Hardening Network Infrastructure. Bulletproof Your Systems Before You Are Hacked.

V

VACLs (VLAN ACLs), 196 “197, 375

validation, 331 “332

value proposition, 487

vendors . See also resources (vendors, publications , and web sites)

knowing exploit susceptibility of, 8

as training resource, 512 “513

version control, 330

Virtual Local Area Networks. See VLANs (Virtual Local Area Networks)

Virtual Private Networks. See VPNs (Virtual Private Networks)

Virtual Router Redundancy Protocol (VRRP), 129 “131, 360

Virus Software Administrator, 507

viruses

e-mail content filters for, 235 “236

implementing virus protection, 5, 12 “14

spreading via e-mail, 235

turning off auto-response feature, 235

VLAN ACLs (VACLs), 196 “197, 375

VLAN hopping , 194 “195

VLAN Trunking Protocol. See VTP (VLAN Trunking Protocol)

VLANs (Virtual Local Area Networks), 372

determining which are in use and location of, 7

for DMZ, 353 “354

system isolation and, 375

trust models, 373 “375

VMS (VPN/Security Management Solution), 96

VPN Administrator, 507

VPN clients , 150 “151

VPN/remote access module, 360 “362

VPN/Security Management Solution (VMS), 96

VPNs (Virtual Private Networks)

authentication and authorization, 121 “123

clients, 150 “151

configuring for wireless connections, 271

connection types, 107 “108

connectivity- related issues, 106 “107

encryption protocols, 141 “143

filtering rules for interfaces, 127 “128

hardening methods for, 110

IDS/IPS sensor placement, 85

IKE authentication, 146 “150

IPsec-based, 135 “136

message integrity, 143 “145

overview, 106

policy for, 32

redundancy and fault tolerance, 129 “131

remote administration, 110 “121

remote exploits and, 7

removing unnecessary SAs and IKE proposals, 125 “126

removing unnecessary tunneling protocols, 123 “125

routing protocols, 131 “134

SAs, 140 “141

technologies for, 108 “110

traffic security protocols, 136 “140

VRRP (Virtual Router Redundancy Protocol), 129 “131, 360

VTP (VLAN Trunking Protocol)

auto-negotiation , 199

configuring, 198

passwords, 380

trunk lines, 199

vulnerabilities

minimizing by disabling unused services, 393

policy for, 31

SSH and, 394

vulnerability assessment (VA). See also Nessus

overview, 399

sources for, 424

tools, 401 “402