ISO Certification and Security
    9. Industry Standards
    10. Chapter Summary
    11. Chapter Review
  13. Chapter 3. Processes and Procedures
    1. Security Advisories and Alerts: Getting the Intel You Need to Stay Safe
    2. Industry Best Practices
    3. Summary
    4. Chapter Review and Questions
  14. Chapter 4. Network Security Standards and Guidelines
    1. Cisco SAFE 2.0
    2. Cisco Validated Design Program
    3. Basic Cisco IOS Best Practices
    4. NSA Security Configuration Guides
    5. Microsoft Security
    6. Chapter Summary
    7. Chapter Link Toolbox Summary
  15. Chapter 5. Overview of Security Technologies
    1. Security First Design Concepts
    2. Packet Filtering via ACLs
    3. Stateful Packet Inspection
    4. Network Address Translation (NAT)
    5. Proxies and Application-Level Protection
    6. Content Filters
    7. Public Key Infrastructure
    8. Reputation-Based Security
    9. AAA Technologies
    10. Two-Factor Authentication/Multifactor Authentication
    11. Chapter Summary
    12. Chapter Review Questions
  16. Chapter 6. Security Protocols
    1. Triple DES Encryption
    2. Advanced Encryption Standard (AES)
    3. Message Digest 5 Algorithm
    4. Secure Hash Algorithm (SHA Hash)
    5. Point-to-Point Tunneling Protocol (PPTP)
    6. Layer 2 Tunneling Protocol (L2TP)
    7. Secure Shell (SSH)
    8. SNMP v3
    9. Chapter Summary
    10. Chapter Review Questions
  17. Chapter 7. Firewalls
    1. Firewall Frequently Asked Questions
    2. Firewalls Are “The Security Policy”
    3. We Do Not Have a Security Policy
    4. Firewall Operational Overview
    5. Essentials First: Life in the DMZ
    6. Case Studies
    7. Firewall Limitations
    8. Chapter Summary
    9. Chapter Review Questions
  18. Chapter 8. Router Security
    1. Chapter Review Questions
    2. Routers Running Zone Based Firewall
    3. Intrusion Detection with Cisco IOS
    4. Secure IOS Template
    5. Routing Protocol Security
    6. Chapter Summary
    7. Chapter Review Questions
  19. Chapter 9. IPsec Virtual Private Networks (VPNs)
    1. Analogy: VPNs Securely Connect Is LAN ds
    2. VPN Overview
    3. Overview of IPsec VPNs
    4. Router Configuration as VPN Peer
    5. Firewall VPN Configuration for Client Access
    6. SSL VPN Overview
    7. Comparing SSL and IPsec VPNs
    8. Which to Deploy: Choosing Between IPsec and SSL VPNs
    9. Remote-Access VPN Security Considerations
    10. Chapter Summary
    11. Chapter Review Questions
  20. Chapter 10. Wireless Security
    1. Essentials First: Wireless LANs
    2. Wireless Networking
    3. WarGames Wirelessly
    4. Wireless Threats
    5. Extensible Authentication Protocol (EAP)
    6. Essential Wireless Security
    7. Essentials First: Wireless Hacking Tools
    8. Chapter Summary
    9. Chapter Review Questions
  21. Chapter 11. Intrusion Detection and Honeypots
    1. Essentials First: Intrusion Detection
    2. How Are Intrusions Detected?
    3. Essentials First: Honeypots
    4. Chapter Summary
    5. Chapter Review Questions
  22. Chapter 12. Tools of the Trade
    1. Essentials First: Vulnerability Analysis
    2. Security Assessments and Penetration Testing
    3. Security Scanners
    4. CORE IMPACT Pro (a Professional Penetration Testing Product)
    5. Chapter Summary
    6. Chapter Review Questions
  23. Appendix A. Answers to Review Questions
  24. Index