Inside Network Perimeter Security (2nd Edition)
|
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z] packer websitespackers antivirus software 2nd packet filtering routers 2ndpacket filters network performance 2nd static role in perimeter defense 2nd 3rdpacket headers definingpacket traces system enumeration assessments 2nd packet-filtering ACK flags ACL deny 2nd extended extended, blocking ICMP echo requests 2nd extended, established keyword 2nd 3rd 4th extended, filtering ICMP messages 2nd extended, filtering ports extended, friendly net IP address access 2nd extended, FTP 2nd 3rd extended, PASV FTP 2nd 3rd extended, ports extended, rule order 2nd extended, syntax of 2nd implicit denies 2nd in/out keywords 2nd 3rd in/out keywords, VLAN interfaces IPv6 2nd named 2nd named, adding/deleting entries 2nd 3rd named, reflexive ACL numbered planning rule order reflexive 2nd reflexive;FTP 2nd reflexive;ICMP reflexive;named ACL 2nd reflexive;outbound traffic 2nd reflexive;PASV FTP reflexive;TCP flags 2nd reflexive;UDP standard, applying to interfaces standard, blacklisting 2nd 3rd standard, egress filtering 2nd standard, friendly net IP address access 2nd standard, ingress filtering 2nd 3rd 4th standard, syntax of wildcard masks 2nd 3rd 4th ACLs routers deny any log command established keyword 2nd DNS 2nd fragments 2nd 3rd IDS sensor deployment IPChains 2nd ports server firewalls 2nd software architecture source routing spoofing static packet filters SYN flags packet-too-big ICMP unreachable messages 2nd 3rd PacketCrafter (Komodia) 2nd packets authentication AH protocol 2nd 3rd 4th AH protocol, ESP protocol combinations 2nd ESP protocol ESP protocol, AH protocol combinations 2nd ESP protocol, IPSec transport mode ESP protocol, IPSec tunnel mode 2nd ESP protocol, NAT 2nd ESP protocol, packet header components 2nd ESP protocol, packet traces 2nd crafted deep packet inspection 2nd Deep Packet Inspection deep packet inspection SSL defining destination addresses ESP protocol header components 2nd ESP protocol traces, example of 2nd fragments 2nd 3rd Nmap frag option ICV MTU network performance 2nd routing implicit permits Shallow Packet Inspection size of (network latency) source addresses source routing spoofing static filters VPN VPN tunnelingPAD (Packet Assembler/Disassembler) services disabling parallel firewalls secure perimeter design 2nd 3rdpass command (SSH) router hardening passive interface command (routers) password aging 2nd password-cracking software Crack 2nd John the Ripper L0phtCrack 2nd password-filtering software passwords AP hardening assigning auditing dictionary attacks filtering software guessing tool software history of 2nd host hardening 2nd 3rd 4th password aging 2nd routers SNMP 2nd 3rd 4th PASV (passive) FTP extended ACL 2nd 3rd PASV FTP ( reflexive ACL PAT routers 2nd viewing translation tables PAT (Port Address Translation) [See NAT] IPSec 2ndpatches change management 2nd constraints of 2nd host hardening 2nd 3rd notification newsletters PBX (private branch exchange) systems secure perimeter design PDM (PIX Device Manager) 2nd Configuration screen 2nd Hosts/Networks screen System Properties screen Translation Rules screen PEAP (Protected Extensible Authentication Protocol) 2nd 3rd TinyPEAP penetration tests 2nd 3rdperformance broadcast domains 2nd case studies ISDN network connections 2nd satellite-based networks 2nd content filters 2nd defining network bandwidth network latency 2nd network latency, bandwidth availability network latency, gateway processing network latency, packet size network latency, ping command network latency, propagation response time throughput DoS attacks ICMP flooding ICMP flooding, DDoS attacks 2nd 3rd 4th ICMP flooding, smurfing attacks 2nd SYN flooding 2nd 3rd encryption hardware accelerators 2nd network layer cryptography 2nd 3rd 4th 5th public key cryptography router link encryption case study 2nd SSL Web server case study symmetric key cryptography 2nd transport layer cryptography 2nd 3rd hardware accelerators accelerator cards load balancers 2nd 3rd Layer 4 dispatchers 2nd Layer 7 dispatchers 2nd metrics OSPF packet filters 2nd proxy firewalls 2nd RIP 2nd secure perimeter design 2nd detailed logs 2nd encryption 2nd inline security devices security, importance in 2nd stateful firewalls 2nd TCP/IP ICMP messages 2nd MTU 2nd socket buffer sizes 2nd window sizes troubleshooting WAN 2nd perimeter border routers defining defense in depth infrastructure, role in border routers egress filtering 2nd IDS 2nd ingress filtering 2nd IPS proxy firewalls stateful firewalls 2nd static packet filters 2nd 3rd VPN 2nd defining DMZ defining 2nd DNS servers 2nd firewalls defining HIDS defining 2nd IDS defining 2nd IPS defining NIDS defining 2nd routers defining screened subnets defining 2nd DNS servers 2nd software architecture defining VPN defining 2nd perimeter device verification phase (network security assessments) access control verification firewall management 2nd traffic restrictions 2nd 3rd assessment stations 2nd firewall validation 2nd listener stations 2ndperimeter scanning software perimeter configuration changes 2nd perimeter security maintenance change management communicating proposed changes detecting/preventing unauthorized changes 2nd discovering systems/devices patches 2nd personnel support rolling back undesired changes testing changes verifying proper system operation incident response automating 2nd notifications 2nd phases of 2nd response guidelines 2nd system/network monitoring alerts Big Brother software 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th establishing procedures 2nd establishing procedures, defining hosts/procedures 2nd 3rd establishing procedures, monitoring local system attributes 2nd 3rd 4th 5th 6th establishing procedures, network/remote service accessibility 2nd 3rd 4th HP OpenView software 2nd remote monitoring security 2nd 3rd 4th 5th perimeter security policies access 2nd changing 2nd control firewalls as 2nd implementing email handling 2nd incident handling 2nd presumption of privacy limited personal use policies unenforcable policies 2nd backdoors 2nd email 2nd 3rd Outlook (MS) 2nd sneaker net TCP Port 80 VLVHLP writing 2nd writing rule setsperimeter security, developing attacker type, determining determined insiders 2nd determined outsiders 2nd 3rd script kiddies 2nd worms 2nd 3rd business requirements, determining business-related services 2nd cost 2nd 3rd fault tolerance fault tolerance, geographic redundancy 2nd fault tolerance, inrtasite redundancy 2nd 3rd 4th 5th fault tolerance, inrtasystem redundancy performance 2nd performance, detailed logs 2nd performance, encryption 2nd performance, inline security devices case studies complex e-commerce business sites 2nd complex e-commerce business sites, DMZ 2nd 3rd 4th complex e-commerce business sites, internal networks 2nd complex e-commerce business sites, Internet 2nd 3rd complex e-commerce business sites, proxy layers 2nd 3rd complex e-commerce business sites, security networks 2nd 3rd 4th small businesses with basic Internet presence 2nd 3rd 4th 5th 6th 7th small e-commerce business sites 2nd 3rd 4th 5th 6th 7th 8th 9th telecommuters using broadband connections 2nd 3rd 4th 5th 6th cost, determining 2nd design elements firewalls 2nd firewalls, access control 2nd firewalls, basic filtering 2nd firewalls, inline 2nd firewalls, ISP controlled routers 2nd firewalls, parallel 2nd 3rd firewalls, VPN interaction 2nd 3rd 4th 5th 6th routers 2nd 3rd 4th routers, access control 2nd routers, basic filtering 2nd routers, ISP controlled 2nd VPN, firewall interaction 2nd 3rd 4th 5th 6th network composition, determining potential threats, determining resource protection bridges 2nd 3rd copiers IP-based telephony systems modems 2nd PBX systems printers routers 2nd 3rd servers 2nd switches 2nd 3rd voice mail systems workstations 2ndperimeters absorbent failover 2nd honeypots honeypots, DTK 2nd honeypots, Honeynet project website rate limiting 2nd 3rd perimeters, configuring firewall tunnels 2nd 3rd permissions (file) race conditions 2nd personal firewalls 2nd 3rd BackOfficer Friendly (NFR) compromised hosts configuring 2nd internal network defense, role in 2nd 3rd IPSec packet-filtering 2nd Norton 2nd 3rd PF 2nd 3rd 4th workstations websites ZoneAlarm Pro 2nd PF firewalls 2nd 3rd 4th PGP (Pretty Good Privacy) 2nd phase 1 negotiations (IKE) 2nd 3rd authentication exchanges example of 2nd 3rd phase 2 negotiations (IKE) example ofphone systems secure perimeter design PhoneSweep (SandStorm Enterprises) wardialing 2nd ping application layer addresses, obtaining ping command network latencyping floods border routers ping utility pinger utilitypings reconnaissance byPIX (Cisco) VPDN configuration example 2nd 3rd 4th PIX stateful firewalls (Cisco) fixup command 2nd 3rd 4th FWSM 2nd inbound/outobund traffic connections 2nd PDM 2nd Configuration screen 2nd Hosts/Networks screen System Properties screen Translation Rules screen show conn command 2nd pkg program software, removing PKI (Public Key Infrastructure) PKI (Public Key Infrastructures) plain text defining planning ACL rule order planning perimeter security attacker type, determining determined insiders 2nd determined outsiders 2nd 3rd script kiddies 2nd worms 2nd 3rd business requirements, determining business-related services 2nd cost 2nd 3rd fault tolerance fault tolerance, geogaphic redundancy 2nd fault tolerance, intrasite redundancy 2nd 3rd 4th 5th fault tolerance, intrasystem redundancy performance 2nd performance, detailed logs 2nd performance, encryption 2nd performance, inline security devices case studies complex e-commerce business sites 2nd complex e-commerce business sites, DMZ 2nd 3rd 4th complex e-commerce business sites, internal networks 2nd complex e-commerce business sites, Internet 2nd 3rd complex e-commerce business sites, proxy layers 2nd 3rd complex e-commerce business sites, security networks 2nd 3rd 4th small businesses with basic Internet presence 2nd 3rd 4th 5th 6th 7th small e-commerce business sites 2nd 3rd 4th 5th 6th 7th 8th 9th telecommuters using broadband connections 2nd 3rd 4th 5th 6th cost, determining 2nd design elements firewalls 2nd firewalls, access control 2nd firewalls, basic filtering 2nd firewalls, inline 2nd firewalls, ISP controlled routers 2nd firewalls, parallel 2nd 3rd firewalls, VPN interaction 2nd 3rd 4th 5th 6th routers 2nd 3rd 4th routers, access control 2nd routers, basic filtering 2nd routers, ISP controlled 2nd VPN, firewall interaction 2nd 3rd 4th 5th 6th network composition, determining potential threats, determining resource protection bridges 2nd 3rd copiers IP-based telephony systems modems 2nd PBX systems printers routers 2nd 3rd servers 2nd switches 2nd 3rd voice mail systems workstations 2nd planning phase (network security assessments) scope, determining assessment logistics assessment technique risk levels documentation test resources, assembling written authorization plug-ins (Nessus) 2ndpoisoning attacks [See spoofing attacks] police command (NBAR) policy enforcement switch-type NIPS polymorphic malware detecting antivirus softwareport command (FTP) stateful firewalls PORT command (proxy firewalls) 2nd 3rd port forwarding (SSH)port scanners Nmap network security assessments 2nd version scans 2ndports filtering isolated (PVLAN) listing 2nd packet-filtering promiscuous (PVLAN) router console hardening 2nd server-side TCP UDP spanning IDS sensor placement TCP Port 80 unenforceable security policies PortSentry network connection monitoring utility 2nd PPTP (Point-to-Point Tunneling Protocol) 2nd Cisco PIX VPDN configuration example 2nd 3rd 4th versus L2TP 2nd pre-shared key authentication pre-shared keys IPSec authentication preparation phase (incident response) presentation components [See multitier applications;user interface components] presumption of privacy (security policies) print and file services [See resource-sharing services] printers secure perimeter design privacy (security policies) private addresses 2nd ingress filtering private IP addresses ingress filtering 2nd 3rd private keys (asymmetric key encryption algorithms) private VLANs 2nd isolated ports promiscuous ports private-only networks access lists examples of 2nd 3rd 4th 5thproc command (routers) CPU usage 2nd promiscuous ports (PVLAN) propagation (network latency) proprietary VPN implementations protocol scrubbingprotocol-aware logging proxy firewalls RingZero Trojan exploit 2nd protocols AH ESP protcol combinations 2nd ICV packet header information 2nd 3rd ARP link layer troubleshooting 2nd 3rd CDP disabling CORBA interapplication communication DCOM interapplication communication 2nd dynamic routing 2nd route authentication 2nd update blocking 2nd 3rd EAP-TLS 2nd 3rd ESP AH protcol combinations 2nd IPSec transport mode 2nd 3rd NAT 2nd packet header components 2nd packet traces, example of 2nd FTP extended ACL 2nd 3rd port command, stateful firewalls reflexive ACL 2nd router hardening tracking state 2nd GRE software architecture, firewalls HTTP interapplication communication tracking state 2nd ICMP packet-too-big unreachable messages 2nd router hardening router hardening, directed broadcasts router hardening, redirects router hardening, unreachables 2nd 3rd TCP/IP network performance 2nd tracking state 2nd IIOP interapplication communication IKE authentication, digital certificates authentication, pre-shared keys phase 1 negotiations 2nd 3rd phase 1 negotiations, authentication exchanges phase 1 negotiations, example of 2nd 3rd phase 2 negotiations phase 2 negotiations, example of IP blocking address ranges blocking spoofed addresses friendly net access 2nd 3rd 4th role in TCP/IP software architectures, firewalls TTL, network log analysis versions of 2nd IPSec AH protocol AH protocol, ESP protocol combinations 2nd AH protocol, ICV AH protocol, packet header information 2nd 3rd authentication, pre-shared keys configuration examples, Cisco routers 2nd 3rd 4th 5th 6th 7th 8th 9th configuration examples, Windows XP 2nd 3rd 4th 5th 6th 7th 8th ESP protocol ESP protocol, AH protocol combinations 2nd ESP protocol, IPSec transport mode ESP protocol, IPSec tunnel mode 2nd ESP protocol, NAT 2nd ESP protocol, packet header components 2nd ESP protocol, packet traces, example of 2nd IKE protocol IKE protocol, digital certificate authentication IKE protocol, phase 1 negotiations 2nd 3rd 4th 5th 6th 7th IKE protocol, phase 2 negotiations 2nd IKE protocol, pre-shared key authentication SA 2nd 3rd SAD 2nd SPD transport mode transport mode, ESP protocol tunnel mode, ESP protocol 2nd tunneling mode versus L2TP 2nd wireless network security L2TP versus IPSec 2nd versus PPTP 2nd Windows XP client software configuration example 2nd 3rd LEAP 2nd dictionary attacks 2nd multimedia tracking state NAT, breaking via NTP router configuration/authentication 2nd 3rd OSPF network performance PASSV FTP reflexive ACL PASV FTP extended ACL 2nd 3rd PEAP 2nd 3rd TinyPEAP PPTP 2nd Cisco PIX VPDN configuration example 2nd 3rd 4th versus L2TP 2nd proxy firewall compatibility 2nd RIP network performance 2nd SNMP Big Brother system/network monitoring software exploits on monitoring local system attributes 2nd router hardening 2nd 3rd 4th 5th 6th 7th 8th 9th versions of SNMPv2p SNMPv3 remote monitoring security 2nd SOAP bypassing firewalls interapplication communication 2nd SOCKS 2nd 3rd SOCKSv4 SOCKSv5 SSH public key authentication router attacks TCP CLOSE-WAIT state CLOSED state CLOSING state ESTABLISHED state filtering ports FIN-WAIT-1 state FIN-WAIT-2 state LAST-ACK state LISTEN state role in TCP/IP server-side ports state tables SYN-RCVD state SYN-SENT state TIME-WAIT state 2nd tracking state 2nd 3rd 4th 5th TCP/IP IP, function of IP, versions of 2nd network performance, MTU 2nd network performance, socket buffer sizes 2nd network performance, window sizes RFC 1323 extensions 2nd TCP, function of TFTP router configuration 2nd router hardening 2nd TLS network performance 2nd 3rd UDP filtering ports reflexive ACL server-side ports tracking state 2nd WPA 2nd dictionary attacks 2nd proxies anonymizing JAP proxy chaining remote network security assessments network security assessments, access controls 2nd network security assessments, authentication 2nd 3rd network security assessments, client restrictions 2nd network security assessments, encryption reverse 2nd Citrix Metaframe Web logging Web browsing proxy caches [See also proxy servers] freshness proxy chaining Onion routing SocksChainproxy firewalls advantages of 2nd configuring disadvantages of 2nd 3rd FTP 2nd FTP, bypassing via functions of FWTK 2nd Gauntlet 2nd generic proxies 2nd high-risk services internal protected networks market availability 2nd 3rd network discovery 2nd network performance 2nd network structures, hiding 2nd nontransparent request handling performance of perimeter defense, role in PORT command 2nd 3rd protocol compatibility 2nd protocol support protocol-aware logs RingZero Trojan exploit 2nd RETR command SOCKS protocol SOCKSv4 protocol SOCKSv5 protocol Squid transparent request handling, example of 2nd URL versus stateful firewalls VPNproxy layers complex e-commerce site case studies 2nd 3rd proxy servers [See also proxy caches] client awareness functions of initiators listeners SSL perimeter defenses uses of proxy-ARP disabling 2nd Ptacek, Thomas Insertion, Evasion and Denial of Service[COLON] Eluding Network Intrusion Detection [ITAL]public key authentication SSH protocol public key cryptography network performance Public Key Infrastructures (PKI) public keys (asymmetric key encryption algorithms) Public Servers security zone, creating public Web servers adversarial reviews determining attacker access 2nd 3rd adversarial reviews, determining impact of misconfigurations/vulnerabilities 2nd HP Virtual Vault adversarial reviews, determining attacker access 2nd 3rd adversarial reviews, determining impact of misconfigurations/vulnerabilities 2nd mkacct command purchasing software demos evaulation checklists 2nd unsecurable software,handling 2nd user information, gathering 2nd PUT attacks 2nd PVLANs 2nd isolated ports promiscuous ports |
|