How to Cheat at Securing Your Network

  • ID: 1766194
  • Book
  • 432 Pages
  • Elsevier Science and Technology
1 of 4

Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction.

The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery.

* A concise information source - perfect for busy System Administrators with little spare time
* Details what to do when disaster strikes your network
* Covers the most likely threats to small to medium sized networks

Please Note: This is an On Demand product, delivery may take up to 11 working days after payment has been received.

Note: Product cover images may vary from those shown
2 of 4
Chapter 1 General Security Concepts: Access Control, Authentication, and Auditing

Introduction to AAA


What is AAA?


Access Control


Authentication


Auditing


Access Control


MAC/DAC/RBAC


MAC


DAC


RBAC


Authentication


Kerberos


CHAP


Certificates


Username/Password


Tokens


Multi-factor


Mutual Authentication


Biometrics


Auditing


Auditing Systems


Logging


System Scanning


Disabling Non-essential Services, Protocols, Systems and Processes


Non-essential Services


Non-essential Protocols


Disabling Non-essential Systems


Disabling Non-essential Processes


Disabling Non-Essential Programs


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 2 General Security Concepts: Attacks


Attacks


Active Attacks


DoS and DDoS


Resource Consumption Attacks


SYN Attacks


DDoS Attacks


Software Exploitation and Buffer Overflows


MITM Attacks


TCP/IP Hijacking


Replay Attacks


Spoofing Attacks


IP Spoofing


E-mail Spoofing


Web Site Spoofing


Phishing


Wardialing


Dumpster Diving


Social Engineering


Vulnerability Scanning


Passive Attacks


Sniffing and Eavesdropping


Password Attacks


Brute Force Attacks


Dictionary-based Attacks


Malicious Code Attacks


Viruses


Worms


Trojan Horses


Rootkits


Back Doors


Logic Bombs


Spyware and Adware


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 3 Communication Security: Remote Access and Messaging


Introduction


he Need for Communication Security


Communications-based Security


Remote Access Security


802.1x


EAP


Vulnerabilities


Media Access Control Authentication


VPN


Site-to-site VPN


Remote Access VPN


RADIUS


Authentication Process


Vulnerabilities


TACACS/+


TACACS


XTACACS


TACACS+


Vulnerabilities


PPTP/L2TP


PPTP


L2TP


SSH


How SSH Works


IPSec


IPSec Authentication


ISAKMP


Vulnerabilities


Eavesdropping


Data Modification


Identity Spoofing


User Vulnerabilities and Errors


Administrator Vulnerabilities and Errors


E-mail Security


MIME


S/MIME


PGP


How PGP Works


Vulnerabilities


SMTP Relay


Spoofing


E-mail and Mobility


E-mail and Viruses


Spam


Hoaxes


Phishing


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 4 Communication Security: Wireless


Introduction


Wireless Concepts


Understanding Wireless Networks


Overview of Wireless


Communication in a Wireless Network


Radio Frequency Communications


Spread Spectrum Technology


Wireless Network Architecture


CSMA/CD and CSMA/CA


Wireless Local Area Networks


WAP


WTLS


IEEE 802.11


IEEE 802.11b


Ad-Hoc and Infrastructure Network Configuration


WEP


Creating Privacy with WEP


Authentication


Common Exploits of Wireless Networks


Passive Attacks on Wireless Networks


Active Attacks on Wireless Networks


MITM Attacks on Wireless Networks


Wireless Vulnerabilities


WAP Vulnerabilities


WEP Vulnerabilities


Security of 64-Bit vs. 128-Bit Keys


Acquiring a WEP Key


Addressing Common Risks and Threats


Finding a Target


Finding Weaknesses in a Target


Exploiting Those Weaknesses


Sniffing


Protecting Against Sniffing and Eavesdropping


Spoofing (Interception) and Unauthorized Access


Protecting Against Spoofing and Unauthorized Attacks


Network Hijacking and Modification


Protection against Network


Hijacking and Modification


Denial of Service and Flooding Attacks


Protecting Against DoS and Flooding Attacks


IEEE 802.1x Vulnerabilities


Site Surveys


Additional Security Measures for Wireless Networks


Using a Separate Subnet for Wireless Networks


Using VPNs for Wireless Access to Wired Network


Temporal Key Integrity Protocol


Message Integrity Code (MIC)


IEEE 802.11i Standard


Implementing Wireless Security: Common Best Practices


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 5 Communication Security: Web Based Services


Introduction


Web Security


Web Server Lockdown


Managing Access Control


Handling Directory and Data Structures


Eliminating Scripting Vulnerabilities


Logging Activity


Performing Backups


Maintaining Integrity


Finding Rogue Web Servers


Stopping Browser Exploits


Exploitable Browser Characteristics


Cookies


Web Spoofing


Web Server Exploits


SSL and HTTP/S


SSL and TLS


HTTP/S


TLS


S-HTTP


Instant Messaging


Packet Sniffers and Instant Messaging7


Text Messaging and Short Message Service (SMS)


Web-based Vulnerabilities


Understanding Java-, JavaScript-, and ActiveX-based Problems


Preventing Problems with


Java, JavaScript, and ActiveX


Programming Secure Scripts


Code Signing: Solution or More Problems?


Understanding Code Signing


The Benefits of Code Signing


Problems with the Code Signing Process


Buffer Overflows


Making Browsers and E-mail Clients More Secure


Restricting Programming Languages


Keep Security Patches Current


Securing Web Browser Software


Securing Microsoft IE


CGI


What is a CGI Script and What Does It Do?


Typical Uses of CGI Scripts


Break-ins Resulting from Weak CGI Scripts


CGI Wrappers


Nikto


FTP Security


Active and Passive FTP


S/FTP


Secure Copy


Blind FTP/Anonymous


FTP Sharing and Vulnerabilities


Packet Sniffing FTP Transmissions


Directory Services and LDAP Security


LDAP


LDAP Directories


Organizational Units


Objects, Attributes and the Schema


Securing LDAP


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 6 Infrastructure Security: Devices and Media


Introduction


Device-based Security


Firewalls


Packet-filtering Firewalls


Application-layer Gateways


Stateful Inspection Firewalls


Routers


Switches


Wireless


Modems


RAS


Telecom/PBX


Virtual Private Network


IDS


Network Monitoring/Diagnostic


Workstations


Servers


Mobile Devices


Media-based Security


Coax


Thin Coax


Thick Coax


Vulnerabilities of Coax Cabling


UTP/STP


Fiber Optic


Removable Media


Magnetic Tape


CDRs


Hard Drives


Diskettes


Flashcards


Smart Cards


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 7 Topologies and IDS


Introduction


Security Topologies


Security Zones


Introducing the Demilitarized Zone


Intranet


Extranet


VLANs


Network Address Translation


Tunneling


Intrusion Detection


Characterizing IDSes


Signature-based IDSes and Detection Evasion


Popular Commercial IDS Systems


Honeypots and Honeynets


Judging False Positives and Negatives


Incident Response


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 8 Infrastructure Security: System Hardening


Introduction


Concepts and Processes of OS and NOS Hardening


File System


Updates


Hotfixes


Service Packs


Patches


Network Hardening


pdates (Firmware)


Configuration


Enabling and Disabling Services and Protocols


ACLs


Application Hardening


Updates


Hotfixes


Service Packs


Patches


Web Servers


E-mail Servers


FTP Servers


DNS Servers


NNTP Servers


File and Print Servers


DHCP Servers


Data Repositories


Directory Services


Network Access Control


Databases


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 9 Basics of Cryptography


Introduction


Algorithms


What Is Encryption?


Symmetric Encryption Algorithms


Data Encryption Standard and


Triple Data Encryption Standard


Advanced Encryption Standard (Rijndael)


IDEA


Asymmetric Encryption Algorithms


Diffie-Hellman


El Gamal


RSA


Hashing Algorithms


Concepts of Using Cryptography


Confidentiality


Integrity


Digital Signatures


MITM Attacks


Authentication


Non-Repudiation


Access Control


One-time Pad


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 10 Public Key Infrastructure


Introduction


PKI


Trust Models


Web-of-trust Model


Single Certificate Authority Model


Hierarchical Model


Certificates


X.509


Certificate Policies


Certificate Practice Statements


Revocation


Certificate Revocation List


OCSP


Standards and Protocols


Key Management and Certificate Lifecycle


Centralized vs. Decentralized


Storage


Hardware Key Storage vs. Software Key Storage


Private Key Protection


Escrow


Expiration


Revocation


Status Checking


Suspension


Status Checking


Recovery


Key Recovery Information


M of N Control


Renewal


Destruction


Key Usage


Multiple Key Pairs (Single, Dual)


Summary


Solutions Fast Track


Frequently Asked Questions


Index


Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4
Dubrawsky, Ido
Ido Dubrawsky (CISSP, CCNA, CCDA) is the Chief Security Advisor for Microsoft's Communication Sector North America, a division of the Mobile and Embedded Devices Group. Prior to working at Microsoft, Ido was the acting Security Consulting Practice Lead at AT&T's Callisma subsidiary and a Senior Security Consultant. Before joining AT&T, Ido was a Network Security Architect for Cisco Systems, Inc., SAFE Architecture Team. He has worked in the systems and network administration field for almost 20 years in a variety of environments from government to academia to private enterprise. He has a wide range of experience in various networks, from small to large and relatively simple to complex. Ido is the primary author of three major SAFE white papers and has written, and spoken, extensively on security topics. He is a regular contributor to the SecurityFocus website on a variety of topics covering security issues. Previously, he worked in Cisco Systems, Inc. Secure Consulting Group, providing network security posture assessments and consulting services for a wide range of clients. In addition to providing penetration-testing consultation, he also conducted security architecture reviews and policy and process reviews. He holds a B.Sc. and a M.Sc. in Aerospace Engineering from the University of Texas at Austin.
Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll