Network Security First-Step

✍ Scribed by II, Thomas M Thomas

Publisher: Cisco Press
Year: 2004
Tongue: English
Leaves: 481
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

Your first step into the world of network security No security experience required Includes clear and easily understood explanations Makes learning easy

Your first step to network security begins here! Learn about hackers and their attacks Understand security tools and technologies Defend your network with firewalls, routers, and other devices Explore security for wireless networks Learn how to prepare for security incidents

Welcome to the world of network security!

Computer networks are indispensable-but they're also not secure. With the proliferation of Internet viruses and worms, many people and companies are considering increasing their network security. But first, you need to make sense of this complex world of hackers, viruses, and the tools to combat them.

No security experience needed!

"Network Security First-Step" explains the basics of network security in easy-to-grasp language that all of us can understand. This book takes you on a guided tour of the core technologies that make up and control network security. Whether you are looking to take your first step into a career in network security or are interested in simply gaining knowledge of the technology, this book is for you!

✦ Table of Contents

Cover......Page 1
Contents......Page 10
Introduction......Page 19
Essentials First: Looking for a Target......Page 24
Hacking Innocent Information......Page 26
Targets of Opportunity......Page 28
Are You a Target of Opportunity?......Page 30
Are You a Target of Choice?......Page 31
The Process of an Attack......Page 33
Reconnaissance and Footprinting (a.k.a. Casing the Joint)......Page 34
Scanning......Page 39
Enumeration......Page 43
Gaining Access......Page 47
Escalating Privilege......Page 51
Covering Tracks......Page 52
Network Security Organizations......Page 56
Center for Internet Security (CIS)......Page 57
Internet Storm Center......Page 58
Learning from the Network Security Organizations......Page 59
Overview of Common Attacks and Exploits......Page 60
Chapter Summary......Page 64
Chapter Review......Page 65
Chapter 2 Security Policies and Responses......Page 68
Defining Trust......Page 72
Policy Overview......Page 75
General Use and Ownership......Page 76
Security and Proprietary Information......Page 78
Unacceptable Use......Page 80
Conclusion......Page 83
Overview......Page 84
Scope......Page 85
General Policy......Page 86
General Password Construction Guidelines......Page 87
Password Protection Standards......Page 89
Conclusion......Page 90
Virtual Private Network (VPN) Security Policy......Page 91
Purpose......Page 92
Policy......Page 93
Extranet Connection Policy......Page 95
Purpose......Page 96
Third-Party Connection Agreement......Page 97
Modifying or Changing Connectivity and Access......Page 98
Conclusion......Page 99
ISO Certification and Security......Page 100
Sample Security Policies on the Internet......Page 102
Chapter Summary......Page 103
Chapter Review......Page 104
Security First Design Concepts......Page 106
Packet Filtering via Access Control Lists (ACLs)......Page 110
Grocery List Analogy......Page 112
Stateful Packet Inspection (SPI)......Page 116
Detailed Packet Flow Using SPI......Page 118
Network Address Translation (NAT)......Page 120
NAT’s Limitations......Page 124
Proxies and Application Level Protection......Page 126
Limitations of Proxies......Page 128
Content Filters......Page 129
Limitations of Content Filtering......Page 132
Public Key Infrastructure (PKI)......Page 133
PKI’s Limitations......Page 135
Authentication......Page 136
Authorization......Page 137
Accounting......Page 138
Remote Authentication Dial-In User Service (RADIUS)......Page 139
Terminal Access Controller Access Control System (TACACS)......Page 140
TACACS+ Versus RADIUS......Page 142
Chapter Summary......Page 143
Chapter Review Questions......Page 144
Chapter 4 Security Protocols......Page 146
DES Encryption......Page 148
Encryption Strength......Page 149
Limitations of DES......Page 150
Triple DES Encryption......Page 151
Encryption Strength......Page 152
Message Digest 5 Algorithm......Page 153
MD5 Hash in Action......Page 155
Point-to-Point Tunneling Protocol (PPTP)......Page 156
PPTP Functionality......Page 157
Limitations of PPTP......Page 159
Layer 2 Tunneling Protocol (L2TP)......Page 160
L2TP Versus PPTP......Page 161
Benefits of L2TP......Page 162
L2TP Operation......Page 163
Secure Shell (SSH)......Page 166
SSH Versus Telnet......Page 167
SSH Operation......Page 170
Tunneling and Port Forwarding......Page 172
Limitations of SSH......Page 173
Chapter Summary......Page 174
Chapter Review Questions......Page 175
Chapter 5 Firewalls......Page 178
Why Do I Need a Firewall?......Page 180
Do I Have Anything Worth Protecting?......Page 181
What Does a Firewall Do?......Page 182
Firewalls Are “The Security Policy”......Page 184
Firewall Operational Overview......Page 187
Firewalls in Action......Page 189
Implementing a Firewall......Page 191
Determine the Inbound Access Policy......Page 193
Determine Outbound Access Policy......Page 194
Essentials First: Life in the DMZ......Page 195
Case Study: To DMZ or Not to DMZ?......Page 197
Case Study: Firewall Deployment with Mail Server Inside the Protected (Internal)......Page 199
Case Study: Firewall Deployment with Mail Server in DMZ......Page 202
Firewall Limitations......Page 205
Chapter Summary......Page 206
Chapter Review Questions......Page 207
Chapter 6 Router Security......Page 210
Edge Router as a Choke Point......Page 214
Limitations of Choke Routers......Page 217
Edge Router as a Packet Inspector......Page 218
Benefits of the Firewall Feature Set......Page 219
Content-Based Packet Inspection......Page 223
Intrusion Detection with Cisco IOS......Page 228
FFS IDS Operational Overview......Page 230
FFS Limitations......Page 234
Secure IOS Template......Page 235
Chapter Summary......Page 249
Chapter Review Questions......Page 250
Chapter 7 IPSec Virtual Private Networks (VPNs)......Page 252
Analogy: VPNs Connect IsLANds Securely......Page 254
VPN Overview......Page 257
VPN Benefits and Goals......Page 260
VPN Implementation Strategies......Page 261
Split Tunneling......Page 263
Overview of IPSec VPNs......Page 264
Authentication and Data Integrity......Page 267
Tunneling Data......Page 268
Encryption Modes......Page 269
IPSec Protocols......Page 271
IPSec Operational Overview......Page 275
Configuring ISAKMP......Page 281
Configuring IPSec......Page 285
Firewall VPN Configuration for Client Access......Page 289
Chapter Summary......Page 292
Chapter Review Questions......Page 293
Chapter 8 Wireless Security......Page 296
Essentials First: Wireless LANs......Page 298
What Is Wi-Fi?......Page 300
Benefits of Wireless LANs......Page 301
Wireless Equals Radio Frequency......Page 302
Modes of Operation......Page 303
Coverage......Page 305
Bandwidth Availability......Page 306
WarGames Wirelessly......Page 307
Sniffing to Eavesdrop......Page 316
Denial of Service Attacks......Page 318
Rogue/Unauthorized Access Points......Page 319
Incorrectly Configured Access Points......Page 322
Wireless Security......Page 323
Service Set Identifier (SSID)......Page 324
Device and Access Point Association......Page 325
Wired Equivalent Privacy (WEP)......Page 326
Extensible Authentication Protocol (EAP)......Page 328
Increasing Wireless Security......Page 332
Essentials First: Wireless Hacking Tools......Page 333
NetStumbler......Page 334
Wireless Packet Sniffers......Page 336
AirSNORT......Page 337
Chapter Review Questions......Page 339
Chapter 9 Intrusion Detection and Honeypots......Page 342
Essentials First: Intrusion Detection......Page 345
IDS Functional Overview......Page 348
Protocol Analysis......Page 354
Signature/Pattern Matching......Page 355
Log Analysis......Page 356
Combining Methods......Page 357
IPS Responses and Actions......Page 358
IDS Products......Page 359
Limitations of IDS......Page 363
Essentials First: Honeypots......Page 366
Honeypot Design Strategies......Page 369
Chapter Summary......Page 370
Chapter Review Questions......Page 371
Chapter 10 Tools of the Trade......Page 374
Essentials First: Vulnerability Analysis......Page 376
Fundamental Attacks......Page 377
Security Assessments and Penetration Testing......Page 387
Internal Vulnerability and Penetration Assessment......Page 388
External Penetration and Vulnerability Assessment......Page 390
Physical Security Assessment......Page 392
Miscellaneous Assessments......Page 394
Vulnerability Scanners......Page 395
Features and Benefits of Vulnerability Scanners......Page 396
Nessus......Page 397
Retina......Page 400
Penetration Testing Products......Page 404
Documentation......Page 406
Vulnerability Updates......Page 407
Core Impact In Action......Page 408
Chapter Review Questions......Page 414
Appendix A: Answers to Chapter Review Questions......Page 416
A......Page 434
C......Page 436
D......Page 437
F......Page 439
I......Page 440
L......Page 442
N......Page 443
P......Page 444
R......Page 446
S......Page 447
V......Page 449
W......Page 450
Z......Page 451
A......Page 454
C......Page 456
D......Page 459
E......Page 460
F......Page 462
I......Page 463
L......Page 466
N......Page 467
P......Page 468
R......Page 471
S......Page 472
T......Page 473
U......Page 474
V......Page 475
W......Page 476
X-Y-Z......Page 477

✦ Subjects

Science;Technology

📜 SIMILAR VOLUMES

Network Security First-Step

📁 Network Security First-Step

✍ Thomas Thomas, Donald Stoddard 📂 Library 📅 2011 🏛 Cisco Press 🌐 English

Network Security first-step Second Edition Tom Thomas and Donald Stoddard Your first step into the world of network security <ul><li>No security experience required</li> <li>Includes clear and easily understood explanations</li> <li>Makes learning easy</

Computer Networking First-Step

📁 Computer Networking First-Step

✍ Wendell Odom 📂 Library 📅 2004 🏛 Cisco Press 🌐 English

Your first step into the world of computer networking No experience required Includes clear and easily understood explanations Makes learning easy Your first step to computer networking begins here! Learn basic networking terminology Understand how information is routed from place to pl

Wireless networks first-step

📁 Wireless networks first-step

✍ Jim Geier 📂 Library 📅 2005 🏛 Cisco Press 🌐 English

As a basic introduction to wireless networking, Wireless Networks First-Step assumes that readers have no previous wireless experience. The book provides an overview of wireless networking, along with details of applicable standards and technologies. Newcomers to wireless technologies will find prac

Computer Networking first-step

📁 Computer Networking first-step

✍ Wendell Odom 📂 Library 📅 2004 🏛 Cisco Press 🌐 English

Computer Networking First Step explains basic network concepts about as easily and gently as any book we've seen. Read it, and you'll look like you know what you're talking about - because you actually will.Wendell Odom introduces LANs, WANs, the Internet, routers, switches, network addressing, remo

Wireless Networks First-Step

📁 Wireless Networks First-Step

✍ Jim Geier 📂 Library 📅 2005 🏛 Cisco Press 🌐 English

Your First-Step into the World of Wireless Networks <ul> <li>No experience required! </li> <li>Gain an understanding of wireless networking basics with this reader friendly guide</li> <li>The first book anyone should read about wireless networks with step-by-step instruction</li>

Computer networking first-step: Includes

📁 Computer networking first-step: Includes index

✍ Odom, Wendell 📂 Library 📅 2004 🏛 Cisco Press 🌐 English

Computer Networking First Step is an accessible, easy to understand introduction to the language of the Internet. While not everyone needs to understand how to configure a router, many people are setting up Local Area Networks in their own homes, utilizing routing protocols to access the Internet, a