ebook img

Network and System Security PDF

429 Pages·2016·11.787 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Network and System Security

NETWORK AND SYSTEM SECURITY SECOND EDITION Edited by John R. Vacca AMSTERDAM(cid:129)BOSTON(cid:129)HEIDELBERG(cid:129)LONDON NEWYORK(cid:129)OXFORD(cid:129)PARIS(cid:129)SANDIEGO SANFRANCISCO(cid:129)SYDNEY(cid:129)TOKYO SyngressisanimprintofElsevier Publisher: Steven Elliot SeniorDevelopmental Editor: Nathaniel McFadden Editorial Project Manager: LindsayLawrence Project Manager: MohanambalNatarajan Designer: Matthew Limbert Syngressis animprint of Elsevier 225 Wyman Street,Waltham, MA 02451, USA SecondEdition2014 Copyright r2014, 2009 ElsevierInc.All rights reserved No part of thispublication may bereproduced,stored in aretrieval system or transmitted in any form or by anymeanselectronic, mechanical, photocopying,recording or otherwisewithout the priorwritten permission of thepublisher Permissions may be sought directly from Elsevier’s Science&Technology RightsDepartmentin Oxford, UK: phone (144)(0) 1865843830; fax (144)(0) 1865 853333; email: [email protected]. Alternativelyyoucan submit your requestonline by visiting the Elsevier web site at http://elsevier.com/locate/permissions, and selecting Obtainingpermission to use Elsevier material Notice No responsibility is assumed by the publisher for any injury and/or damage to persons or property as a matter of products liability,negligenceorotherwise, or from any useor operation of any methods, products, instructions or ideas contained in thematerialherein. Becauseof rapid advancesin themedical sciences, inparticular, independent verification of diagnosesanddrug dosages should bemade Library of CongressCataloging-in-Publication Data A catalog record for this book isavailable from the Library of Congress British LibraryCataloguing inPublication Data A cataloguerecord for this book isavailable from the British Library For informationon all Syngress publications, visit our website at store.elsevier.com/Syngress ISBN:978-0-12-416689-9 Printed andbound in USA 14 15 16 17 18 10 9 8 7 6 5 4 3 2 1 Thisbook is dedicated to mywifeBee. Contents Acknowledgments viii 2. Sobering Numbers 32 3. KnowYourEnemy: Hackers versus About the Editor ix Crackers 33 Contributors x 4. Motives 34 Introduction xi 5. The Crackers’ Tools ofthe Trade 35 6. Bots 37 1. Detecting System Intrusions 1 7. Symptoms ofIntrusions 38 ALMANTASKAKAREKA 8. What Can You Do? 39 9. Security Policies 43 1. Introduction 1 10. Risk Analysis 44 2. Monitoring KeyFiles inthe System 1 11. Tools ofYourTrade 45 3. Security Objectives 2 12. Controlling User Access 49 4. 0day Attacks 7 13. Intrusion Prevention 5. Good Known State 9 Capabilities 52 6. Rootkits 11 14. Summary 53 7. Low Hanging Fruit 13 Chapter Review Questions/Exercises 54 8. AntivirusSoftware 13 Exercise 55 9. HomegrownIntrusion Detection 13 10. Full-Packet CaptureDevices 14 11. Out-of-Band Attack Vectors 17 12. Security AwarenessTraining 19 3. Guarding Against Network 13. Data Correlation 19 Intrusions 57 14. SIEM 20 THOMASM.CHENANDPATRICKJ.WALSH 15. OtherWeird Stuff on theSystem 21 16. Detection 22 1. Traditional Reconnaissanceand 17. Network-Based Detectionof System Attacks 57 Intrusions (DSIs) 23 2. Malicious Software 62 18. Summary 24 3. Defense inDepth 66 Chapter Review Questions/Exercises 25 4. Preventive Measures 67 Exercise 26 5. Intrusion Monitoring and References 27 Detection 74 6. Reactive Measures 77 7. Network-Based Intrusion 2. Preventing System Intrusions 29 Protection 79 8. Summary 80 MICHAELWEST Chapter Review Questions/Exercises 80 1. So,What isanIntrusion? 31 Exercise 81 iv v CONTENTS 4. Securing Cloud Computing 6. Eliminating the Security Weakness of Systems 83 Linux and Unix Operating Systems 155 CEMGURKOK MARIOSANTANA 1. Cloud ComputingEssentials: Examining the Cloud Layers 83 1. Introduction to Linux andUnix 155 2. Softwareas a Service (SaaS): 2. Hardening Linux andUnix 162 Managing Risks in theCloud 93 3. Proactive Defense for Linuxand 3. Platform as a Service (PaaS): Securing Unix 173 the Platform 95 4. Summary 176 4. Infrastructureas a Service ChapterReviewQuestions/Exercises 176 (IaaS) 100 Exercise 177 5. Leveraging Provider-Specific Security Options 107 7. Internet Security 179 6. Achieving Security in a Private JESSEWALKER Cloud 110 7. Meeting Compliance Requirements 116 1. Internet Protocol Architecture 179 8. Preparing for DisasterRecovery 122 2. An Internet Threat Model 190 9. Summary 124 3. Defending againstAttacks on the ChapterReviewQuestions/Exercises 124 Internet 199 Exercise 126 4. Internet Security Checklist 217 References 126 5. Summary 218 ChapterReviewQuestions/Exercises 219 Exercise 220 5. Unix and Linux Security 127 GERALDBEUCHELT 8. Intranet Security 221 BILLMANSOOR 1. Unix and Security 128 2. Basic Unix Security Overview 129 1. Smartphones andTablets in the 3. Achieving Unix Security 135 Intranet 226 4. Protecting User Accounts and 2. Security Considerations 233 Strengthening Authentication 136 3. Plugging theGaps:NACand Access 5. Limiting Superuser Privileges 141 Control 235 6. SecuringLocal andNetwork File 4. Measuring Risk:Audits 237 Systems 142 5. Guardianat theGate: Authentication 7. Network Configuration 146 and Encryption 240 8. Improving the Security of Linux and 6. WirelessNetwork Security 241 Unix Systems 149 7. Shielding theWire: Network 9. Additional Resources 150 Protection 243 10. Summary 152 8. Weakest Link in Security: User ChapterReviewQuestions/Exercises 152 Training 245 Exercise 154 9. Documenting the Network: Change Management 245 vi CONTENTS 10. Rehearse the Inevitable:Disaster 22. Signature Analysis 281 Recovery 246 23. StatisticalAnalysis 281 11. Controlling Hazards: Physical and 24. Signature Algorithms 282 Environmental Protection 249 25. Local Area Network Security 12. KnowYourUsers: Personnel Countermeasures Implementation Security 251 Checklist 286 13. Protecting Data Flow: Information and 26. Summary 287 SystemIntegrity 252 Chapter Review Questions/Exercises 288 14. Security Assessments 253 Exercise 289 15. Risk Assessments 254 16. Intranet Security Implementation 10. Wireless Network Security 291 Process Checklist 254 CHUNMINGRONG,GANSENZHAO, 17. Summary 255 LIANGYAN,ERDALCAYIRCIAND Chapter Review Questions/Exercises 256 HONGBINGCHENG Exercise 257 1. Cellular Networks 292 2. Wireless Adhoc Networks 294 9. Local Area Network Security 259 3. Security Protocols 297 DR.PRAMODPANDYA 4. WEP 297 5. Secure Routing 302 1. Identify Network Threats 260 6. ARAN 304 2. Establish Network Access 7. SLSP 305 Controls 261 8. Key Establishment 306 3. RiskAssessment 262 9. ING 309 4. Listing Network Resources 262 10. ManagementCountermeasures 312 5. Threats 263 11. Summary 313 6. Security Policies 263 Chapter Review Questions/Exercises 314 7. The Incident-Handling Process 264 Exercise 315 8. Secure Design Through Network References 316 Access Controls 264 9. IDSDefined 265 11. Cellular Network Security 319 10. NIDS:Scope and Limitations 266 PENGLIU,THOMASF.LAPORTAAND 11. A PracticalIllustrationof NIDS 267 KAMESWARIKOTAPATI 12. Firewalls 273 13. Dynamic NAT Configuration 275 1. Introduction 319 14. The Perimeter 276 2. Overview of CellularNetworks 320 15. AccessList Details 277 3. The Stateof theArtof Cellular Network 16. Types ofFirewalls 278 Security 324 17. Packet Filtering: IP Filtering 4. Cellular Network Attack Routers 279 Taxonomy 328 18. Application-Layer Firewalls: Proxy 5. Cellular Network Vulnerability Servers 279 Analysis 335 19. Stateful Inspection Firewalls 279 6. Summary 347 20. NIDSComplements Firewalls 279 Chapter Review Questions/Exercises 348 21. Monitor and Analyze System Exercise 349 Activities 280 References 350 vii CONTENTS 12. RFID Security 353 2. Deployment Architectures 383 3. High Bandwidth 385 CHUNMINGRONG,GANSENZHAO, LIANGYAN,ERDALCAYIRCIAND 4. Low Cost 385 HONGBINGCHENG 5. Implementation 385 6. Surface Area 386 1. RFID Introduction 353 7. Summary 388 2. RFID Challenges 359 ChapterReviewQuestions/Exercises 389 3. RFID Protections 365 Exercise 390 4. Summary 375 ChapterReviewQuestions/Exercises 376 Index 391 Exercise 377 References 378 13. Optical Wireless Security 381 SCOTTR.ELLIS 1. Optical Wireless Systems Overview 381 Acknowledgements There are many people whose efforts on Finally, thanks to all the other people at this book have contributed to its successful Morgan Kaufmann Publishers/Elsevier completion. I owe each a debt of gratitude Science & Technology Books, whose many and want to take this opportunity to offer talents and skills are essential to a finished my sincerethanks. book. A very special thanks to my publisher, Thanks to my wife, Bee Vacca, for her Steve Elliot, without whose continued love,herhelp,andherunderstandingofmy interest and support this book would not longworkhours.Finally,Iwishtothankall have been possible. Senior development the following authors who contributed editor Nate McFadden provided staunch chapters that were necessary for the com- support and encouragement when it was pletion of this book: Gerald Beuchelt, Erdal most needed. Thanks to my production Cayirci, Tom Chen, Hongbing Cheng, Scott project manager, Mohanambal Natarajan, Ellis, Cem Gurkok, Almantas Kakareka, whose fine work and attention to detail has Thomas La Porta, Peng Liu, Bill Mansoor, been invaluable. Thanks also to my market- Pramod Pandya, Chunming Rong, Mario ing manager, Todd Conly, whose efforts on Santana, Jesse Walker, Michael West, Liang this book have been greatly appreciated. Yan,GansenZhao. viii About the Editor John Vacca is an information technology (cid:129) Practical Internet Security(Hardcover): consultant, professional writer, editor, (Publisher: Springer (October18, 2006)) reviewer and internationally-known, best- (cid:129) Optical Networking Best Practices selling author based in Pomeroy, Ohio. Handbook (Hardcover): (Publisher: Since 1982, John has authored 73 books Wiley-Interscience (November 28, 2006)) (some of his most recent books include): (cid:129) Guide to Wireless Network Security (Publisher: Springer (August 19, 2006) (cid:129) Computer and Information Security (cid:129) Computer Forensics: Computer Crime Handbook, 2E (Publisher: Morgan Scene Investigation (WithCD-ROM), Kaufmann (an imprint ofElsevier Inc.) 2nd Edition (Publisher: Charles River (May 31,2013)) Media (May 26, 2005) (cid:129) IdentityTheft(Cybersafety) (Publisher: ChelseaHousePub (April1,2012) and, more than 600 articles in the areas (cid:129) System Forensics, Investigation,And of advanced storage, computer security and Response (Publisher: Jones &Bartlett aerospace technology (copies of articles and Learning (September24, 2010) books are available upon request). John (cid:129) ManagingInformation Security was also a configuration management spe- (Publisher:Syngress(an imprint of cialist, computer specialist, and the com- ElsevierInc.)(March 29,2010)) puter security official (CSO) for NASA’s (cid:129) Network and Systems Security space station program (Freedom) and the (Publisher:Syngress(an imprint of International Space Station Program, from ElsevierInc.)(March 29,2010)) 1988 until his retirement from NASA in (cid:129) Computer and Information Security 1995. In addition, John is also an indepen- Handbook, 1E (Publisher: Morgan dent online book reviewer. Finally, John Kaufmann (an imprint ofElsevier Inc.) was one of the security consultants for the (June 2,2009)) MGM movie titled: "AntiTrust," which was (cid:129) Biometric Technologies and released on January 12, 2001. A detailed Verification Systems (Publisher: Elsevier copy of my author bio can be viewed at Science&Technology Books (March 16, URL: http://www.johnvacca.com. John can 2007)) bereached at: [email protected]. ix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.