The practice of network security : deployment strategies for production environments

著者

    • Liska, Allan

書誌事項

The practice of network security : deployment strategies for production environments

Allan Liska

(Prentice Hall series in computer networking and distributed systems)

Prentice Hall PTR, c2003

  • alk. paper

大学図書館所蔵 件 / 2

この図書・雑誌をさがす

注記

Includes index

内容説明・目次

内容説明

This book is designed to address vulnerabilities in a network at all levels. Hence, it will cover WAN security, router and switch security, wireless network security, server and workstation security, and even remote access security. It covers best practices in major security tasks including developing a security model, monitoring for and logging security breaches, and responding to an attack. Liska also covers where a firewall should be placed in a network, and the purpose of a DMZ. Part 1: Introduction - provides the scope of network security, and helps a network administrator develop a security strategy, including providing numbers for revenue lost because of security incidents. Part 2: The Network - covers LAN and WAN security concerns. The idea is to restrict access into the network and prevent problems that occur in one area of the network from affecting others. Part 3: Firewalls - where to place them and the need for a DMZ. Part 4: Servers and Workstations - covers some of the fundamental problems with securing servers and workstations. Part 5: Monitoring and responding to attacks. It covers monitoring the network, what to look for, how to log information, and what to do if a network is attacked. Part 6: Bringing it all Together - take the network initially deployed, and demonstrate how the network has been better secured.

目次

1. Defining the Scope. What is Network Security? What Types of Network Security Are Important? What Is the Cost of Lax Security Policies? Where Is the Network Vulnerable? The Network. Summary. 2. Security Mode. Choosing a Security Mode. OCTAVE. Build Asset-Based Threat Profiles. Identify Infrastructure Vulnerabilities. Evaluate Security Strategy and Plans. Summary. 3. Understanding Types of Attacks. Sniffing and Port Scanning. Exploits. Spoofing. Distributed Denial of Service Attacks. Viruses and Worms. Summary. 4. Routing. The Router on the Network. The Basics. Disabling Unused Services. Redundancy. Securing Routing Protocols. Limit Access to Routers. Change Default Passwords! Summary. 5. Switching. The Switch on the Network. Multilayer Switching. VLANs. Spanning Tree. MAC Addressing. Restricting Access to Switches. Summary. 6. Authentication, Authorization, and Accounting. Kerberos. RADIUS. TACACS+. Summary. 7. Remote Access and VPNs. VPN Solutions. IP VPN Security. Dial-In Security Access. DSL and Cable VPN Security. Encrypting Remote Sessions. The VPN on the Network. Summary. 8. Wireless Wide Area Networks. Wireless WAN Security Issues. Spread Spectrum Technology. Location. Summary. 9. Wireless Local Area Networks. Access Point Security. SSID. WEP. MAC Address Filtering.RADIUS Authentication. WLAN VPN. 802.11i92. Summary. 10. Firewalls and Intrusion Detection Systems. The Purpose of the Firewall. What a Firewall Cannot Do. Types of Firewalls. Layer 2 Firewalls. Intrusion Detection Systems. Summary. 11. The DMZ. DMZ Network Design. Multiple DMZ Design. DMZ Rulesets. Summary. 12. Server Security. General Server Security Guidelines. Backups. Web Server Security. Mail Server Security. Outsourcing. Summary. 13. DNS Security. Securing Your Domain Name. A Secure BIND Installation. Limit Access to Domain Information. DNS Outsourcing. Djbdns. Summary. 14. Workstation Security. General Workstation Security Guidelines. Virus and Worm Scanning. Administrative Access. Remote Login. Summary. 15. Managing Network Security. Enforcing Security Policies. Understanding Network Security Risks. Avoiding Common Mistakes. Summary. 16. Monitoring. What to Monitor. SNMP. Centralizing the Monitoring Process. Summary. 17. Logging. Protecting Against Log-Altering Attacks. Syslog Servers. Sifting Through Logged Data. Summary. 18. Responding to an Attack. Creating a Response Chain of Command. Take Notes and Gather Evidence. Contain and Investigate the Problem. Remove the Problem. Contact Appropriate Parties. Prepare a Postmortem. Summary.

「Nielsen BookData」 より

関連文献: 1件中  1-1を表示

詳細情報

ページトップへ