Active Defense — A Comprehensive Guide to Network Security:
Introduction - 6
Chapter 1 - Why Secure Your Network? - 8
Chapter 2- How Much Security Do You Need? - 14
Chapter 3- Understanding How Network Systems Communicate - 27
Chapter 4- Topology Security - 62
Chapter 5- Firewalls - 81
Chapter 6- Configuring Cisco Router Security Features - 116
Chapter 7- Check Point’s FireWall-1 - 143
Chapter 8- Intrusion Detection Systems - 168
Chapter 9- Authentication and Encryption - 187
Chapter 10- Virtual Private Networking - 202
Chapter 11- Viruses, Trojans, and Worms: Oh My! - 218
Chapter 12- Disaster Prevention and Recovery - 233
Chapter 13- NetWare - 256
Chapter 14- NT and Windows 2000 - 273
Chapter 15- UNIX - 309
Chapter 16- The Anatomy of an Attack - 334
Chapter 17- Staying Ahead of Attacks - 352
Appendix A- About the CD-ROM - 366
Appendix B- Sample Network Usage Policy - 367
Overview
Some of us can remember a time when securing a network environment was a far easier task than it seems to be today. As long as every user had a password and the correct levels of file permissions had been set, we could go to sleep at night confident that our network environment was relatively secure. This confidence may or may not have been justified, but at least we felt secure.
Then along came the Internet and everything changed. The Internet has accelerated at an amazing rate the pace at which information is disseminated. In the early 1990s, most of us would not hear about a security vulnerability unless it made it into a major magazine or newspaper. Even then, the news release typically applied to an old version of software that most of us no longer used anyway. These days, hundreds of thousands of people can be made privy to the details of a specific vulnerability in less than an hour.
This is not to say that all this discussion of product vulnerabilities is a bad thing. Actually, quite the opposite is true. Individuals with malicious intent have always had places to exchange ideas. Pirate bulletin boards have been around since the 1980s. Typically, it was the rest of us who were left out in the cold with no means of dispersing this information to the people who needed it most: the network administrators attempting to maintain a secure environment. The Internet has become an excellent means to get vulnerability information into the hands of the people responsible for securing their environments. Increased awareness also brings increased responsibility. This is not only true for the software company that is expected to fix the vulnerability; it is also true for the network administrator or security specialist who is expected to deploy the fix. Any end user with a subscription to a mailing list can find out about vulnerabilities as quickly as the networking staff. This greatly increases the urgency of deploying security-related fixes as soon as they are developed. (As if we didn’t have enough on our plates already!)
So, along with all of our other responsibilities, we need to maintain a good security posture. The first problem is where to begin. Should you purchase a book on firewalls or on securing your network servers? Maybe you need to learn more about network communications in order to be able to understand how these vulnerabilities can even exist. Should you be worried about running backups or redundant servers?
One lesson that has been driven home since the publication of the first edition of this book is the need to view security not as a static package, but rather as a constant process incorporating all facets of networking and information technology. You cannot focus on one single aspect of your network and expect your environment to remain secure. Nor can this process be done in isolation from other networking activities. This book provides system and network administrators with the information they will need to run a network with multiple layers of security protection, while considering issues of usability, privacy, and manageability.
Introduction - 6
Chapter 1 - Why Secure Your Network? - 8
Chapter 2- How Much Security Do You Need? - 14
Chapter 3- Understanding How Network Systems Communicate - 27
Chapter 4- Topology Security - 62
Chapter 5- Firewalls - 81
Chapter 6- Configuring Cisco Router Security Features - 116
Chapter 7- Check Point’s FireWall-1 - 143
Chapter 8- Intrusion Detection Systems - 168
Chapter 9- Authentication and Encryption - 187
Chapter 10- Virtual Private Networking - 202
Chapter 11- Viruses, Trojans, and Worms: Oh My! - 218
Chapter 12- Disaster Prevention and Recovery - 233
Chapter 13- NetWare - 256
Chapter 14- NT and Windows 2000 - 273
Chapter 15- UNIX - 309
Chapter 16- The Anatomy of an Attack - 334
Chapter 17- Staying Ahead of Attacks - 352
Appendix A- About the CD-ROM - 366
Appendix B- Sample Network Usage Policy - 367
Overview
Some of us can remember a time when securing a network environment was a far easier task than it seems to be today. As long as every user had a password and the correct levels of file permissions had been set, we could go to sleep at night confident that our network environment was relatively secure. This confidence may or may not have been justified, but at least we felt secure.
Then along came the Internet and everything changed. The Internet has accelerated at an amazing rate the pace at which information is disseminated. In the early 1990s, most of us would not hear about a security vulnerability unless it made it into a major magazine or newspaper. Even then, the news release typically applied to an old version of software that most of us no longer used anyway. These days, hundreds of thousands of people can be made privy to the details of a specific vulnerability in less than an hour.
This is not to say that all this discussion of product vulnerabilities is a bad thing. Actually, quite the opposite is true. Individuals with malicious intent have always had places to exchange ideas. Pirate bulletin boards have been around since the 1980s. Typically, it was the rest of us who were left out in the cold with no means of dispersing this information to the people who needed it most: the network administrators attempting to maintain a secure environment. The Internet has become an excellent means to get vulnerability information into the hands of the people responsible for securing their environments. Increased awareness also brings increased responsibility. This is not only true for the software company that is expected to fix the vulnerability; it is also true for the network administrator or security specialist who is expected to deploy the fix. Any end user with a subscription to a mailing list can find out about vulnerabilities as quickly as the networking staff. This greatly increases the urgency of deploying security-related fixes as soon as they are developed. (As if we didn’t have enough on our plates already!)
So, along with all of our other responsibilities, we need to maintain a good security posture. The first problem is where to begin. Should you purchase a book on firewalls or on securing your network servers? Maybe you need to learn more about network communications in order to be able to understand how these vulnerabilities can even exist. Should you be worried about running backups or redundant servers?
One lesson that has been driven home since the publication of the first edition of this book is the need to view security not as a static package, but rather as a constant process incorporating all facets of networking and information technology. You cannot focus on one single aspect of your network and expect your environment to remain secure. Nor can this process be done in isolation from other networking activities. This book provides system and network administrators with the information they will need to run a network with multiple layers of security protection, while considering issues of usability, privacy, and manageability.
DOWNLOAD LINK:
