EBOOK - Building Internet Firewalls 2nd Ed (Elizabeth D. Zwicky)
In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing businesson the Web, often without integrating sound security technologies and policies into their products and methods. The security risks - and the need to protect both business and personal data - have never been greater. We've updated Building Internet Firewallsto address these newer risks.
CONTENTS:
I Network Security 8
1 Why Internet Firewalls? 9
1.1 What Are You Trying to Protect?
1.2 What Are You Trying to Protect Against?
1.3 Who Do You Trust?
1.4 How Can You Protect Your Site?
1.5 What Is an Internet Firewall?
1.6 Religious Arguments
2 Internet Services 27
2.1 Secure Services and Safe Services
2.2 The World Wide Web
2.3 Electronic Mail and News
2.4 File Transfer, File Sharing, and Printing
2.5 Remote Access
2.6 Real-Time Conferencing Services
2.7 Naming and Directory Services
2.8 Authentication and Auditing Services
2.9 Administrative Services
2.10 Databases
2.11 Games
3 Security Strategies 42
3.1 Least Privilege
3.2 Defense in Depth
3.3 Choke Point
3.4 Weakest Link
3.5 Fail-Safe Stance
3.6 Universal Participation
3.7 Diversity of Defense
3.8 Simplicity
3.9 Security Through Obscurity
II Building Firewalls 50
4 Packets and Protocols 51
4.1 What Does a Packet Look Like?
4.2 IP
4.3 Protocols Above IP
4.4 Protocols Below IP
4.5 Application Layer Protocols
4.6 IP Version 6
4.7 Non-IP Protocols
4.8 Attacks Based on Low-Level Protocol Details
5 Firewall Technologies 68
5.1 Some Firewall Definitions
5.2 Packet Filtering
5.3 Proxy Services
5.4 Network Address Translation
5.5 Virtual Private Networks
6 Firewall Architectures 81
6.1 Single-Box Architectures
6.2 Screened Host Architectures
6.3 Screened Subnet Architectures
6.4 Architectures with Multiple Screened Subnets
6.5 Variations on Firewall Architectures
6.6 Terminal Servers and Modem Pools
6.7 Internal Firewalls
7 Firewall Design 103
7.1 Define Your Needs
7.2 Evaluate the Available Products
7.3 Put Everything Together
8 Packet Filtering 108
8.1 What Can You Do with Packet Filtering?
8.2 Configuring a Packet Filtering Router
8.3 What Does the Router Do with Packets?
8.4 Packet Filtering Tips and Tricks
8.5 Conventions for Packet Filtering Rules
8.6 Filtering by Address
8.7 Filtering by Service
8.8 Choosing a Packet Filtering Router
8.9 Packet Filtering Implementations for General-Purpose Computers
8.10 Where to Do Packet Filtering
8.11 What Rules Should You Use?
8.12 Putting It All Together
9 Proxy Systems 146
9.1 Why Proxying?
9.2 How Proxying Works
9.3 Proxy Server Terminology
9.4 Proxying Without a Proxy Server
9.5 Using SOCKS for Proxying
9.6 Using the TIS Internet Firewall Toolkit for Proxying
9.7 Using Microsoft Proxy Server
9.8 What If You Can't Proxy?
10 Bastion Hosts 157
10.1 General Principles
10.2 Special Kinds of Bastion Hosts
10.3 Choosing a Machine
10.4 Choosing a Physical Location
10.5 Locating Bastion Hosts on the Network
10.6 Selecting Services Provided by a Bastion Host
10.7 Disabling User Accounts on Bastion Hosts
10.8 Building a Bastion Host
10.9 Securing the Machine
10.10 Disabling Nonrequired Services
10.11 Operating the Bastion Host
10.12 Protecting the Machine and Backups
11 Unix and Linux Bastion Hosts 176
11.1 Which Version of Unix?
11.2 Securing Unix
11.3 Disabling Nonrequired Services
11.4 Installing and Modifying Services
11.5 Reconfiguring for Production
11.6 Running a Security Audit
12 Windows NT and Windows 2000 Bastion Hosts 191
12.1 Approaches to Building Windows NT Bastion Hosts
12.2 Which Version of Windows NT?
12.3 Securing Windows NT
12.4 Disabling Nonrequired Services
12.5 Installing and Modifying Services
III Internet Services 203
13 Internet Services and Firewalls 204
13.1 Attacks Against Internet Services
13.2 Evaluating the Risks of a Service
13.3 Analyzing Other Protocols
13.4 What Makes a Good Firewalled Service?
13.5 Choosing Security-Critical Programs
13.6 Controlling Unsafe Configurations
14 Intermediary Protocols 223
14.1 Remote Procedure Call (RPC)
14.2 Distributed Component Object Model (DCOM)
14.3 NetBIOS over TCP/IP (NetBT)
14.4 Common Internet File System (CIFS) and Server Message Block (SMB)
14.5 Common Object Request Broker Architecture (CORBA) and Internet Inter-Orb Protocol (IIOP)
14.6 ToolTalk
14.7 Transport Layer Security (TLS) and Secure Socket Layer (SSL)
14.8 The Generic Security Services API (GSSAPI)
14.9 IPsec
14.10 Remote Access Service (RAS)
14.11 Point-to-Point Tunneling Protocol (PPTP)
14.12 Layer 2 Transport Protocol (L2TP)
15 The World Wide Web 245
15.1 HTTP Server Security
15.2 HTTP Client Security
15.3 HTTP
15.4 Mobile Code and Web-Related Languages
15.5 Cache Communication Protocols
15.6 Push Technologies
15.7 RealAudio and RealVideo
15.8 Gopher and WAIS
16 Electronic Mail and News 268
16.1 Electronic Mail
16.2 Simple Mail Transfer Protocol (SMTP)
16.3 Other Mail Transfer Protocols
16.4 Microsoft Exchange
16.5 Lotus Notes and Domino
16.6 Post Office Protocol (POP)
16.7 Internet Message Access Protocol (IMAP)
16.8 Microsoft Messaging API (MAPI)
16.9 Network News Transfer Protocol (NNTP)
17. File Transfer, File Sharing, and Printing 287
17.1 File Transfer Protocol (FTP)
17.2 Trivial File Transfer Protocol (TFTP)
17.3 Network File System (NFS)
17.4 File Sharing for Microsoft Networks
17.5 Summary of Recommendations for File Sharing
17.6 Printing Protocols
17.7 Related Protocols
18 Remote Access to Hosts 307
18.1 Terminal Access (Telnet)
18.2 Remote Command Execution
18.3 Remote Graphical Interfaces
19 Real-Time Conferencing Services 328
19.1 Internet Relay Chat (IRC)
19.2 ICQ
19.3 talk
19.4 Multimedia Protocols
19.5 NetMeeting
19.6 Multicast and the Multicast Backbone (MBONE)
20. Naming and Directory Services 341
20.1 Domain Name System (DNS)
20.2 Network Information Service (NIS)
20.3 NetBIOS for TCP/IP Name Service and Windows Internet Name Service
20.4 The Windows Browser
20.5 Lightweight Directory Access Protocol (LDAP)
20.6 Active Directory
20.7 Information Lookup Services
21 Authentication and Auditing Services 373
21.1 What Is Authentication?
21.2 Passwords
21.3 Authentication Mechanisms
21.4 Modular Authentication for Unix
21.5 Kerberos
21.6 NTLM Domains
21.7 Remote Authentication Dial-in User Service (RADIUS)
21.8 TACACS and Friends
21.9 Auth and identd
22 Administrative Services 397
22.1 System Management Protocols
22.2 Routing Protocols
22.3 Protocols for Booting and Boot-Time Configuration
22.4 ICMP and Network Diagnostics
22.5 Network Time Protocol (NTP)
22.6 File Synchronization
22.7 Mostly Harmless Protocols
23 Databases and Games 418
23.1 Databases
23.2 Games
24 Two Sample Firewalls 428
24.1 Screened Subnet Architecture
24.2 Merged Routers and Bastion Host Using General-Purpose Hardware
IV Keeping Your Site Secure 456
25 Security Policies 457
25.1 Your Security Policy
25.2 Putting Together a Security Policy
25.3 Getting Strategic and Policy Decisions Made
25.4 What If You Can't Get a Security Policy?
26 Maintaining Firewalls 468
26.1 Housekeeping
26.2 Monitoring Your System
26.3 Keeping up to Date
26.4 How Long Does It Take?
26.5 When Should You Start Over?
27 Responding to Security Incidents 481
27.1 Responding to an Incident
27.2 What to Do After an Incident
27.3 Pursuing and Capturing the Intruder
27.4 Planning Your Response
27.5 Being Prepared
V Appendixes 500
A Resources 501
A.1 Web Pages
A.2 FTP Sites
A.3 Mailing Lists
A.4 Newsgroups
A.5 Response Teams
A.6 Other Organizations
A.7 Conferences
A.8 Papers
A.9 Books
B Tools 513
B.1 Authentication Tools
B.2 Analysis Tools
B.3 Packet Filtering Tools
B.4 Proxy Systems Tools
B.5 Daemons
B.6 Utilities
C Cryptography 520
C.1 What Are You Protecting and Why?
C.2 Key Components of Cryptographic Systems
C.3 Combined Cryptography
C.4 What Makes a Protocol Secure?
C.5 Information About Algorithms
LINK DOWNLOAD
In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing businesson the Web, often without integrating sound security technologies and policies into their products and methods. The security risks - and the need to protect both business and personal data - have never been greater. We've updated Building Internet Firewallsto address these newer risks.
CONTENTS:
I Network Security 8
1 Why Internet Firewalls? 9
1.1 What Are You Trying to Protect?
1.2 What Are You Trying to Protect Against?
1.3 Who Do You Trust?
1.4 How Can You Protect Your Site?
1.5 What Is an Internet Firewall?
1.6 Religious Arguments
2 Internet Services 27
2.1 Secure Services and Safe Services
2.2 The World Wide Web
2.3 Electronic Mail and News
2.4 File Transfer, File Sharing, and Printing
2.5 Remote Access
2.6 Real-Time Conferencing Services
2.7 Naming and Directory Services
2.8 Authentication and Auditing Services
2.9 Administrative Services
2.10 Databases
2.11 Games
3 Security Strategies 42
3.1 Least Privilege
3.2 Defense in Depth
3.3 Choke Point
3.4 Weakest Link
3.5 Fail-Safe Stance
3.6 Universal Participation
3.7 Diversity of Defense
3.8 Simplicity
3.9 Security Through Obscurity
II Building Firewalls 50
4 Packets and Protocols 51
4.1 What Does a Packet Look Like?
4.2 IP
4.3 Protocols Above IP
4.4 Protocols Below IP
4.5 Application Layer Protocols
4.6 IP Version 6
4.7 Non-IP Protocols
4.8 Attacks Based on Low-Level Protocol Details
5 Firewall Technologies 68
5.1 Some Firewall Definitions
5.2 Packet Filtering
5.3 Proxy Services
5.4 Network Address Translation
5.5 Virtual Private Networks
6 Firewall Architectures 81
6.1 Single-Box Architectures
6.2 Screened Host Architectures
6.3 Screened Subnet Architectures
6.4 Architectures with Multiple Screened Subnets
6.5 Variations on Firewall Architectures
6.6 Terminal Servers and Modem Pools
6.7 Internal Firewalls
7 Firewall Design 103
7.1 Define Your Needs
7.2 Evaluate the Available Products
7.3 Put Everything Together
8 Packet Filtering 108
8.1 What Can You Do with Packet Filtering?
8.2 Configuring a Packet Filtering Router
8.3 What Does the Router Do with Packets?
8.4 Packet Filtering Tips and Tricks
8.5 Conventions for Packet Filtering Rules
8.6 Filtering by Address
8.7 Filtering by Service
8.8 Choosing a Packet Filtering Router
8.9 Packet Filtering Implementations for General-Purpose Computers
8.10 Where to Do Packet Filtering
8.11 What Rules Should You Use?
8.12 Putting It All Together
9 Proxy Systems 146
9.1 Why Proxying?
9.2 How Proxying Works
9.3 Proxy Server Terminology
9.4 Proxying Without a Proxy Server
9.5 Using SOCKS for Proxying
9.6 Using the TIS Internet Firewall Toolkit for Proxying
9.7 Using Microsoft Proxy Server
9.8 What If You Can't Proxy?
10 Bastion Hosts 157
10.1 General Principles
10.2 Special Kinds of Bastion Hosts
10.3 Choosing a Machine
10.4 Choosing a Physical Location
10.5 Locating Bastion Hosts on the Network
10.6 Selecting Services Provided by a Bastion Host
10.7 Disabling User Accounts on Bastion Hosts
10.8 Building a Bastion Host
10.9 Securing the Machine
10.10 Disabling Nonrequired Services
10.11 Operating the Bastion Host
10.12 Protecting the Machine and Backups
11 Unix and Linux Bastion Hosts 176
11.1 Which Version of Unix?
11.2 Securing Unix
11.3 Disabling Nonrequired Services
11.4 Installing and Modifying Services
11.5 Reconfiguring for Production
11.6 Running a Security Audit
12 Windows NT and Windows 2000 Bastion Hosts 191
12.1 Approaches to Building Windows NT Bastion Hosts
12.2 Which Version of Windows NT?
12.3 Securing Windows NT
12.4 Disabling Nonrequired Services
12.5 Installing and Modifying Services
III Internet Services 203
13 Internet Services and Firewalls 204
13.1 Attacks Against Internet Services
13.2 Evaluating the Risks of a Service
13.3 Analyzing Other Protocols
13.4 What Makes a Good Firewalled Service?
13.5 Choosing Security-Critical Programs
13.6 Controlling Unsafe Configurations
14 Intermediary Protocols 223
14.1 Remote Procedure Call (RPC)
14.2 Distributed Component Object Model (DCOM)
14.3 NetBIOS over TCP/IP (NetBT)
14.4 Common Internet File System (CIFS) and Server Message Block (SMB)
14.5 Common Object Request Broker Architecture (CORBA) and Internet Inter-Orb Protocol (IIOP)
14.6 ToolTalk
14.7 Transport Layer Security (TLS) and Secure Socket Layer (SSL)
14.8 The Generic Security Services API (GSSAPI)
14.9 IPsec
14.10 Remote Access Service (RAS)
14.11 Point-to-Point Tunneling Protocol (PPTP)
14.12 Layer 2 Transport Protocol (L2TP)
15 The World Wide Web 245
15.1 HTTP Server Security
15.2 HTTP Client Security
15.3 HTTP
15.4 Mobile Code and Web-Related Languages
15.5 Cache Communication Protocols
15.6 Push Technologies
15.7 RealAudio and RealVideo
15.8 Gopher and WAIS
16 Electronic Mail and News 268
16.1 Electronic Mail
16.2 Simple Mail Transfer Protocol (SMTP)
16.3 Other Mail Transfer Protocols
16.4 Microsoft Exchange
16.5 Lotus Notes and Domino
16.6 Post Office Protocol (POP)
16.7 Internet Message Access Protocol (IMAP)
16.8 Microsoft Messaging API (MAPI)
16.9 Network News Transfer Protocol (NNTP)
17. File Transfer, File Sharing, and Printing 287
17.1 File Transfer Protocol (FTP)
17.2 Trivial File Transfer Protocol (TFTP)
17.3 Network File System (NFS)
17.4 File Sharing for Microsoft Networks
17.5 Summary of Recommendations for File Sharing
17.6 Printing Protocols
17.7 Related Protocols
18 Remote Access to Hosts 307
18.1 Terminal Access (Telnet)
18.2 Remote Command Execution
18.3 Remote Graphical Interfaces
19 Real-Time Conferencing Services 328
19.1 Internet Relay Chat (IRC)
19.2 ICQ
19.3 talk
19.4 Multimedia Protocols
19.5 NetMeeting
19.6 Multicast and the Multicast Backbone (MBONE)
20. Naming and Directory Services 341
20.1 Domain Name System (DNS)
20.2 Network Information Service (NIS)
20.3 NetBIOS for TCP/IP Name Service and Windows Internet Name Service
20.4 The Windows Browser
20.5 Lightweight Directory Access Protocol (LDAP)
20.6 Active Directory
20.7 Information Lookup Services
21 Authentication and Auditing Services 373
21.1 What Is Authentication?
21.2 Passwords
21.3 Authentication Mechanisms
21.4 Modular Authentication for Unix
21.5 Kerberos
21.6 NTLM Domains
21.7 Remote Authentication Dial-in User Service (RADIUS)
21.8 TACACS and Friends
21.9 Auth and identd
22 Administrative Services 397
22.1 System Management Protocols
22.2 Routing Protocols
22.3 Protocols for Booting and Boot-Time Configuration
22.4 ICMP and Network Diagnostics
22.5 Network Time Protocol (NTP)
22.6 File Synchronization
22.7 Mostly Harmless Protocols
23 Databases and Games 418
23.1 Databases
23.2 Games
24 Two Sample Firewalls 428
24.1 Screened Subnet Architecture
24.2 Merged Routers and Bastion Host Using General-Purpose Hardware
IV Keeping Your Site Secure 456
25 Security Policies 457
25.1 Your Security Policy
25.2 Putting Together a Security Policy
25.3 Getting Strategic and Policy Decisions Made
25.4 What If You Can't Get a Security Policy?
26 Maintaining Firewalls 468
26.1 Housekeeping
26.2 Monitoring Your System
26.3 Keeping up to Date
26.4 How Long Does It Take?
26.5 When Should You Start Over?
27 Responding to Security Incidents 481
27.1 Responding to an Incident
27.2 What to Do After an Incident
27.3 Pursuing and Capturing the Intruder
27.4 Planning Your Response
27.5 Being Prepared
V Appendixes 500
A Resources 501
A.1 Web Pages
A.2 FTP Sites
A.3 Mailing Lists
A.4 Newsgroups
A.5 Response Teams
A.6 Other Organizations
A.7 Conferences
A.8 Papers
A.9 Books
B Tools 513
B.1 Authentication Tools
B.2 Analysis Tools
B.3 Packet Filtering Tools
B.4 Proxy Systems Tools
B.5 Daemons
B.6 Utilities
C Cryptography 520
C.1 What Are You Protecting and Why?
C.2 Key Components of Cryptographic Systems
C.3 Combined Cryptography
C.4 What Makes a Protocol Secure?
C.5 Information About Algorithms
LINK DOWNLOAD
Không có nhận xét nào: