Monday 24 February 2014

Active Defense — A Comprehensive Guide to Network Security

Active Defense — A Comprehensive Guide to Network Security:

Introduction - 6

Chapter 1 - Why Secure Your Network? - 8

Chapter 2- How Much Security Do You Need? - 14

Chapter 3- Understanding How Network Systems Communicate - 27

Chapter 4- Topology Security - 62

Chapter 5- Firewalls - 81

Chapter 6- Configuring Cisco Router Security Features - 116

Chapter 7- Check Point’s FireWall-1 - 143

Chapter 8- Intrusion Detection Systems - 168

Chapter 9- Authentication and Encryption - 187

Chapter 10- Virtual Private Networking - 202

Chapter 11- Viruses, Trojans, and Worms: Oh My! - 218

Chapter 12- Disaster Prevention and Recovery - 233

Chapter 13- NetWare - 256

Chapter 14- NT and Windows 2000 - 273

Chapter 15- UNIX - 309

Chapter 16- The Anatomy of an Attack - 334

Chapter 17- Staying Ahead of Attacks - 352

Appendix A- About the CD-ROM - 366

Appendix B- Sample Network Usage Policy - 367

Overview
Some of us can remember a time when securing a network environment was a far easier task than it seems to be today. As long as every user had a password and the correct levels of file permissions had been set, we could go to sleep at night confident that our network environment was relatively secure. This confidence may or may not have been justified, but at least we felt secure.
Then along came the Internet and everything changed. The Internet has accelerated at an amazing rate the pace at which information is disseminated. In the early 1990s, most of us would not hear about a security vulnerability unless it made it into a major magazine or newspaper. Even then, the news release typically applied to an old version of software that most of us no longer used anyway. These days, hundreds of thousands of people can be made privy to the details of a specific vulnerability in less than an hour.
This is not to say that all this discussion of product vulnerabilities is a bad thing. Actually, quite the opposite is true. Individuals with malicious intent have always had places to exchange ideas. Pirate bulletin boards have been around since the 1980s. Typically, it was the rest of us who were left out in the cold with no means of dispersing this information to the people who needed it most: the network administrators attempting to maintain a secure environment. The Internet has become an excellent means to get vulnerability information into the hands of the people responsible for securing their environments.  Increased awareness also brings increased responsibility. This is not only true for the software company that is expected to fix the vulnerability; it is also true for the network administrator or security specialist who is expected to deploy the fix. Any end user with a subscription to a mailing list can find out about vulnerabilities as quickly as the networking staff. This greatly increases the urgency of deploying security-related fixes as soon as they are developed. (As if we didn’t have enough on our plates already!)
So, along with all of our other responsibilities, we need to maintain a good security posture. The first problem is where to begin. Should you purchase a book on firewalls or on securing your network servers? Maybe you need to learn more about network communications in order to be able to understand how these vulnerabilities can even exist. Should you be worried about running backups or redundant servers? 
One lesson that has been driven home since the publication of the first edition of this book is the need to view security not as a static package, but rather as a constant process incorporating all facets of networking and information technology. You cannot focus on one single aspect of your network and expect your environment to remain secure. Nor can this process be done in isolation from other networking activities. This book provides system and network administrators with the information they will need to run a network with multiple layers of security protection, while considering issues of usability, privacy, and manageability.


DOWNLOAD LINK:

Ad hoc networking with Bluetooth: key metrics and distributed protocols for scatternet formation:

Ad hoc networking with Bluetooth: key metrics and distributed protocols for scatternet formation:

Abstract

Bluetooth is a promising technology for personal/local area wireless communications. A Bluetooth scatternet is composed of simple overlapping piconets, each with a low number of devices sharing the same radio channel. A scatternet may have different topological configurations, depending on the number of composing piconets, the role of the devices involved and the configuration of the links. This paper discusses the scatternet formation issue by analyzing topological characteristics of the scatternet formed. A matrix-based representation of the network topology is used to define metrics that are applied to evaluate the key cost parameters and the scatternet performance. Numerical examples are presented and discussed, highlighting the impact of metric selection on scatternet performance. Then, a distributed algorithm for scatternet topology optimization is introduced, that supports the formation of a ‘‘locally optimal’’ scatternet based on a selected metric. Numerical results obtained by adopting this distributed approach to ‘‘optimize’’ the network topology are shown to be close to the global optimum.



DOWNLOAD LINK:

Adaptive Demand-Driven Multicast Routing in Multi-Hop Wireless Ad Hoc Networks

Adaptive Demand-Driven Multicast Routing in Multi-Hop Wireless Ad Hoc Networks:

Abstract
The use of on-demand techniques in routing protocols for multihop wireless ad hoc networks has been shown to have signficant advantages in terms of reducing the routing protocol’s overhead and improving its ability to react quickly to topology changes in the network. A number of on-demand multicast routing protocols have been proposed, but each also relies on significant periodic (non-on-demand) behavior within portions of the protocol. This paper presents the design and initial evaluation of the Adaptive Demand-Driven Multicast Routing protocol (ADMR), a new ondemand
ad hoc network multicast routing protocol that attempts to reduce as much as possible any non-on-demand components within the protocol. Multicast routing state is dynamically established and
maintained only for active groups and only in nodes located between multicast senders and receivers. Each multicast data packet is forwarded along the shortest-delay path with multicast forwarding
state, from the sender to the receivers, and receivers dynamically adapt to the sending pattern of senders in order to efficiently balance overhead and maintenance of the multicast routing state as nodes in the network move or as wireless transmission conditions in the network change. We describe the operation of the ADMR protocol and present an initial evaluation of its performance based on detailed simulation in ad hoc networks of 50 mobile nodes. We show that ADMR achieves packet delivery ratios within 1% of a floodingbased protocol, while incurring half to a quarter of the overhead.



DOWNLOAD LINK:

Adhoc-like routing in wired networks with genetic algorithms

Adhoc-like routing in wired networks with genetic algorithms

Abstract

Routing of packets in networks requires that a path be selected either dynamically while the packets are being forwarded, or statically (in advance) as in source routing from a source node to a destination. Quality of service (QoS) driven routing has been proposed using a protocol called the ‘‘Cognitive Packet Network’’ (CPN) which dynamically selects paths through a store and forward packet network so as to provide best effort QoS to route peer-to-peer connections. CPN operates very much as an adhoc protocol within a wired setting, and uses smart packets to select routes based on QoS requirements. We extend the path discovery process in CPN to include a genetic algorithm which can help discover new paths that may not have been discovered by smart packets. We describe how possible routes can ‘‘evolve’’ from prior knowledge, and then be selected based on ‘‘fitness’’ with respect to QoS. We detail the design of the algorithm and of its implementation, and report on resulting QoS measurements.


DOWNLOAD LINK:

Ad-Hoc Services

Ad-Hoc Services:

Contents
1 Introduction 2
2 Performance Measures 3
2.1 Testing what? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.2 Testing communication with a small amount of data . . . . . . . . . . . 3
2.3 Testing communication with a big amount of data . . . . . . . . . . . . 3
2.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3 A Framework for System Wide Accessible Services 6
3.1 Demands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.3 Changing the Communication Technology . . . . . . . . . . . . . . . . . 8
3.4 Open Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4 Service Compiler for RMI Framework 9
4.1 Purpose of Compiler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
4.2 Description of Finite State Machines . . . . . . . . . . . . . . . . . . . . 9
4.3 Usage of Compiler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
4.4 Requirements of Compiler . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5 Implementing new Services 12
5.1 Requirements of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.2 Implementing a new Service . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.3 Using Services in Applications . . . . . . . . . . . . . . . . . . . . . . . . 12
6 Ad-Hoc-Services 13
6.1 General design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
6.2 Basic Ad-Hoc-Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
6.2.1 Neighborhood service . . . . . . . . . . . . . . . . . . . . . . . . 14
6.2.2 Forwarding service . . . . . . . . . . . . . . . . . . . . . . . . . . 14
6.2.3 Sni er service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.3 Non-Basic Ad-Hoc-Services . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.3.1 Flooding service . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.3.2 Messaging service . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.3.3 Noti er service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7 Conclusions 17

Chapter 1
Introduction

The objective of this thesis was to implement some basic ad-hoc services which can be used by Java applications running on the system. To realize this task, we needed a framework which allows applications to access the functions of the services. The services should be started at the start-up of the machine and run in the background.
One of the demands was that the applications should not need to know anything about the kind of communication that is used between the application and the service.
It should be possible to add new services to the existing framework, too. Another requirement was that it is possible to easily exchange the communication technology without changing services and applications. Chapter 3 describes the architecture of the framework we designed for those demands. Chapter 4 describes the compiler which is used to add new services to the machine.
Another aspect we paid attention to was performance. For selecting the right communication, we measured di erent kinds of communication for the messaging between the two Java Virtual Machines (Application - Services). In chapter 2 the results of these measurements are described.


DOWNLOAD LINK:

Advanced Algorithm for Detection and Prevention of Cooperative Black and Gray Hole Attacks in MANETS

Advanced Algorithm for Detection and Prevention of Cooperative Black and Gray Hole Attacks in MANETS:

In this paper, we propose an algorithm to detect a chain of cooperative malicious node in ad-hoc network that disrupts transmission of data by feeding wrong routing information along with the detection algorithm. We also propose a mechanism to detect and remove the black and gray hole attacks. Our technique is based on sending data in terms of equal but small sized blocks instead of sending whole of data in one continuous stream. The flow of message is monitored independently at the neighborhood of both source and destination. The result of monitoring is gathered by a backbone network of trusted nodes. Our algorithm takes O(n) time on average to find the chain of malicious nodes which is better than earlier O(n2) time bound for detecting a single black hole network.


DOWNLOAD LINK:

An Overview of MANETs Simulation

An Overview of MANETs Simulation:

Abstract
Mobile Ad hoc NETworks (MANETs) are dynamic networks populated by mobile stations. Stations in MANETs are usually laptops, PDAs or mobile phones. These devices feature Bluetooth and/or IEEE 802.11 (WiFi) network interfaces and communicate in a decentralized manner. Mobility is a key feature of MANETs. Because of their high cost and their lack of flexibility of such networks, experimentation is mostly achievable through simulation. Numerous tools exist for MANETs simulation, including ns-2 and GloMoSim which are the two most popular ones. This paper provides a State of the Art of MANETs simulators and associated simulation techniques. First it gives an overview of the domain. Then it provides a map of the main characteristics that MANETs simulation tools should feature and the current support of these. Finally, a description for each simulator is provided, including an explanation of what make them appealing solutions.

1 Introduction
Mobile ad hoc networks (MANETs) are networks composed of a set of communicating
devices able to spontaneously interconnect without any preexisting infrastructure. Devices in range can communicate in a point-to-point fashion. In addition to that, these devices are generally mobile.
More and more people are interested in ad hoc networks. Not only their importance in military applications is growing, but also their impact on business is increasing. The wide spread of lightweight and low-cost mobile devices—we are talking about mobile phones, PDAs, Pocket PCs, etc—which now embed Bluetooth and WiFi (IEEE 802.11) network adapters enable the spontaneous
creation of city-wide MANETs. These networks could then constitute the infrastructure of numerous applications such as emergency and health-care systems [44], groupware [18], gaming [61][31][57], advertisements, customerto-customer applications (like the UbiBay project [30]), etc.
Investigating MANETs is achievable by resorting either to software-based simulators or to experimentation networks (testbeds). Most researchers favour simulators as the expense of testbeds. What prevents (or at least hinders) the use of real-size testbeds is their cost and their inherent lack of flexibility. This becomes particularly impeding as the size of the experimented network grows. Software-based simulation then turns out to be a viable alternative and a widely used solution. This article surveys MANETs simulators. It is organized as follows: In section 2 testbeds solutions are over viewed, although they do not constitute the focus of this paper. Next in section 3, crucial
aspects of MANETs simulation are exposed. The techniques employed to implement them are described. Then in section 4, a list of the documented simulators is provided. Finally, section 5 gives some hints on which simulator to use for what needs and section 6 concludes by summarizing the current trends in MANETs simulation and by foreseeing its future directions.
Please note that this paper does not survey wired network simulators [5] and sensor network simulators [62][54]. The reason is that wired and sensor networks considerably diverge from MANETs in terms of structure, technologies, applications, etc. Thus they are considered to be out of the topic tackled herein.



DOWNLOAD LINK: