The Best Damn Firewall Book Period
Chapter 2: Firewall Concepts
- Table 2.1: Firewall Vendors and Types
Chapter 3: DMZ Concepts, Layout, and Conceptual Design
- Table 3.1: DMZ Definitions
- Table 3.2: Pros and Cons of Basic DMZ Designs
- Table 3.3: Protocols with Known Weaknesses
- Table 3.4: Private IP Address Ranges
- Table 3.5: Common Ports to Block
Chapter 4: Introduction to Intrusion Detection Systems
- Table 4.1: Comparing Firewalls and IDS
Chapter 5: Implementing a Firewall with Ipchains and Iptables
- Table 5.1: Default Tables and Chains
- Table 5.2: Common Ipchains and Iptables Targets
- Table 5.3: Ipchains Masquerading Modules
- Table 5.4: Iptables Masquerading Modules
- Table 5.5: Common ICMP Names and Numbers
- Table 5.6: ToS Field Options
Chapter 6: Maintaining Open Source Firewalls
- Table 6.1: Netcat Options
- Table 6.2: SendIP Options
- Table 6.3: fwlogwatch Modes
- Table 6.4: fwlogwatch Options
- Table 6.5: Additional Logging Tools
Chapter 8: Introduction to PIX Firewalls
- Table 8.1: PIX Model Characteristics
- Table 8.2: PIX Password Recovery Binaries
- Table 8.3: Basic Keystroke Shortcuts
- Table 8.4: Hardware Speed Types for the interface Command
Chapter 9: Passing Traffic
- Table 9.1: Literal Protocol Names and Values
- Table 9.2: Literal Port Names and Values
- Table 9.3: ICMP Message Types
Chapter 10: Advanced PIX Configurations
- Table 10.1: Application Inspection Features of Cisco PIX Firewall v6.2
- Table 10.2: Number of Clients Supported by the PIX DHCP Server
Chapter 11: Troubleshooting and Performance Monitoring
- Table 11.1: PIX Firewall Model Features and Capabilities
- Table 11.2: Cable Troubleshooting Checklist
- Table 11.3: PIX Firewall Model Features and Capabilities
- Table 11.4: Logging Levels
- Table 11.5: Process Operating States
- Table 11.6: Values in the show perfmon Command
Chapter 12: Installing and Configuring VPN-1/FireWall-1 Next Generation
- Table 12.1: Minimum System Requirements
- Table 12.2: newimage Command Line Arguments
- Table 12.3: newpkg Command Line Arguments
Chapter 13: Using the Graphical Interface
- Table 13.1: Configuration Matrix
- Table 13.2: Dynamic_Objects Command Options
- Table 13.3: ICMP Codes
Chapter 14: Creating a Security Policy
- Table 14.1: Categories of Security Controls
Chapter 15: Advanced Configurations
- Table 15.1: cphaprob Command Options
Chapter 16: Configuring Virtual Private Networks
- Table 16.1: Check Point Encryption Algorithms
- Table 16.2: VPN Ports and Protocols
Chapter 18: Configuring the Check Point Firewall
- Table 18.1: FireWall-1/IPSO Compatibility
- Table 18.2: Default Filters in $FWDIR/lib
- Table 18.3: fw fetch Syntax
Chapter 19: Introducing the Voyager Web Interface
- Table 19.1: SSHD Server Options
Chapter 20: Basic System Administration
- Table 20.1: newpkg Command-Line Arguments
- Table 20.2: newimage Command-Line Arguments
Chapter 22: ISA Server Deployment Planning and Design
- Table 22.1: ISA Server Processor Requirements
- Table 22.2: ISA Server RAM Requirements
- Table 22.3: ISA Server Disk Space Requirements
- Table 22.4: Comparing Firewall and Cache Mode Features
- Table 22.5: Recommended Roles for ISA Server Modes
- Table 22.6: Comparing ISA Server Client Features
Chapter 23: ISA Server Installation
- Table 23.1: Permissions Required to Install ISA Server and Components
- Table 23.2: The "Use Array Policy Only" Effect on Migration from Proxy Server 2.0
- Table 23.3: The "Use Enterprise Policy Only" Effect on Migration from Proxy Server 2.0
- Table 23.4: The "Use Enterprise and Array Policy" Effect on Migration from Proxy Server 2.0
- Table 23.5: Translating Proxy Server 2.0 to ISA Server
Chapter 24: Managing ISA Server
- Table 24.1: Log Field Options: Packet Filters
- Table 24.2: Log Field Options: Firewall Service
Chapter 28: Protecting Mail Services with ISA Server
- Table 28.1: Packet Filters for Exchange Services Publishing
Chapter 29: Introducing Snort
- Table 29.1: Useful Snort Add-Ons
- Table 29.2: Basic Snort Options for Packet Sniffing and Logging
- Table 29.2: Snort's Vulnerabilities to Date
Chapter 31: Combining Firewalls and IDS
- Table 31.1: Windows 2000 Server Ports
- Table 31.2: File Server Communication Ports
- Table 31.3: Software Required for an Inline Mode Installation of Snort
- Table 31.4: Web Resources
- Table 31.5: PIX IDS Signatures