search for books and compare prices
Tables of Contents for Firewalls and Internet Security
Chapter/Section Title
Page #
Page Count
Preface to the Second Edition
xiii
Preface to the First Edition
xvii
I Getting Started
1
92
Introduction
3
16
Security Truisms
3
4
Picking a Security Policy
7
3
Host-Based Security
10
1
Perimeter Security
10
1
Strategies for a Secure Network
11
5
The Ethics of Computer Security
16
2
Warning
18
1
A Security Review of Protocols: Lower Layers
19
22
Basic Protocols
19
9
Managing Addresses and Names
28
6
IP version 6
34
3
Network Address Translators
37
1
Wireless Security
38
3
Security Review: The Upper Layers
41
32
Messaging
41
5
Internet Telephony
46
1
RPC-Based Protocols
47
5
File Transfer Protocols
52
6
Remote Login
58
4
Simple Network Management Protocol---SNMP
62
1
The Network Time Protocol
63
1
Information Services
64
4
Proprietary Protocols
68
1
Peer-to-Peer Networking
69
1
The X11 Window System
70
1
The Small Services
71
2
The Web: Threat or Menace?
73
20
The Web Protocols
74
5
Risks to the Clients
79
6
Risks to the Server
85
4
Web Servers vs. Firewalls
89
2
The Web and Databases
91
1
Parting Thoughts
91
2
II The Threats
93
42
Classes of Attacks
95
24
Stealing Passwords
95
3
Social Engineering
98
2
Bugs and Back Doors
100
3
Authentication Failures
103
1
Protocol Failures
104
1
Information Leakage
105
1
Exponential Attacks---Viruses and Worms
106
1
Denial-of-Service Attacks
107
10
Botnets
117
1
Active Attacks
117
2
The Hacker's Workbench, and Other Munitions
119
16
Introduction
119
2
Hacking Goals
121
1
Scanning a Network
121
1
Breaking into the Host
122
1
The Battle for the Host
123
3
Covering Tracks
126
1
Metastasis
127
1
Hacking Tools
128
4
Tiger Teams
132
3
III Safer Tools and Services
135
38
Authentication
137
16
Remembering Passwords
138
6
Time-Based One-Time Passwords
144
1
Challenge/Response One-Time Passwords
145
1
Lamport's One-Time Password Algorithm
146
1
Smart Cards
147
1
Biometrics
147
1
Radius
148
1
SASL: An Authentication Framework
149
1
Host-to-Host Authentication
149
1
PKI
150
3
Using Some Tools and Services
153
20
Inetd---Network Services
153
1
Ssh---Terminal and File Access
154
4
Syslog
158
1
Network Administration Tools
159
3
Chroot---Caging Suspect Software
162
3
Jailing the Apache Web Server
165
2
Aftpd---A Simple Anonymous FTP Daemon
167
1
Mail Transfer Agents
168
1
POP3 and IMAP
168
1
Samba: An SMB Implementation
169
1
Taming Named
170
1
Adding SSL Support with Sslwrap
170
3
IV Firewalls and VPNs
173
72
Kinds of Firewalls
175
22
Packet Filters
176
9
Application-Level Filtering
185
1
Circuit-Level Gateways
186
2
Dynamic Packet Filters
188
5
Distributed Firewalls
193
1
What Firewalls Cannot Do
194
3
Filtering Services
197
14
Reasonable Services to Filter
198
8
Digging for Worms
206
1
Services We Don't Like
207
2
Other Services
209
1
Something New
210
1
Firewall Engineering
211
22
Rulesets
212
2
Proxies
214
1
Building a Firewall from Scratch
215
12
Firewall Problems
227
3
Testing Firewalls
230
3
Tunneling and VPNs
233
12
Tunnels
234
2
Virtual Private Networks (VPNs)
236
6
Software vs. Hardware
242
3
V Protecting an Organization
245
40
Network Layout
247
12
Intranet Explorations
248
1
Intranet Routing Tricks
249
4
In Host We Trust
253
2
Belt and Suspenders
255
2
Placement Classes
257
2
Safe Hosts in a Hostile Environment
259
20
What Do We Mean by ``Secure''?
259
1
Properties of Secure Hosts
260
5
Hardware Configuration
265
1
Field-Stripping a Host
266
4
Loading New Software
270
1
Administering a Secure Host
271
6
Skinny-Dipping: Life Without a Firewall
277
2
Intrusion Detection
279
6
Where to Monitor
280
1
Types of IDSs
281
1
Administering an IDS
282
1
IDS Tools
282
3
VI Lessons Learned
285
48
An Evening with Berferd
287
14
Unfriendly Acts
287
3
An Evening with Berferd
290
4
The Day After
294
1
The Jail
295
1
Tracing Berferd
296
2
Berferd Comes Home
298
3
The Taking of Clark
301
12
Prelude
302
1
Clark
302
1
Crude Forensics
303
1
Examining Clark
304
6
The Password File
310
1
How Did They Get In?
310
1
Better Forensics
311
1
Lessons Learned
312
1
Secure Communications over Insecure Networks
313
16
The Kerberos Authentication System
314
4
Link-Level Encryption
318
1
Network-Level Encryption
318
4
Application-Level Encryption
322
7
Where Do We Go from Here?
329
4
IPv6
329
1
DNSsec
330
1
Microsoft and Security
330
1
Internet Ubiquity
331
1
Internet Security
331
1
Conclusion
332
1
VII Appendixes
333
22
A An Introduction to Cryptography
335
14
A.1 Notation
335
2
A.2 Secret-Key Cryptography
337
2
A.3 Modes of Operation
339
3
A.4 Public Key Cryptography
342
1
A.5 Exponential Key Exchange
343
1
A.6 Digital Signatures
344
2
A.7 Secure Hash Functions
346
1
A.8 Timestamps
347
2
B Keeping Up
349
6
B.1 Mailing Lists
350
1
B.2 Web Resources
351
1
B.3 Peoples' Pages
352
1
B.4 Vendor Security Sites
352
1
B.5 Conferences
353
2
Bibliography
355
34
List of s
389
2
List of Acronyms
391
6
Index
397