Fundamentals of Network Security

The book presents specific tools that can be used to test, strengthen, monitor, and hack systems. From LAN/WAN security, cryptography, digital signatures and certificates, and encryption on the Web... to secure e-mail protocols, biometrics, virtual private network protocols and firewalls, it covers essential topics on network security that can be understood even if you don't have a technical background. Over 110 illustrations clarify key concepts throughout the book.

Contents

Basic Security Concepts

• Why is Computer and Network Security Important.
• Background and History.
• The Security Trinity.
• Information Security.
• Risk Assessment.
• Security Models.
• Basic Terminology.
• More Basic Terminology.

• Protocols.
• The OSI Reference Model.
• TCP/IP Protocol Suite.
• Useful Web Sites.
• Search Engines.
• Mailing Lists.

• Cryptography.
• Stream Ciphers.
• Breaking Ciphers.
• Block Ciphers.
• Encryption.
• Public Key Cryptosystems.
• Message Integrity.
• Authentication.
• Digital Signatures.
• Competing Standards.
• Digital Certificates.
• Limitations of Digital Certificates.
• Certificate Authorities.
• Public Key Infrastructure.
• The Future.
• The Limitations of Encryption.

• How Kerberos Works.
• Kerberos' Limitations.

• The World Wide Web.
• Secure Sockets Layer (HTTPS).
• Secure HTTP (SHTTP).
• Microsoft's Internet Explorer.
• Viewing Digital Certificates with Internet Explorer.
• Viewing the Encryption Strength of IE5.
• Viewing Certification Authorities with IE5.
• Netscape Navigator. Viewing Digital Certificates with Navigator.
• Authenticode Certificates.

• E-Mail Issues.
• E-Mail Issues.
• Secure E-Mail Protocols.
• Web-Based E-Mail Services.
• Security of Stored Messages.
• Identity: Spoofing and Hiding.
• E-Mail as a weapon.
• E-Mail Policies.
• E-Mail Privacy.
• Auto-Responses.

• Passwords.
• Password Attacks.
• Onetime Passwords.
• Access Control.
• Data Redundancy.
• General Recommendations.
• Modems.
• Useful Tools.

• LAN Guidelines.
• Controlling End-User Access.
• Concurrent Logins.
• Available Disk Space.
• Restrictions to Location or Workstation.
• Time/Day Restrictions.
• Access to Directories and Trustee Rights. F
• ile Attributes.
• Other Privileges.
• Single Sign-On.
• Policy-Based Network Management.
• Honeypot Systems.
• Network Segmentation.
• Static IP Addresses vs. DHCP

• Network Media.
• Plenum Cabling and Risers.
• WANs.
• Redundancy and Alternative Connections.

• Router Issues.
• SNMP.

• Encryption on the Network.
• Node-to-Node Encryption.
• End-to-End Encryption.
• Where to Encrypt.
• Virtual Private Networks.
• PPTP.
• L2TP.
• IPSec.
• SOCKS.

• Firewalls Pros and Cons.
• Types of Firewalls.
• Packet Filters vs. Proxies.
• Firewall Configurations.
• Restricting Users' Access to the Internet.
• Firewall Products.
• Personal Firewalls

• Identification and Authentication.
• Biometric Identification and Authentication.
• Biometric Identification Reliability.
• Backup Authentication.
• Environmental Conditions.
• User Acceptance.
• Security of the Biometric System.
• Interoperability.
• Costs vs. Savings.

• Policies vs. Procedures.
• Information Security Policy Objectives.
• Developing Security Policies.
• Policy and Procedure Manuals.
• Policy Awareness & Education.
• Policy Enforcement.
• Policy Format.
• Security Policy Suggestions.
• Information Protection Team.
• Crisis Management Planning.
• Sources for Information Policies.

• What is an Audit.
• Operational Security Audits.
• System Security Auditing.
• Activity and Usage Auditing.
• Audit Mistakes.
• Deficiencies of Traditional Audit Techniques.
• Intrusion Detection.
• Intrusion Detection Systems.
• Host-Based Intrusion Detection Systems.
• Network-Based Intrusion Detection Systems.
• Knowledge-Based Intrusion Detection Systems.
• Statistical-Based Intrusion Detection Systems.
• Defense In-Depth Approach .
• Future Directions.

• Crisis Management.
• Disaster Recovery Planning.
• Computer Security Incident Response Plan.

• Cookie Files.
• Cache Files.
• Autocomplete.