Inside Network Perimeter Security (2nd Edition)

2017-07-07 02:10:07

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z]

NAC (Network Admission Control), SDN 2nd 3rd 4thname command (SSH) router hardening

named ACL (access control lists) 2nd

adding/deleting entries 2nd 3rd reflexive ACL

NAPT [See PAT] NASL (Nessus attack scripting language) 2nd NAT 2nd application compatibility 2nd

ESP protocol 2nd protocols, breaking routers 2nd

configuring for 2nd

viewing translation tables

NAT-T (NAT-Transversal)

IPSec NBAR (Network-Based Application Recognition) 2nd 3rd 4th

footprints

police command router performance

nc (Netcat) 2nd 3rd NDiff differential scanning software 2nd

Nessus vulnerability scanner 2nd 3rd 4th 5th NASL 2nd

plug-ins 2nd

Nessus vulnerability scanning software

Nestat

transport layer troubleshooting 2nd 3rd

NetBIOS networks

broadcasts, limiting

NetBIOS protocol (Windows)

disabling 2nd

Netcat 2nd 3rd

Netfilter/IPTables

input rules 2nd

IPv6

output rules 2nd 3rd

state tables, example of 2nd stateful firewalls 2nd 3rd 4th 5th 6th

NetScanTools Pro NetScreen firewall (Juniper Networks) 2ndNetScreen-100 firewalls

adversarial reviews

determining attacker access 2nd 3rd 4th 5th 6th

From DMZ rulebase 2nd

incoming rulebase 2nd

outgoing rulebase To DMZ rulebaseNetscreen-204 firewall (Juniper) rulebase for 2nd

NetSky worm

Netstat network layer troubleshooting 2nd

netstat -na command ports, listing 2ndNetstumbler wardriving

wireless network signal leakage, auditingNetStumbler website backdoors

nettools.com Web site

nettworks

VPN

proprietary implementationsnetwork architectures

network performance

broadcast domains 2nd OSPF

RIP 2nd TCP/IP, MTU 2nd

TCP/IP, socket buffer sizes 2nd TCP/IP, window sizes

WAN 2nd

network bandwidth

defining

network card teaming

network chokepoints, firewalls as

network connection monitoring utilities (host-based IDS)

BlackICE 2nd

PortSentry 2nd

network defense design, recommendations for 2nd

network devices

secure perimeter design 2nd 3rd

network filtering

routers

network filters network performance

content filters 2nd packet filters 2nd proxy firewalls 2nd

stateful firewalls 2nd

network IDS (intrusion detection systems)

case studies

networks with multiple external access points 2nd

simple network infrastructures 2nd 3rd unrestricted network environments 2nd 3rd logs perimeter defense components, compatibility with

roles of

host attack detection 2nd incident handling

weakness identification weakness identification, security auditing weakness identification, security policy violations 2nd sensors, deploying 2nd

encrypted network traffic external networks 2nd firewalls 2nd

high volume network traffic

IDS management networks 2nd

internal networks 2nd 3rd

packet filters security maintenance 2nd

spanning ports

switches 2nd services

distributed outsourced monitoring

software 2nd versus host-based 2nd

network latency

bandwidth availability

defining 2nd

gateway processing

packet size

ping command

propagation

network layer

troubleshooting 2nd

ifconfig utility

ipconfig utility 2nd

Netstat 2nd

ping utility

Tcpdump Traceroute 2nd

network layer cryptography network performance 2nd VPN 2nd 3rd

network layer encryption

VPN 2nd

network monitoring (perimeter security maintenance)

alerts

Big Brother software 2nd 3rd 4th defining hosts/procedures 2nd monitoring local system attributes 2nd 3rd network/remote service accessibility 2nd 3rd

HP OpenView software 2nd

procedures, establishing 2nd defining hosts/procedures 2nd 3rd

monitoring local system attributes 2nd 3rd 4th 5th 6th network/remote service accessibility 2nd 3rd 4th remote monitoring security 2nd 3rd 4th 5th Network Node Manager (OpenView) 2nd

network scanners fping utility pinger utility

SuperScan 2nd

network security

software architecture case studies

customer feedback systems customer feedback systems, architecture recommendations

customer feedback systems, software deployment locations 2nd

Web-based online billing applications Web-based online billing applications, architecture recommendations 2nd

Web-based online billing applications, software deployment locations 2ndnetwork security architectures

evaluating network security assessments

exploitation phase

penetration tests 2nd 3rd

network service discovery phase 2nd

service discovery

service discovery, banner retrieval 2nd 3rd 4th

service discovery, Nmap 2nd

service discovery, system matrixes 2nd

service discovery, Telnet 2nd

system enumeration

system enumeration, ICMP scans 2nd

system enumeration, packet traces 2nd

system enumeration, TCP/UDP packet scans 2nd

technique risk levels

perimeter device verification phase access control verification

access control verification, firewall management 2nd access control verification, traffic restrictions 2nd 3rd assessment stations 2nd

firewall validation 2nd

listener stations 2nd

planning phase

assembling test resources

assessment technique risk levels determining scope determining scope, assessment logistics determining scope, documentation

written authorization

reconnaissance phase determining IP address ranges

DNS discovery 2nd organization-specific data searches 2nd organizational Web presences 2nd reverse lookups

search engines 2nd sensitive information searches whois searches

remote access phase

VPN/remote proxies

VPN/remote proxies, access controls 2nd

VPN/remote proxies, authentication 2nd 3rd VPN/remote proxies, client restrictions 2nd

VPN/remote proxies, encryption

wardialing 2nd 3rd 4th wardriving 2nd 3rd

results analysis/documentation phase 2nd 3rd best practices

executive summaries 2nd 3rd introductions

prioritizing findings by risk

technique risk levels

vulnerability discovery phase 2nd 3rd

eEye Security Retina 2nd

GFI LANguard Network Security Scanner 2nd 3rd 4th

ISS Internet scanner 2nd 3rd 4th

Nessus 2nd 3rd 4th 5th

researching vulnerabilities 2nd

technique risk levels

network security design

adversarial reviews

GIAC GCFW designs

advesarial reviews 2nd

deciding origin of attacks deciding what attacks to prevent

determining attacker access 2nd 3rd determining attacker access, egress filters 2nd determining attacker access, external firewalls 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th

determining attacker access, extranet servers 2nd 3rd

determining attacker access, ingress filters 2nd

determining attacker access, internal firewalls 2nd 3rd 4th 5th

determining attacker access, No CDP Messages filter setting 2nd

determining attacker access, No IP Directed Broadcasts filter setting determining attacker access, No IP Unreachable Messages filter setting determining attacker access, No Source Routing filter setting determining attacker access, public Web servers 2nd 3rd

determining impact of misconfigurations/vulnerabilities 2nd

determining impact of misconfigurations/vulnerabilities, external firewalls 2nd 3rd 4th 5th 6th 7th determining impact of misconfigurations/vulnerabilities, extranet servers 2nd

determining impact of misconfigurations/vulnerabilities, internal firewalls 2nd 3rd 4th 5th 6th determining impact of misconfigurations/vulnerabilities, public Web servers 2nd determining impact of misconfigurations/vulnerabilities, routers 2nd 3rd 4th 5th determining maximum amount of network access 2nd 3rd 4th 5th 6th 7th 8th 9th 10th

determining maximum amount of network access, internal firewalls 2nd 3rd 4th 5th 6th 7th identifying additional security controls 2nd discovery process

network security designs

attacks, hackers approach to

network service discovery phase (network security assessments) 2nd

service discovery banner retrieval 2nd 3rd 4th

Nmap 2nd

system matrixes 2nd Telnet 2nd

system enumeration ICMP scans 2nd

packet traces 2nd TCP/UDP packet scans 2nd

technique risk levels

network services, controlling

deactivating services

remote access services 2nd 3rd 4th

resource-sharing services 2nd

disabling NetBIOS protocol 2nd

editing Unix files

listing ports 2nd

network switches

rate limiting

networks

discovery of

proxy firewalls 2nd

HIPS advantages of

challenges of custom application dynamic rule creation 2nd deployment recommendations, attacks 2nd

deployment recommendations, document requirements/testing procedures

deployment recommendations, role in defense-in-depth architectures

deployment recommendations, software update installation

deployment recommendations, update control policies

false positives monitoring application behavior monitoring file integrity OS shims

real world experience of

system call interception internal

complex e-commerce site case studies 2nd hiding 2nd role in defense in depth infrastructure role in defense in depth infrastructure, antivirus software

role in defense in depth infrastructure, auditing 2nd role in defense in depth infrastructure, configuration management 2nd role in defense in depth infrastructure, host hardening 2nd

role in defense in depth infrastructure, personal firewalls 2nd 3rd

internal protected

proxy firewalls

log files analyzing 2nd

analyzing, automating 2nd 3rd 4th 5th 6th 7th 8th 9th 10th

analyzing, developing feel for analyzing, finding fun in

analyzing, firewall logs 2nd 3rd 4th 5th 6th 7th 8th 9th 10th analyzing, IDS logs 2nd

analyzing, keyword searches analyzing, router logs 2nd 3rd 4th

analyzing, timestamps

analyzing, UNIX

characteristics of

characteristics of, occasionally recorded information 2nd

characteristics of, rarely recorded information 2nd

characteristics of, regularly recorded information 2nd

DNS requests

event correlation

general troubleshooting

importance of

incident handling 2nd

intrusion detection

TCP flags 2nd

timestamps TTL

NIPS ASIC 2nd chokepoint

chokepoint devices

chokepoint, firewalls 2nd 3rd 4th 5th 6th

chokepoint, IDS plus something classification 2nd 3rd 4th 5th 6th 7th 8th 9th

general-purpose CPU

intelligent switches 2nd switch-type switch-type, deployment recommendations 2nd 3rd 4th 5th 6th 7th 8th 9th 10th switch-type, detection capabilities

switch-type, environmental anomaly analysis

switch-type, evasion resistance switch-type, organizational policy enforcement

switch-type, passive analysis 2nd switch-type, product development switch-type, protocol scrubbing switch-type, rate limiting

switch-type, security 2nd switch-type, stability demands 2nd switch-type, throughput demands

switch-type, TippingPoint UnityOne IPS 2nd

switch-type, TopLauer Attack Mitigator

nonswitched

versus switched 2nd performance

broadcast domains 2nd

case studies, ISDN network connections 2nd case studies, satellite-based networks 2nd

content filters 2nd DoS attacks, ICMP flooding 2nd 3rd 4th 5th 6th 7th

DoS attacks, SYN flooding 2nd 3rd encryption

encryption, hardware accelerators 2nd

encryption, network layer cryptography 2nd 3rd 4th 5th

encryption, public key cryptography

encryption, router link encryption case study 2nd

encryption, SSL Web server case study

encryption, symmetric key cryptography 2nd

encryption, transport layer cryptography 2nd 3rd

load balancers 2nd 3rd

load balancers, Layer 4 dispatchers 2nd

load balancers, Layer 7 dispatchers 2nd

OSPF

packet filters 2nd

proxy firewalls 2nd

RIP 2nd stateful firewalls 2nd

TCP/IP, ICMP messages 2nd TCP/IP, MTU 2nd TCP/IP, socket buffer sizes 2nd

TCP/IP, window sizes

WAN 2nd

performance metrics

performance, defining

network bandwidth network latency 2nd 3rd response time throughput

performance, importance in security 2nd

private-only access lists, examples of 2nd 3rd 4th 5th

screened subnet access lists, examples of 2nd 3rd 4th 5th 6th 7th SDN 2nd 3rd 4th NAC 2nd 3rd 4th

security complex e-commerce site case studies 2nd 3rd 4th switched

troubleshooting 2nd

versus nonswitched networks 2nd

VPN [See also remote desktop software]

benefits of, cost effectiveness benefits of, deployment 2nd

benefits of, security 2nd 3rd

case study case study, IPSec 2nd 3rd

case study, SSL 2nd case study, terminal servers 2nd 3rd

Cisco router configurations, access list rules 2nd defining

designing network security 2nd

Diffie-Hellman asymmetric key encryption

disadvantages of

disadvantages of, implementation

disadvantages of, Internet availability

disadvantages of, packet overhead

disadvantages of, processing overhead

disadvantages of, troubleshooting

encryption 2nd 3rd

encryption, application layer

encryption, network layer 2nd

encryption, transport layer

encryption, tunneling as 2nd 3rd

handling compromised clients 2nd IPSec 2nd

IPSec, AH protocol 2nd 3rd 4th 5th 6th 7th IPSec, client integration 2nd IPSec, configuration examples 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th

IPSec, ESP protocol 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th

IPSec, IKE protocol 2nd 3rd 4th 5th 6th 7th 8th 9th 10th

IPSec, perimeter defenses 2nd 3rd

IPSec, SA 2nd 3rd

IPSec, SAD 2nd 3rd IPSec, server integration 2nd IPSec, SPD IPSec, transport mode 2nd

IPSec, tunnel mode 2nd

IPSec, tunneling mode IPSec, versus L2TP 2nd

IPSec, wireless network security L2TP L2TP, versus IPSec 2nd L2TP, versus PPTP 2nd

L2TP, Windows XP client software configuration example 2nd 3rd network layer cryptography 2nd 3rd network security assessments

network security assessments, access controls 2nd

network security assessments, authentication 2nd 3rd

network security assessments, client restrictions 2nd

network security assessments, encryption PPTP 2nd

PPTP, Cisco PIX VPDN configuration example 2nd 3rd 4th

PPTP, versus L2TP 2nd proxy firewalls

remote connectivity, determining type of 2nd requirements of, authentication

requirements of, confidentiality requirements of, data integrity 2nd

SSH, file transfers

SSH, port forwarding

SSH, standard connections 2nd 3rd 4th

SSH, tunneling 2nd 3rd 4th 5th 6th

SSH, vulnerabilities of 2nd

SSL

SSL, OWA 2nd

SSL, perimeter defenses

SSL, proxy servers 2nd 3rd

SSL, SSL tunneling 2nd 3rd

SSL, standard connections 2nd 3rd 4th 5th 6th 7th 8th 9th

SSL, uses of 2nd

tunneling 2nd

tunneling, as encryption 2nd 3rd tunneling, packets

wireless network security wireless AP

AP, FakeAP

AP, hardening 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th

AP, segmenting

AP, VLAN 2nd

AP, warchalking AP, wardriving defense in depth strategies, host defenses defense in depth strategies, VPN/IPSec

designing

designing, auditing network controls designing, auditing signal leakage 2nd

designing, case studies 2nd 3rd 4th 5th designing, network separation 2nd 3rd 4th 5th 6th 7th 8th 9th designing, signal leakage designing, WDoS defense 2nd

infrastructure mode types of, 802.11a types of, 802.11b

types of, 802.11g

wireless encryption

wireless encryption, auditing 2nd 3rd

wireless encryption, EAP-TLS 2nd 3rd wireless encryption, implementing 2nd

wireless encryption, LEAP 2nd 3rd 4th

wireless encryption, PEAP 2nd 3rd wireless encryption, TinyPEAP

wireless encryption, WEP 2nd wireless encryption, WPA protocol 2nd 3rd 4th

newsletters patch notifications

NFR BackOfficer Friendly personal firewall

NFR Sentivist 2nd

NFS (Network File System) services

daemons

deactivating 2nd

RPC services

NIDS (network-based intrusion detection systems)

defining 2nd

NIDS (network-based intrustion detection systems)

perimeter defense, role in

Nimda worm

defense in depth case study 2nd

signature of 2nd

Nimda worms [See also script kiddies]NIPS (network intrusion prevention systems)

ASIC 2nd chokepoint firewalls 2nd

firewalls, Check Point Firewall-1 NG 2nd

firewalls, modwall 2nd

IDS plus something classification

IDS plus something classification, HogWash

IDS plus something classification, IntruShield 2nd IDS plus something classification, LaBrea Technologies Sentry 2nd IDS plus something classification, NFR Sentivist 2nd IDS plus something classification, Snort-Inline

chokepoint devices

general-purpose CPU intelligent switches 2nd

switch-type deployment recommendations deployment recommendations, auto-update mechanisms 2nd deployment recommendations, budgeting for

deployment recommendations, change-management mechanisms deployment recommendations, documenting use/functionality 2nd deployment recommendations, identifying false positive/false negative test procedures

deployment recommendations, NIPS/NIDS combinations

deployment recommendations, report-only mode product reviews

detection capabilities

environmental anomaly analysis evasion resistance

latency requirements

organizational policy enforcement passive analysis 2nd

product development protocol scrubbing

rate limiting security 2nd

stability demands

throughput demands

TippingPoint UnityOne IPS 2nd

topLayer Attack Mitigator

Nmap

ACK scans

FIN scans

frag option

ICMP scans

network security assessments 2nd

NULL scans

SYN scans

version scans 2nd

Nmap ACK scans 2nd Nmap host/port location scanning software

NDiff differential scanners 2nd NNM (Network Node Manager) 2ndNNTP (Network News Transfer Protocol)

vulnerabilities of 2nd

No CDP Messages filter setting

adversarial reviews

determining attacker access 2nd

No IP Directed Broadcasts filter setting adversarial reviews determining attacker accessNo IP Unreachable Messages filter setting

adversarial reviews

determining attacker access no password command (Telnet)

No Source Routing filter setting adversarial reviews determining attacker accessNokia IP330 firewalls

adversarial reviews 2nd 3rd rulebases 2nd Nokia IP350

rulebase for

Nokia IP440 firewalls

adversarial reviews

determining attacker access 2ndnonswitched networks

versus switched networks 2nd

nontransparent proxy firewalls request handling

Norton Personal Firewall logs, analyzing 2nd Norton Personal firewalls 2nd 3rd

noshell utility (UNIX) user accounts, deactivating 2nd

notifications (incident response) 2nd

NSlookup 2nd 3rd

nslookup command

DNS discovery

NSS (Network Name Switches)

NTFS (Windows)

file permnissions, restricting

NTP (Network Time Protocol)

router configuration/authentication 2nd 3rd

NULL scans

Nmap

null sessions

limiting 2nd

numbered ACL (access control lists)

Index

Категории