+ Helps you see through a hacker's eyes so you can make your network more secure.
+ Provides technical advice that can be applied in any environment, on any platform, including help with intrusion detection systems, firewalls, encryption, anti-virus software, and digital certificates.
+ Emphasizes a wide range of administrative considerations, including security policies, user management, and control of services and devices.
+ Covers techniques for enhancing the physical security of your systems and network.
+ Explains how hackers use information-gathering to find and exploit security flaws.
+ Examines the most effective ways to prevent hackers from gaining root access to a server.
+ Addresses Denial of Service attacks, "malware," and spoofing.
+ Includes appendices covering the TCP/IP protocol stack, well-known ports, and reliable sources for security warnings and updates.
Network Security is a comprehensive resource written for anyone who plans or implements network security measures, including managers and practitioners. It offers a valuable dual perspective on security: how your network looks to hackers who want to get inside, and how you need to approach it on the inside to keep them at bay.
You get all the hands-on technical advice you need to succeed, but also higher-level administrative guidance for developing an effective security policy. There may be no such thing as absolute security, but, as the author clearly demonstrates, there is a huge difference between the protection offered by routine reliance on third-party products and what you can achieve by actively making informed decisions. You’ll learn to do just that with this book’s assessments of the risks, rewards, and trade-offs related implementing security measures.
Security practitioners, managers, and administrators working in IT and networking departments.
Network Security, 1st Edition
Chapter 1: In the Beginning
1.1 Defining Security
1.2 The Two Views of Network Security
1.3 The Organizational Security Process
1.4 Preparing a Security policy
1.5 Security Audits
1.6 SummaryChapter 2: Basic Security Architecture
2.1 Secure Network Layouts
2.3 Hands On: Setting File and Directory Permissions
2.4 SummaryChapter 3: Physical Security
3.1 Dealing with Theft and Vandalism
3.2 Protecting the System Console
3.3 Managing System Failure
3.4 Hands on: Providing Physical Security
3.5 SummaryChapter 4: Information Gathering
4.1 Social Engineering
4.2 Using Published Information
4.3 Port Scanning
4.4 Network Mapping
4.5 Hands On
4.6 SummaryChapter 5: Gaining and Keeping Root Access
5.1 Root Kits
5.2 Brute Force Entry Attacks and Intrusion Detection
5.3 Buffer overflow Attacks
5.4 Hands On
5.5 SummaryChapter 6: Spoofing
6.1 TCP spoofing
6.2 DNS spoofing
6.3 IP (and E-Mail) spoofing
6.4 Web spoofing
6.5 Hands On
6.6 SummaryChapter 7: Denial of Service Attacks
7.1 Single source DoS Attacks
7.2 Distributed DoS Attacks
7.3 Hands On
7.4 SummaryChapter 8: Malware
8.1 A Bit of Malware History
8.2 Types of Malware Based on Propagation Methods
8.3 Hands On
8.4 SummaryChapter 9: User and Password Security
9.1 Password Policy
9.2 Strong Passwords
9.3 Password File Security
9.4 Password Audits
9.5 Enhancing Password Security with Tokens
9.6 Hands On: Password Management Software
9.7 SummaryChapter 10: Remote Access
10.1 Remote Access Vulnerabilities
10.3 Remote User Authentication
10.4 Hands On: OS VPN Support
10.5 SummaryChapter 11: Wireless Security
11.1 Wireless Standards
11.2 Wireless Network Vulnerabilities
11.3 Wireless Security Provisions
11.4 Hands On: Securing Your 802.11x Wireless Network
11.5 SummaryChapter 12: Encryption
12.1 To Encrypt or Not to Encrypt
12.2 Single Key Encryption Schemes
12.3 Two-Key Encryption Schemes
12.4 Combining Single- and Two-Key Encryption
12.5 Ensuring Message Integrity
12.6 Message Authentication and Digital Certificates
12.7 Composition and Purpose of PKI
12.8 Hands On
12.9 SummaryAppendix A: The TCP/IP Protocol Stack
13.1 The Operation of a Protocol Stack
13.2 The Application Layer
13.3 The Transport Layer
13.4 The Internet Layer
13.5 The Logical Link Control Layer
13.6 The MAC Layer
13.7 The Physical LayerAppendix B: TCP and UDP Ports
14.0 Well-Known Ports
14.1 Registered Ports
14.2 Port List ReferencesAppendix C: Security Update Sites
15.0 Professional Security Update Sites
15.1 Other Sites of Interest