SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Network Security first-step
Second Edition
Tom Thomas and Donald Stoddard
Your first step into the world of network security
Your first step to network security begins here!
No security experience required!
Computer networks are indispensible, but they also are not secure. With the proliferation of security threats, many people and companies are looking for ways to increase the security of their networks and data. Before you can effectively implement security technologies and techniques, you need to make sense of this complex and quickly evolving world of hackers and malware, as well as the tools to combat them.
Network Security First-Step, Second Edition explains the basics of network security in easy-to-grasp language that all of us can understand. This book takes you on a guided tour of the core technologies that make up and control network security. Whether you are looking to take your first step into a career in network security or simply are interested in gaining knowledge of the technology, this book is for you!
Network Security First-Step: Firewalls
Download the sample pages (includes Chapter 7 and Index)
Introduction xxii
Chapter 1 There Be Hackers Here! 1
Essentials First: Looking for a Target 2
Hacking Motivations 3
Targets of Opportunity 4
Are You a Target of Opportunity? 6
Targets of Choice 7
Are You a Target of Choice? 7
The Process of an Attack 9
Reconnaissance 9
Footprinting (aka Casing the Joint) 11
Scanning 18
Enumeration 23
Enumerating Windows 24
Gaining Access 26
Operating System Attacks 27
Application Attacks 27
Misconfiguration Attacks 28
Scripted Attacks 29
Escalating Privilege 30
Covering Tracks 31
Where Are Attacks Coming From? 32
Common Vulnerabilities, Threats, and Risks 33
Overview of Common Attacks and Exploits 36
Network Security Organizations 39
CERT Coordination Center 40
SANS 40
Center for Internet Security (CIS) 40
SCORE 41
Internet Storm Center 41
National Vulnerability Database 41
Security Focus 42
Learning from the Network Security Organizations 42
Chapter Summary 43
Chapter Review 43
Chapter 2 Security Policies 45
Responsibilities and Expectations 50
A Real-World Example 50
Who Is Responsible? You Are! 50
Legal Precedence 50
Internet Lawyers 51
Evolution of the Legal System 51
Criminal Prosecution 52
Real-World Example 52
Individuals Being Prosecuted 53
International Prosecution 53
Corporate Policies and Trust 53
Relevant Policies 54
User Awareness Education 54
Coming to a Balance 55
Corporate Policies 55
Acceptable Use Policy 57
Policy Overview 57
Purpose 58
Scope 58
General Use and Ownership 58
Security and Proprietary Information 59
Unacceptable Use 60
System and Network Activities 61
Email and Communications Activities 62
Enforcement 63
Conclusion 63
Password Policy 64
Overview 64
Purpose 64
Scope 64
General Policy 65
General Password Construction Guidelines 66
Password Protection Standards 67
Enforcement 68
Conclusion 68
Virtual Private Network (VPN) Security Policy 69
Purpose 69
Scope 69
Policy 70
Conclusion 71
Wireless Communication Policy 71
Scope 72
Policy Statement 72
General Network Access Requirements 72
Lab and Isolated Wireless Device Requirements 72
Home Wireless Device Requirements 73
Enforcement 73
Definitions 73
Revision History 73
Extranet Connection Policy 74
Purpose 74
Scope 74
Security Review 75
Third-Party Connection Agreement 75
Business Case 75
Point of Contact 75
Establishing Connectivity 75
Modifying or Changing Connectivity and Access 76
Terminating Access 76
Conclusion 76
ISO Certification and Security 77
Delivery 77
ISO/IEC 27002 78
Sample Security Policies on the Internet 79
Industry Standards 79
Payment Card Industry Data Security Standard (PCI DSS) 80
Sarbanes-Oxley Act of 2002 (SOX) 80
Health Insurance Portability and Accounting Act (HIPAA) of 1996 81
Massachusetts 201: Standards for the Protection of Personal Information of Residents of the Commonwealth 81
SAS 70 Series 82
Chapter Summary 82
Chapter Review 83
Chapter 3 Processes and Procedures 85
Security Advisories and Alerts: Getting the Intel You Need to Stay Safe 86
Responding to Security Advisories 87
Step 1: Awareness 88
Step 2: Incident Response 90
Step 3: Imposing Your Will 95
Steps 4 and 5: Handling Network Software Updates (Best Practices) 96
Industry Best Practices 98
Use a Change Control Process 98
Read All Related Materials 98
Apply Updates as Needed 99
Testing 99
Uninstall 99
Consistency 99
Backup and Scheduled Downtime 100
Have a Back-Out Plan 100
Forewarn Helpdesk and Key User Groups 100
Don't Get More Than Two Service Packs Behind 100
Target Noncritical Servers/Users First 100
Service Pack Best Practices 101
Hotfix Best Practices 101
Service Pack Level Consistency 101
Latest Service Pack Versus Multiple Hotfixes 101
Security Update Best Practices 101
Apply Admin Patches to Install Build Areas 102
Apply Only on Exact Match 102
Subscribe to Email Notification 102
Summary 102
Chapter Review and Questions 104
Chapter 4 Network Security Standards and Guidelines 105
Cisco SAFE 2.0 106
Overview 106
Purpose 106
Cisco Validated Design Program 107
Branch/WAN Design Zone Guides 107
Campus Design Zone Guides 107
Data Center Design Zone Guides 108
Security Design Zone Guides 109
Cisco Best Practice Overview and Guidelines 110
Basic Cisco IOS Best Practices 110
Secure Your Passwords 110
Limit Administrative Access 111
Limit Line Access Controls 111
Limit Access to Inbound and Outbound Telnet (aka vty Port) 112
Establish Session Timeouts 113
Make Room Redundancy 113
Protect Yourself from Common Attacks 114
Firewall/ASAs 115
Encrypt Your Privileged User Account 115
Limit Access Control 116
Make Room for Redundant Systems 116
General Best Practices 117
Configuration Guides 117
Intrusion Prevention System (IPS) for IOS 117
NSA Security Configuration Guides 118
Cisco Systems 119
Switches Configuration Guide 119
VoIP/IP Telephony Security Configuration Guides 119
Microsoft Windows 119
Microsoft Windows Applications 120
Microsoft Windows 7/Vista/Server 2008 120
Microsoft Windows XP/Server 2003 121
Apple 121
Microsoft Security 121
Security Policies 121
Microsoft Windows XP Professional 122
Microsoft Windows Server 2003 122
Microsoft Windows 7 122
Windows Server 2008 123
Microsoft Security Compliance Manager 124
Chapter Summary 125
Chapter Link Toolbox Summary 125
Chapter 5 Overview of Security Technologies 127
Security First Design Concepts 128
Packet Filtering via ACLs 131
Grocery List Analogy 132
Limitations of Packet Filtering 136
Stateful Packet Inspection 136
Detailed Packet Flow Using SPI 138
Limitations of Stateful Packet Inspection 139
Network Address Translation (NAT) 140
Increasing Network Security 142
NAT's Limitations 143
Proxies and Application-Level Protection 144
Limitations of Proxies 146
Content Filters 147
Limitations of Content Filtering 150
Public Key Infrastructure 150
PKI's Limitations 151
Reputation-Based Security 152
Reactive Filtering Can't Keep Up 154
Cisco Web Reputation Solution 155
AAA Technologies 156
Authentication 156
Authorization 157
Accounting 157
Remote Authentication Dial-In User Service (RADIUS) 158
Terminal Access Controller Access Control System (TACACS) 159
TACACS+ Versus RADIUS 160
Two-Factor Authentication/Multifactor Authentication 161
IEEE 802.1x: Network Access Control (NAC) 162
Network Admission Control 163
Cisco TrustSec 164
Solution Overview 164
Cisco Identity Services Engine 166
Chapter Summary 168
Chapter Review Questions 168
Chapter 6 Security Protocols 169
Triple DES Encryption 171
Encryption Strength 171
Limitations of 3DES 172
Advanced Encryption Standard (AES) 172
Different Encryption Strengths 173
Limitations of AES 173
Message Digest 5 Algorithm 173
MD5 Hash in Action 175
Secure Hash Algorithm (SHA Hash) 175
Types of SHA 176
SHA-1 176
SHA-2 176
Point-to-Point Tunneling Protocol (PPTP) 177
PPTP Functionality 177
Limitations of PPTP 178
Layer 2 Tunneling Protocol (L2TP) 179
L2TP Versus PPTP 180
Benefits of L2TP 180
L2TP Operation 181
Secure Shell (SSH) 182
SSH Versus Telnet 184
SSH Operation 186
Tunneling and Port Forwarding 187
Limitations of SSH 188
SNMP v3 188
Security Built In 189
Chapter Summary 192
Chapter Review Questions 192
Chapter 7 Firewalls 193
Firewall Frequently Asked Questions 194
Who Needs a Firewall? 195
Why Do I Need a Firewall? 195
Do I Have Anything Worth Protecting? 195
What Does a Firewall Do? 196
Firewalls Are The Security Policy 197
We Do Not Have a Security Policy 200
Firewall Operational Overview 200
Firewalls in Action 202
Implementing a Firewall 203
Determine the Inbound Access Policy 205
Determine Outbound Access Policy 206
Essentials First: Life in the DMZ 206
Case Studies 208
Case Study: To DMZ or Not to DMZ? 208
Firewall Limitations 214
Chapter Summary 215
Chapter Review Questions 216
Chapter 8 Router Security 217
Edge Router as a Choke Point 221
Limitations of Choke Routers 223
Routers Running Zone Based Firewall 224
Zone-Based Policy Overview 225
Zone-Based Policy Configuration Model 226
Rules for Applying Zone-Based Policy Firewall 226
Designing Zone-Based Policy Network Security 227
Using IPsec VPN with Zone-Based Policy Firewall 228
Intrusion Detection with Cisco IOS 229
When to Use the FFS IDS 230
FFS IDS Operational Overview 231
FFS Limitations 233
Secure IOS Template 234
Routing Protocol Security 251
OSPF Authentication 251
Benefits of OSPF Neighbor Authentication 252
When to Deploy OSPF Neighbor Authentication 252
How OSPF Authentication Works 253
Chapter Summary 254
Chapter Review Questions 255
Chapter 9 IPsec Virtual Private Networks (VPNs) 257
Analogy: VPNs Securely Connect IsLANds 259
VPN Overview 261
VPN Benefits and Goals 263
VPN Implementation Strategies 264
Split Tunneling 265
Overview of IPsec VPNs 265
Authentication and Data Integrity 268
Tunneling Data 269
VPN Deployment with Layered Security 270
IPsec Encryption Modes 271
IPsec Tunnel Mode 271
Transport Mode 272
IPsec Family of Protocols 272
Security Associations 273
ISAKMP Overview 273
Internet Key Exchange (IKE) Overview 274
IKE Main Mode 274
IKE Aggressive Mode 275
IPsec Security Association (IPsec SA) 275
IPsec Operational Overview 276
IKE Phase 1 277
IKE Phase 2 278
Perfect Forward Secrecy 278
Diffie-Hellman Algorithm 279
Router Configuration as VPN Peer 281
Configuring ISAKMP 281
Preshared Keys 282
Configuring the ISAKMP Protection Suite 282
Configuring the ISAKMP Key 283
Configuring IPsec 284
Step 1: Create the Extended ACL 284
Step 2: Create the IPsec Transforms 284
Step 3: Create the Crypto Map 285
Step 4: Apply the Crypto Map to an Interface 286
Firewall VPN Configuration for Client Access 286
Step 1: Define Interesting Traffic 288
Step 2: IKE Phase 1[udp port 500] 288
Step 3: IKE Phase 2 288
Step 4: Data Transfer 289
Step 5: Tunnel Termination 289
SSL VPN Overview 289
Comparing SSL and IPsec VPNs 290
Which to Deploy: Choosing Between IPsec and SSL VPNs 292
Remote-Access VPN Security Considerations 293
Steps to Securing the Remote-Access VPN 294
Cisco AnyConnect VPN Secure Mobility Solution 295
Chapter Summary 296
Chapter Review Questions 297
Chapter 10 Wireless Security 299
Essentials First: Wireless LANs 301
What Is Wi-Fi? 302
Benefits of Wireless LANs 303
Wireless Equals Radio Frequency 303
Wireless Networking 304
Modes of Operation 305
Coverage 306
Bandwidth Availability 307
WarGames Wirelessly 307
Warchalking 308
Wardriving 309
Warspamming 311
Warspying 312
Wireless Threats 312
Sniffing to Eavesdrop and Intercept Data 313
Denial-of-Service Attacks 315
Rogue/Unauthorized Access Points 316
Misconfiguration and Bad Behavior 317
AP Deployment Guidelines 317
Wireless Security 318
Service Set Identifier (SSID) 318
Device and Access Point Association 319
Wired Equivalent Privacy (WEP) 319
WEP Limitations and Weaknesses 320
MAC Address Filtering 320
Extensible Authentication Protocol (EAP) 321
LEAP 322
EAP-TLS 322
EAP-PSK 323
EAP-TTLS 323
Essential Wireless Security 323
Essentials First: Wireless Hacking Tools 325
NetStumbler 325
Wireless Packet Sniffers 326
Aircrack-ng 327
OmniPeek 327
Wireshark 329
Chapter Summary 329
Chapter Review Questions 330
Chapter 11 Intrusion Detection and Honeypots 331
Essentials First: Intrusion Detection 333
IDS Functional Overview 335
Host Intrusion Detection System 340
Network Intrusion Detection System 341
Wireless IDS 343
Network Behavior Analysis 344
How Are Intrusions Detected? 345
Signature or Pattern Detection 346
Anomaly-Based Detection 346
Stateful Protocol Analysis 347
Combining Methods 347
Intrusion Prevention 347
IDS Products 348
Snort! 348
Limitations of IDS 350
Essentials First: Honeypots 354
Honeypot Overview 354
Honeypot Design Strategies 356
Honeypot Limitations 357
Chapter Summary 357
Chapter Review Questions 357
Chapter 12 Tools of the Trade 359
Essentials First: Vulnerability Analysis 361
Fundamental Attacks 361
IP Spoofing/Session Hijacking 362
Packet Analyzers 363
Denial of Service (DoS) Attacks 363
Other Types of Attacks 366
Back Doors 368
Security Assessments and Penetration Testing 370
Internal Vulnerability and Penetration Assessment 370
Assessment Methodology 371
External Penetration and Vulnerability Assessment 371
Assessment Methodology 372
Physical Security Assessment 373
Assessment Methodology 373
Miscellaneous Assessments 374
Assessment Providers 375
Security Scanners 375
Features and Benefits of Vulnerability Scanners 376
Freeware Security Scanners 376
Metasploit 376
NMAP 376
SAINT 377
Nessus 377
Retina Version 5.11.10 380
CORE IMPACT Pro (a Professional Penetration Testing Product) 382
In Their Own Words 383
Scan and Detection Accuracy 384
Documentation 384
Documentation and Support 386
Vulnerability Updates 386
Chapter Summary 386
Chapter Review Questions 387