Available:*
Shelf Number | Material Type | Copy | Shelf Location | Status |
---|---|---|---|---|
005.8 22 | 1:E-BOOK | 1 | 1:ONLINE | Searching... Unknown |
Bound With These Titles
On Order
Summary
Summary
This is the only book to clearly demonstrate how to get big dollar security for your network using freely available tools. This is a must have book for any company or person with a limited budget.
Network security is in a constant struggle for budget to get things done. Upper management wants thing to be secure but doesn't want to pay for it. With this book as a guide, everyone can get what they want. The examples and information will be of immense value to every small business. It will explain security principles and then demonstrate how to achieve them using only freely available software.
Author Notes
Eric Seagren, CISSP, CISA, ISSAP, JPMorganChase has 10 years experience in IT Security and has spent the last 7 years at, one of the largest financial institutions in the world. Eric has contributed to several computer security books including: Hacking Exposed: Cisco Networks (McGraw-Hill, ISBN: 0072259175), Configuring Checkpoint NGX (Syngress, ISBN: 1597490318), and Hardening Network Security (McGraw-Hill, ISBN: 00725557032).
Table of Contents
Chapter 1 Presenting the Business Case for Free Solutions | p. 1 |
Introduction | p. 2 |
The Costs of Using Free Security Solutions | p. 2 |
Training Costs | p. 3 |
Hardware Costs | p. 3 |
Consulting Costs | p. 4 |
Hidden Costs | p. 5 |
The Savings of Using Free Security Solutions | p. 6 |
Purchase Costs | p. 6 |
Maintenance Costs | p. 7 |
Customization Costs | p. 7 |
Comparing Free Solutions with Commercial Solutions | p. 8 |
Strengths of Free Solutions | p. 9 |
Weaknesses of Free Solutions | p. 10 |
Evaluating Individual Solutions | p. 12 |
"Selling" a Free Solution | p. 16 |
Selling by Doing | p. 17 |
Presenting a Proposal | p. 17 |
Summary | p. 19 |
Solutions Fast Track | p. 19 |
Frequently Asked Questions | p. 21 |
Chapter 2 Protecting Your Perimeter | p. 23 |
Introduction | p. 24 |
Firewall Types | p. 24 |
Firewall Architectures | p. 27 |
Screened Subnet | p. 27 |
One-Legged | p. 28 |
True DMZ | p. 30 |
Implementing Firewalls | p. 31 |
Hardware versus Software Firewalls | p. 32 |
Configuring netfilter | p. 32 |
Choosing a Linux Version | p. 32 |
Choosing Installation Media | p. 33 |
Linux Firewall Operation | p. 36 |
Configuration Examples | p. 42 |
GUIs | p. 55 |
Smoothwall | p. 76 |
Configuring Windows Firewall | p. 85 |
Providing Secure Remote Access | p. 86 |
Providing VPN Access | p. 87 |
Using Windows as a VPN Concentrator | p. 89 |
iPig | p. 93 |
OpenSSL VPN | p. 98 |
Providing a Remote Desktop | p. 108 |
Windows Terminal Services | p. 109 |
VNC | p. 113 |
Using the X Window System | p. 119 |
Providing a Remote Shell | p. 125 |
Using Secure Shell | p. 126 |
Using a Secure Shell GUI Client | p. 128 |
Summary | p. 130 |
Solutions Fast Track | p. 131 |
Frequently Asked Questions | p. 132 |
Chapter 3 Protecting Network Resources | p. 133 |
Introduction | p. 134 |
Performing Basic Hardening | p. 134 |
Defining Policy | p. 135 |
Access Controls | p. 137 |
Authentication | p. 137 |
Authorization | p. 138 |
Auditing | p. 138 |
Hardening Windows Systems | p. 139 |
General Hardening Steps | p. 139 |
Users and Groups | p. 142 |
File-Level Access Controls | p. 147 |
Additional Steps | p. 152 |
Using Microsoft Group Policy Objects | p. 153 |
Account Lockout Policy | p. 159 |
Audit Policy | p. 160 |
User Rights Assignment | p. 160 |
Hardening Linux Systems | p. 164 |
General Hardening Steps | p. 164 |
Users and Groups | p. 165 |
File-Level Access Controls | p. 168 |
Using the Bastille Hardening Script | p. 172 |
Using SELinux | p. 173 |
Hardening Infrastructure Devices | p. 175 |
Patching Systems | p. 176 |
Patching Windows Systems | p. 177 |
Patching Linux Systems | p. 179 |
Personal Firewalls | p. 180 |
Windows Firewall | p. 180 |
Netfilter Firewall | p. 187 |
Configuring TCP Wrappers | p. 187 |
Providing Antivirus and Antispyware Protection | p. 188 |
Antivirus Software | p. 189 |
Clam AntiVirus | p. 189 |
Using Online Virus Scanners | p. 196 |
Antispyware Software | p. 196 |
Microsoft Windows Defender | p. 197 |
Microsoft Malicious Software Removal Tool | p. 200 |
Encrypting Sensitive Data | p. 201 |
EFS | p. 202 |
Summary | p. 209 |
Solutions Fast Track | p. 209 |
Frequently Asked Questions | p. 212 |
Chapter 4 Configuring an Intrusion Detection System | p. 215 |
Introduction | p. 216 |
Intrusion Detection Systems | p. 216 |
Configuring an Intrusion Detection System | p. 217 |
Hardware Requirements | p. 218 |
Placing Your NIDS | p. 218 |
Configuring Snort on a Windows System | p. 221 |
Installing Snort | p. 222 |
Configuring Snort Options | p. 225 |
Using a Snort GUI Front End | p. 231 |
Configuring IDS Policy Manager | p. 232 |
Configuring Snort on a Linux System | p. 240 |
Configuring Snort Options | p. 240 |
Using a GUI Front End for Snort | p. 246 |
Basic Analysis and Security Engine | p. 246 |
Other Snort Add-Ons | p. 254 |
Using Oinkmaster | p. 254 |
Additional Research | p. 256 |
Demonstrating Effectiveness | p. 257 |
Summary | p. 258 |
Solutions Fast Track | p. 259 |
Frequently Asked Questions | p. 261 |
Chapter 5 Managing Event Logs | p. 263 |
Introduction | p. 264 |
Generating Windows Event Logs | p. 264 |
Using Group Policy to Generate Windows Events Logs | p. 267 |
Generating Custom Windows Event Log Entries | p. 274 |
Collecting Windows Event Logs | p. 275 |
Analyzing Windows Event Logs | p. 277 |
Generating Syslog Event Logs | p. 279 |
Windows Syslog | p. 282 |
Generating Syslog Events | p. 282 |
Receiving Syslog Events | p. 295 |
Linux Syslog | p. 297 |
Generating Syslog Events | p. 297 |
Encrypting Syslog Traffic | p. 298 |
Receiving Syslog Events on a Linux Host | p. 311 |
Analyzing Syslog Logs on Windows and Linux | p. 312 |
Windows Log Analysis | p. 313 |
Linux Log Analysis | p. 321 |
Securing Your Event Logs | p. 327 |
Ensuring Chain of Custody | p. 328 |
Ensuring Log Integrity | p. 329 |
Applying Your Knowledge | p. 331 |
Summary | p. 333 |
Solutions Fast Track | p. 333 |
Frequently Asked Questions | p. 335 |
Chapter 6 Testing and Auditing Your Systems | p. 337 |
Introduction | p. 338 |
Taking Inventory | p. 338 |
Locating and Identifying Systems | p. 339 |
Nmap | p. 341 |
Super Scanner | p. 347 |
Angry IP Scanner | p. 351 |
Scanline | p. 352 |
Special-Purpose Enumerators | p. 355 |
Locating Wireless Systems | p. 357 |
Network Stumbler | p. 358 |
Documentation | p. 361 |
Network Topology Maps | p. 362 |
Access Request Forms | p. 364 |
Business Continuity and Disaster Recovery Plans | p. 365 |
IT Security Policies/Standards/Procedures | p. 365 |
Vulnerability Scanning | p. 366 |
Nessus | p. 367 |
Running Nessus on Windows | p. 368 |
Running Nessus on Linux | p. 371 |
X-Scan | p. 375 |
Microsoft Baseline Security Analyzer | p. 379 |
OSSTMM | p. 382 |
Summary | p. 386 |
Solutions Fast Track | p. 386 |
Frequently Asked Questions | p. 387 |
Chapter 7 Network Reporting and Troubleshooting | p. 389 |
Introduction | p. 390 |
Reporting on Bandwidth Usage and Other Metrics | p. 390 |
Collecting Data for Analysis | p. 392 |
Understanding SNMP | p. 394 |
Configuring Multi Router Traffic Grapher | p. 397 |
Configuring MZL & Novatech TrafficStatistic | p. 400 |
Configuring PRTG Traffic Grapher | p. 403 |
Configuring ntop | p. 412 |
Enabling SNMP on Windows Hosts | p. 418 |
Enabling SNMP on Linux Hosts | p. 421 |
Troubleshooting Network Problems | p. 424 |
Using a GUI Sniffer | p. 425 |
Using a Command-Line Sniffer | p. 433 |
Additional Troubleshooting Tools | p. 438 |
Netcat | p. 439 |
Tracetcp | p. 439 |
Netstat | p. 440 |
Summary | p. 442 |
Solutions Fast Track | p. 442 |
Frequently Asked Questions | p. 444 |
Chapter 8 Security as an Ongoing Process | p. 447 |
Introduction | p. 448 |
Patch Management | p. 448 |
Network Infrastructure Devices | p. 452 |
Operating System Patches | p. 453 |
Application Patches | p. 453 |
Change Management | p. 454 |
Change Causes Disruption | p. 454 |
Inadequate Documentation Can Exacerbate Problems | p. 455 |
Change Management Strategy | p. 455 |
Antivirus | p. 459 |
Antispyware | p. 459 |
Intrusion Detection Systems | p. 460 |
Vulnerability Scanning | p. 460 |
Vulnerability Management Cycle | p. 461 |
Roles and Responsibilities | p. 463 |
Penetration Testing | p. 463 |
Obtaining the Support of Senior Management | p. 464 |
Clarify What You Are Buying | p. 464 |
Policy Review | p. 465 |
Physical Security | p. 466 |
Cert Team | p. 468 |
Summary | p. 470 |
Solutions Fast Track | p. 470 |
Frequently Asked Questions | p. 472 |
Index | p. 475 |