| | | Copyright |
| | | About the Authors |
| | | About the Technical Editors |
| | | Acknowledgments |
| | | We Want to Hear from You! |
| | | Reader Services |
| | | Preface |
| | | | Rickety Planes |
| | | | Fires in the West |
| | | | Rapid Advances in Technology |
| | | | Decline in Personal Service |
| | | | Continuous Inspections |
| | | | Defense in Depth |
| | | | Core Business Sector |
| | | Introduction |
| | | | Who Should Read This Book |
| | | | Why We Created This Book's Second Edition |
| | | | Overview of the Book's Contents |
| | | | Conventions |
| | | Part I: The Essentials of Network Perimeter Security |
| | | | Chapter 1. Perimeter Security Fundamentals |
| | | | Terms of the Trade |
| | | | Defense in Depth |
| | | | Case Study: Defense in Depth in Action |
| | | | Summary |
| | | | Chapter 2. Packet Filtering |
| | | | TCP/IP Primer: How Packet Filtering Works |
| | | | TCP and UDP Ports |
| | | | TCP's Three-way Handshake |
| | | | The Cisco Router as a Packet Filter |
| | | | An Alternative Packet Filter: IPChains |
| | | | The Cisco ACL |
| | | | Effective Uses of Packet-Filtering Devices |
| | | | Egress Filtering |
| | | | Tracking Rejected Traffic |
| | | | Problems with Packet Filters |
| | | | Dynamic Packet Filtering and the Reflexive Access List |
| | | | Summary |
| | | | References |
| | | | Chapter 3. Stateful Firewalls |
| | | | How a Stateful Firewall Works |
| | | | The Concept of State |
| | | | Stateful Filtering and Stateful Inspection |
| | | | Summary |
| | | | References |
| | | | Chapter 4. Proxy Firewalls |
| | | | Fundamentals of Proxying |
| | | | Pros and Cons of Proxy Firewalls |
| | | | Types of Proxies |
| | | | Tools for Proxying |
| | | | Summary |
| | | | Chapter 5. Security Policy |
| | | | Firewalls Are Policy |
| | | | How to Develop Policy |
| | | | Perimeter Considerations |
| | | | Summary |
| | | | References |
| | | Part II: Fortifying the Security Perimeter |
| | | | Chapter 6. The Role of a Router |
| | | | The Router as a Perimeter Device |
| | | | The Router as a Security Device |
| | | | Router Hardening |
| | | | Summary |
| | | | Chapter 7. Virtual Private Networks |
| | | | VPN Basics |
| | | | Advantages and Disadvantages of VPNs |
| | | | IPSec Basics |
| | | | Other VPN Protocols: PPTP and L2TP |
| | | | Summary |
| | | | References |
| | | | Chapter 8. Network Intrusion Detection |
| | | | Network Intrusion Detection Basics |
| | | | The Roles of Network IDS in a Perimeter Defense |
| | | | IDS Sensor Placement |
| | | | Case Studies |
| | | | Summary |
| | | | Chapter 9. Host Hardening |
| | | | The Need for Host Hardening |
| | | | Removing or Disabling of Unnecessary Programs |
| | | | Limiting Access to Data and Configuration Files |
| | | | Controlling User and Privileges |
| | | | Maintaining Host Security Logs |
| | | | Applying Patches |
| | | | Additional Hardening Guidelines |
| | | | Summary |
| | | | Chapter 10. Host Defense Components |
| | | | Hosts and the Perimeter |
| | | | Antivirus Software |
| | | | Host-Based Firewalls |
| | | | Host-Based Intrusion Detection |
| | | | Challenges of Host Defense Components |
| | | | Summary |
| | | | References |
| | | | Chapter 11. Intrusion Prevention Systems |
| | | | Rapid Changes in the Marketplace |
| | | | What Is IPS? |
| | | | IPS Limitations |
| | | | NIPS |
| | | | Host-Based Intrusion Prevention Systems |
| | | | Summary |
| | | Part III: Designing a Secure Network Perimeter |
| | | | Chapter 12. Fundamentals of Secure Perimeter Design |
| | | | Gathering Design Requirements |
| | | | Design Elements for Perimeter Security |
| | | | Summary |
| | | | References |
| | | | Chapter 13. Separating Resources |
| | | | Security Zones |
| | | | Common Design Elements |
| | | | VLAN-Based Separation |
| | | | Summary |
| | | | References |
| | | | Chapter 14. Wireless Network Security |
| | | | 802.11 Fundamentals |
| | | | Securing Wireless Networks |
| | | | Auditing Wireless Security |
| | | | Case Study: Effective Wireless Architecture |
| | | | Summary |
| | | | References |
| | | | Chapter 15. Software Architecture |
| | | | Software Architecture and Network Defense |
| | | | How Software Architecture Affects Network Defense |
| | | | Software Component Placement |
| | | | Identifying Potential Software Architecture Issues |
| | | | Software Testing |
| | | | Network Defense Design Recommendations |
| | | | Case Study: Customer Feedback System |
| | | | Case Study: Web-Based Online Billing Application |
| | | | Summary |
| | | | References |
| | | | Chapter 16. VPN Integration |
| | | | Secure Shell |
| | | | Secure Sockets Layer |
| | | | Remote Desktop Solutions |
| | | | IPSec |
| | | | Other VPN Considerations |
| | | | VPN Design Case Study |
| | | | Summary |
| | | | References |
| | | | Chapter 17. Tuning the Design for Performance |
| | | | Performance and Security |
| | | | Network Security Design Elements That Impact Performance |
| | | | Impact of Encryption |
| | | | Using Load Balancing to Improve Performance |
| | | | Mitigating the Effects of DoS Attacks |
| | | | Summary |
| | | | References |
| | | | Chapter 18. Sample Designs |
| | | | Review of Security Design Criteria |
| | | | Case Studies |
| | | | Summary |
| | | Part IV: Maintaining and Monitoring Perimeter Security |
| | | | Chapter 19. Maintaining a Security Perimeter |
| | | | System and Network Monitoring |
| | | | Incident Response |
| | | | Accommodating Change |
| | | | Summary |
| | | | References |
| | | | Chapter 20. Network Log Analysis |
| | | | The Importance of Network Log Files |
| | | | Log Analysis Basics |
| | | | Analyzing Router Logs |
| | | | Analyzing Network Firewall Logs |
| | | | Analyzing Host-Based Firewall and IDS Logs |
| | | | Summary |
| | | | Chapter 21. Troubleshooting Defense Components |
| | | | The Process of Troubleshooting |
| | | | Troubleshooting Rules of Thumb |
| | | | The Troubleshooter's Toolbox |
| | | | Summary |
| | | | References |
| | | | Chapter 22. Assessment Techniques |
| | | | Roadmap for Assessing the Security of Your Network |
| | | | Planning |
| | | | Reconnaissance |
| | | | Network Service Discovery |
| | | | Vulnerability Discovery |
| | | | Verification of Perimeter Components |
| | | | Remote Access |
| | | | Exploitation |
| | | | Results Analysis and Documentation |
| | | | Summary |
| | | | Chapter 23. Design Under Fire |
| | | | The Hacker Approach to Attacking Networks |
| | | | Adversarial Review |
| | | | GIAC GCFW Student Practical Designs |
| | | | Summary |
| | | | References |
| | | | Chapter 24. A Unified Security Perimeter: The Importance of Defense in Depth |
| | | | Castles: An Example of Defense-in-Depth Architecture |
| | | | Absorbent Perimeters |
| | | | Defense in Depth with Information |
| | | | Summary |
| | | Part V: Appendixes |
| | | | Appendix A. Cisco Access List Sample Configurations |
| | | | Complete Access List for a Private-Only Network |
| | | | Complete Access List for a Screened Subnet Network That Allows Public Server Internet Access |
| | | | Example of a Router Configuration as Generated by the Cisco Auto Secure Feature |
| | | | Appendix B. Crypto 101 |
| | | | Encryption Algorithms |
| | | | References |
| | | Index |