Network Defense and Countermeasures : Principles and Practices (2ND)

Network Defense and Countermeasures : Principles and Practices (2ND)

  • ただいまウェブストアではご注文を受け付けておりません。 ⇒古書を探す
  • 製本 Paperback:紙装版/ペーパーバック版/ページ数 483 p.
  • 言語 ENG
  • 商品コード 9780789750945
  • DDC分類 004

Full Description


Network Defense and CountermeasuresPrinciples and PracticesEverything you need to know about modern network attacks and defense, in one bookClearly explains core network security concepts, challenges, technologies, and skillsThoroughly updated for the latest attacks and countermeasuresThe perfect beginner's guide for anyone interested in a network security careerSecurity is the IT industry's hottest topic-and that's where the hottest opportunities are, too. Organizations desperately need professionals who can help them safeguard against the most sophisticated attacks ever created-attacks from well-funded global criminal syndicates, and even governments.Today, security begins with defending the organizational network. Network Defense and Countermeasures, Second Edition is today's most complete, easy-to-understand introduction to modern network attacks and their effective defense.From malware and DDoS attacks to firewalls and encryption, Chuck Easttom blends theoretical foundations with up-to-the-minute best-practice techniques. Starting with the absolute basics, he discusses crucial topics many security books overlook, including the emergence of network-based espionage and terrorism.If you have a basic understanding of networks, that's all the background you'll need to succeed with this book: no math or advanced computer science is required. You'll find projects, questions, exercises, case studies, links to expert resources, and a complete glossary-all designed to deepen your understanding and prepare you to defend real-world networks.Chuck Easttom has worked in all aspects of IT, including network administration, software engineering, and IT management. For several years, he has taught IT topics in college and corporate environments, worked as an independent IT consultant, and served as an expert witness in court cases involving computers. He holds 28 industry certifications, including CISSP, ISSAP, Certified Ethical Hacker, Certified Hacking Forensics Investigator, EC Council Certified Security Administrator, and EC Council Certified Instructor. He served as subject matter expert for CompTIA in its development or revision of four certification tests, including Security+. He recently assisted the EC Council in developing its new advanced cryptography course. Easttom has authored 13 books on topics including computer security and crime. Learn how ton Understand essential network security concepts, challenges, and careersn Learn how modern attacks workn Discover how firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs) combine to protect modern networksn Select the right security technologies for any network environmentn Use encryption to protect informationn Harden Windows and Linux systems and keep them patchedn Securely configure web browsers to resist attacksn Defend against malwaren Define practical, enforceable security policiesn Use the "6 Ps" to assess technical and human aspects of system securityn Detect and fix system vulnerabilityn Apply proven security standards and models, including Orange Book, Common Criteria, and Bell-LaPadulan Ensure physical security and prepare for disaster recoveryn Know your enemy: learn basic hacking, and see how to counter itn Understand standard forensic techniques and prepare for investigations of digital crime

Contents

Pr> Chapter 1: Introduction to Network Security 2Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2The Basics of a Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Basic Network Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7The OSI Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11What Does This Mean for Security? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Assessing Likely Threats to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Classifications of Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Likely Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Threat Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Understanding Security Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Choosing a Network Security Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Network Security and the Law . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Using Security Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Chapter 2: Types of Attacks 38Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Understanding Denial of Service Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39Defending Against Buffer Overflow Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Defending Against IP Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57Defending Against Session Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Blocking Virus and Trojan Horse Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Chapter 3: Fundamentals of Firewalls 72Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72What Is a Firewall? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Implementing Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80Selecting and Using a Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Using Proxy Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89Chapter 4: Firewall Practical Applications 96Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Using Single Machine Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97Windows 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98User Account Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Linux Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Using Small Office/Home Office Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107Using Medium-Sized Network Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110Using Enterprise Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115Chapter 5: Intrusion-Detection Systems 122Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122Understanding IDS Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123Understanding and Implementing IDS Systems . . . . . . . . . . . . . . . . . . . . . . . 126Understanding and Implementing Honey Pots . . . . . . . . . . . . . . . . . . . . . . . . 130Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136Chapter 6: Encryption Fundamentals 142Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142The History of Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142Learning About Modern Encryption Methods . . . . . . . . . . . . . . . . . . . . . . . . . 148Identifying Good Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154Understanding Digital Signatures and Certificates . . . . . . . . . . . . . . . . . . . . . 155Understanding and Using Decryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Cracking Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159Steganalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161Exploring the Future of Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163Chapter 7: Virtual Private Networks 170Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Basic VPN Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Using VPN Protocols for VPN Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178SSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180Implementing VPN Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186Chapter 8: Operating System Hardening 192Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192Configuring Windows Properly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Configuring Linux Properly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214Patching the Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Configuring Browsers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222Chapter 9: Defending Against Virus Attacks 228Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228Understanding Virus Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229Virus Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236Antivirus Policies and Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248Additional Methods for Defending Your System . . . . . . . . . . . . . . . . . . . . . . . 249What to Do If Your System Is Infected by a Virus . . . . . . . . . . . . . . . . . . . . . . 249Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251Chapter 10: Defending Against Trojan Horses, Spyware, and Adware 258Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258Trojan Horses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Spyware and Adware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276Chapter 11: Security Policies 280Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280Defining User Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281Defining System Administration Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288Defining Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292Defining Developmental Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295Chapter 12: Assessing System Security 302Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302Evaluating the Security Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303Making the Initial Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306Probing the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312Security Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332Chapter 13: Security Standards 338Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338Using the Orange Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338Using the Rainbow Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348Using the Common Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351Using Security Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352U.S. Federal Regulations, Guidelines, and Standards . . . . . . . . . . . . . . . . . . 356Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359Chapter 14: Physical Security and Disaster Recovery 366Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366Physical Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367Disaster Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369Ensuring Fault Tolerance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373Chapter 15: Techniques Used by Attackers 376Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376Preparing to Hack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377The Attack Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392Chapter 16: Introduction to Forensics 396Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396General Forensics Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397FBI Forensics Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398Finding Evidence on the PC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399Gathering Evidence from a Cell Phone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407Forensic Tools to Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . 410Chapter 17: Cyber Terrorism 414Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414Defending Against Computer-Based Espionage . . . . . . . . . . . . . . . . . . . . . . . 415Defending Against Computer-Based Terrorism . . . . . . . . . . . . . . . . . . . . . . . . 421Choosing Defense Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433Appendix A: References 440Glossary 444Index 454