Text

Firewalls and Internet Security: repelling the wily hacker

---

CONTENTS

I GETTING STARTED
1. INTRODUCTION
1.1 Why security ?
1.2 Picking a security policy
1.3 Strategies for a secure network
1.4 The enthics of computer security
1.5 WARNING

2. AN OVERVIEW OF TCP/IP
2.1 The different layers
2.2 Routers and routing protocols
2.3 The domain name system
2.4 Standard services
2.5 RPC-based protocols
2.6 File transfer protocols
2.7 The “r” commands
2.8 Information services
2.9 The X11 System
2.10 Patterns of trust

II BUILDING YOUR OWN FIREWALL
3. FIREWALL GATEWAYS
3.1 Firewall philosophy
3.2 Situating firewalls
3.3 Packet0filtering gateways
3.4 Application-level gateways
3.5 Circuit-level gateways
3.6 Supporting inbound services
3.7 Tunnels good and bad
3.8 Joint ventures
3.9 What firewalls can’t do

4. HOW TO BUILD AN APPLICATION-LEVEL GATEWAY
4.1 Policy
4.2 Hardware configuration options
4.3 Initial installation
4.4 Gateway tools
4.5 Installing services
4.6 Protecting the protectors
4.7 Gateway administration
4.8 Safety analysis-why our setup is secure and fail-safe
4.9 Performance
4.10 The TIS firewall toolkit
4.11 Evaluating Firewalls
4.12 Living without a firewall

5. AUTHENTICATION
5.1 User authentication
5.2 Host-to-host authentication

6. GATEWAY TOOLS
6.1 Proxylib
6.2 Syslog
6.3 Wathcing the network : Tcpdump and friends
6.4 Adding logging to standard daemons

7. TRAPS, LURES, AND HONEY POTS
7.1 What to log
7.2 Dummy accounts
7.3 Tracing the connection

8. THE HACKER’S WORKBENCH
8.1 Introduction
8.2 Discovery
8.3 Probing hosts
8.4 Connection tools
8.5 Routing games
8.6 Network monitors
8.7 Metastasis
8.8 Tiger teams
8.9 Further reading

III A LOOK BACK
9. CLASSES OF ATTACKS
9.1 Stealing passwords
9.2 Social engineering
9.3 Bugs and backdoors
9.4 Authentication failures
9.5 Protocol failures
9.6 Information leakage
9.7 Denial-of-service

10. AN EVENING WITH BERFERD
10.1 Introduction
10.2 Unfriendly acts
10.3 An evening with berferd
10.4 The day after
10.5 The jail
10.6 Tracing berferd
10.7 Berferd comes home

11. WHERE THE WILD THINGS ARE: A LOOK AT THE LOGS
11.1 A year of hacking
11.2 Proxy use
11.3 Attack sources
11.4 Noise on the line

IV ODDS AND ENDS
12. LEGAL CONSIDERATIONS
12.1 Computer crime statutes
12.2 Log files as evidence
12.3 Is monitoring legal ?
12.4 Tort liability considerations

13. SECURE COMMUNICATIONS OVER INSECURE NETWORKS
13.1 An introduction to cryptography
13.2 The kerberos authentication system
13.3 Link –level encryption
13.4 Network-and transport-level encryption
13.5 Application-level encryption

14. USEFUL FREE STUFF
A. USEFUL FREE STUFF
A.1 Building firewalls
A.2 Network management and monitoring tools
A.3 Auditing packages
A.4 Cryptographic software
A.5 Information sources

B.TCP and UDP PORTS
B.1 Fixed ports
B.2 Mbone Usage

C.RECOMMENDATIONS TO VENDORS
C.1 Everyone
C.2 Hosts
C.3 Routers
C.4 Protocols
C.5 Firewalls

---

Availability

Detail Information

Series Title

--

Call Number

004 CHE f

Publisher

: Addison-Wesley Publishing Company., 1994

Collation

xiv, 306 hlm.; ilus.; 27 cm

Language

English

ISBN/ISSN

-

Classification

004

Content Type

-

Media Type

-

Carrier Type

-

Edition

--

Subject(s)

Keamanan Jaringan

Specific Detail Info

--

Statement of Responsibility

William R. Cheswick and Steven M. Bellovin

Other version/related

File Attachment

Comments

---

You must be logged in to post a comment