Inside Network Perimeter Security (2nd Edition)

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z]

backdoors     NetStumbler website     unenforceable security policies 2nd

BackOfficer Friendly personal firewall (NFR)

bandwidth     availability of (network latency)

     definingbandwidths     circuit 2ndbanner retrieval

     network security assessments 2nd 3rd 4thbanners     login banners (routers), creating 2nd

bastion hosts

     defining 2nd

BBDISPLAY host (Big Brother system/network monitoring software)

BBNET host (Big Brother system/network monitoring software) BBPAGER host (Big Brother system/network monitoring software)

Beagle worm

best practices (network security assessment documentation) Big Brother system/network monitoring software 2nd 3rd 4th

     architecture of     hosts/procedures, defining 2nd

     monitoring local system attributes 2nd 3rd     network/remote service accessibility 2nd 3rd

     SNMP support

BinText utility

     application layer, troubleshooting 2nd

BlackICE network connection monitoring utility 2nd

blacklisting

     IP address ranges

     spoofed IP addresses

     spyware 2nd

BlackWidow

blocking

     ICMP echo requests 2nd

     IP address ranges

     spoofed IP addresses

     spyware 2nd Blue Coat cacheflow servers

border firewalls     validation (network security assessments) 2ndborder routers

     access, preventing

    adversarial reviews

         determining impact of misconfigurations/vulnerabilities 2nd 3rd 4th 5th

     defining

    egress filters         adversarial reviews, determining attacker access 2nd     functions of 2nd     ICMP destination unreachable messages

    ingress filters

         adversarial reviews, determining attacker access 2nd    No CDP Messages filter setting

         adversarial reviews, determining attacker access 2nd    No IP Directed Broadcasts filter setting         adversarial reviews, determining attacker access    No IP Unreachable Messages filter setting

         adversarial reviews, determining attacker access    No Source Routing filter setting         adversarial reviews, determining attacker access

     Nokia IP350

         rulebase for

     perimeter defense, role in

     ping floodsbottlenecks (performance)

     accelerator cards

bridges     secure perimeter design 2nd 3rd

bridges (AP), disablingbroadband connections

     case studies 2nd 3rd 4th 5th 6thbroadcast domains

     ARP cache poisoning attacks 2nd

     network performance 2nd

     security zones, creating 2nd 3rd 4th 5th

BSD Airtools

     wireless encryption, auditing

BSSID (Basic Service Set Identifiers)

btmp files (UNIX)

     security logs, auditing

buffer overflow exploits

bump in the wire solutions [See NIPS (network intrusion prevention systems);intelligent switches]

burstable T1 lines

business case studies

     complex e-commerce sites 2nd

         DMZ 2nd 3rd 4th         internal networks 2nd

         Internet 2nd 3rd         proxy layers 2nd 3rd         security networks 2nd 3rd 4th

     small e-commerce sites 2nd 3rd 4th 5th 6th 7th 8th 9th

business-related services

     secure perimeter design 2nd

buying software

     demos     evaulation checklists 2nd     unsecurable software, handling 2nd     user information, gathering 2nd

bypassing firewalls

     HTTP tunneling 2nd     insider threats, employees/contractors 2nd

     insider threats, spyware/keystroke loggers 2nd     perimeter configuration changes 2nd 3rd     SOAP     Web server attacks 2nd 3rd