ebook img

Network Defense and Countermeasures: Principles and Practices PDF

546 Pages·2018·8.299 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Network Defense and Countermeasures: Principles and Practices

Network Defense and Countermeasures Principles and Practices Third Edition Chuck Easttom 800 East 96th Street, Indianapolis, Indiana 46240 USA Network Defense and Countermeasures Editor-in-Chief Mark Taub Copyright © 2018 by Pearson Education, Inc. All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or Product Line Manager transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without Brett Bartow written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of Executive Editor this book, the publisher and author assume no responsibility for errors or omissions. Nor is any Mary Beth Ray liability assumed for damages resulting from the use of the information contained herein. ISBN-13: 978-0-7897-5996-2 Development Editor Ellie C. Bru ISBN-10: 0-7897-5996-9 Library of Congress Control Number: 2018933854 Managing Editor Printed in the United States of America Sandra Schroeder 1 18 Senior Project Editor Tonya Simpson Trademarks All terms mentioned in this book that are known to be trademarks or service marks have Copy Editor been appropriately capitalized. Pearson IT Certification cannot attest to the accuracy of this Bill McManus information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Indexer Microsoft and/or its respective suppliers make no representations about the suitability of Erika Millen the information contained in the documents and related graphics published as part of the services for any purpose. All such documents and related graphics are provided “as is” without Proofreader warranty of any kind. Microsoft and/ or its respective suppliers hereby disclaim all warranties Abigail Manheim and conditions with regard to this information, including all warranties and conditions of merchantability, whether express, implied or statutory, fitness for a particular purpose, title and Technical Editors non-infringement. In no event shall Microsoft and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of Akhil Behl use, data or profits, whether in an action of contract, negligence or other tortious action, arising Steve Kalman out of or in connection with the use or performance of information available from the services. Publishing Coordinator The documents and related graphics contained herein could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Microsoft Vanessa Evans and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time. Partial screenshots may be viewed in full Cover Designer within the software version specified. Chuti Prasertsith Microsoft® and Windows® are registered trademarks of the Microsoft Corporation in the U.S.A. and other countries. Screenshots and icons reprinted with permission from the Compositor Microsoft Corporation. This book is not sponsored or endorsed by or affiliated with the codemantra Microsoft Corporation. Warning and Disclaimer Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book. Special Sales For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at [email protected] or (800) 382-3419. For government sales inquiries, please contact [email protected]. For questions about sales outside the U.S., please contact [email protected]. Contents at a Glance Preface .............................................................. xviii 1 Introduction to Network Security ........................................ 2 2 Types of Attacks .................................................... 40 3 Fundamentals of Firewalls ............................................ 76 4 Firewall Practical Applications ........................................ 100 5 Intrusion-Detection Systems ......................................... 122 6 Encryption Fundamentals ............................................ 140 7 Virtual Private Networks ............................................. 176 8 Operating System Hardening ......................................... 202 9 Defending Against Virus Attacks ...................................... 236 10 Defending against Trojan Horses, Spyware, and Adware .................. 268 11 Security Policies ................................................... 290 12 Assessing System Security .......................................... 312 13 Security Standards ................................................. 350 14 Physical Security and Disaster Recovery ............................... 382 15 Techniques Used by Attackers ........................................ 396 16 Introduction to Forensics ............................................ 420 17 Cyber Terrorism .................................................... 444 Appendix A: Answers .................................................. 470 Glossary ............................................................. 480 Index ................................................................ 490 iii Table of Contents Chapter 1: Introduction to Network Security 2 Introduction ............................................................ 2 The Basics of a Network .................................................. 3 Basic Network Structure ........................................ 3 Data Packets ................................................. 4 IP Addresses ................................................. 4 Uniform Resource Locators ..................................... 8 MAC Addresses ............................................... 9 Protocols .................................................... 9 Basic Network Utilities .................................................. 10 ipconfig .................................................. 11 ping ....................................................... 12 tracert ................................................... 13 netstat ................................................... 13 The OSI Model ......................................................... 14 What Does This Mean for Security? ....................................... 15 Assessing Likely Threats to the Network ................................... 15 Classifications of Threats ................................................ 18 Malware .................................................... 20 Compromising System Security—Intrusions ...................... 21 Denial of Service ............................................. 22 Likely Attacks .......................................................... 23 Threat Assessment ..................................................... 24 Understanding Security Terminology ....................................... 25 Hacking Terminology .......................................... 25 Security Terminology .......................................... 28 Choosing a Network Security Approach .................................... 29 Perimeter Security Approach ................................... 30 iv Table of Contents Layered Security Approach .................................... 30 Hybrid Security Approach ..................................... 30 Network Security and the Law ............................................ 31 Using Security Resources................................................ 32 Summary ............................................................. 33 Chapter 2: Types of Attacks 40 Introduction ........................................................... 40 Understanding Denial of Service Attacks ................................... 41 DoS in Action ................................................ 41 SYN Flood .................................................. 45 Smurf Attack ................................................ 48 Ping of Death ................................................ 49 UDP Flood .................................................. 49 ICMP Flood ................................................. 50 DHCP Starvation ............................................. 50 HTTP Post DoS .............................................. 50 PDoS ...................................................... 50 Distributed Reflection Denial of Service .......................... 50 DoS Tools ................................................... 51 Real-World Examples ......................................... 53 Defending Against DoS Attacks ................................. 56 Defending Against Buffer Overflow Attacks ................................. 57 Defending Against IP Spoofing ........................................... 59 Defending Against Session Hijacking ...................................... 60 Blocking Virus and Trojan Horse Attacks ................................... 61 Viruses ..................................................... 61 Types of Viruses.............................................. 65 Trojan Horses ................................................ 67 Summary ............................................................. 70 Table of Contents v Chapter 3: Fundamentals of Firewalls 76 Introduction ........................................................... 76 What Is a Firewall? ..................................................... 77 Types of Firewalls ............................................ 78 Packet Filtering Firewall ....................................... 78 Stateful Packet Inspection ..................................... 80 Application Gateway .......................................... 81 Circuit Level Gateway ......................................... 82 Hybrid Firewalls .............................................. 84 Blacklisting/Whitelisting ....................................... 84 Implementing Firewalls .................................................. 84 Host-Based ................................................. 84 Dual-Homed Hosts ........................................... 86 Router-Based Firewall ......................................... 87 Screened Hosts .............................................. 88 Selecting and Using a Firewall ............................................ 90 Using a Firewall .............................................. 91 Using Proxy Servers .................................................... 91 The WinGate Proxy Server ..................................... 92 NAT ........................................................ 93 Summary ............................................................. 94 Chapter 4: Firewall Practical Applications 100 Introduction .......................................................... 100 Using Single Machine Firewalls .......................................... 101 Windows 10 Firewall ................................................... 102 User Account Control .................................................. 104 vi Table of Contents Linux Firewalls ........................................................ 104 Iptables .................................................... 104 Symantec Norton Firewall..................................... 106 McAfee Personal Firewall ..................................... 108 Using Small Office/Home Office Firewalls .................................. 110 SonicWALL ................................................ 110 D-Link DFL-2560 Office Firewall ............................... 112 Using Medium-Sized Network Firewalls ................................... 113 Check Point Firewall ......................................... 113 Cisco Next-Generation Firewalls ............................... 114 Using Enterprise Firewalls .............................................. 115 Summary ............................................................ 116 Chapter 5: Intrusion-Detection Systems 122 Introduction .......................................................... 122 Understanding IDS Concepts ............................................ 123 Preemptive Blocking ......................................... 123 Anomaly Detection .......................................... 124 IDS Components and Processes ......................................... 125 Understanding and Implementing IDSs .................................... 126 Snort ...................................................... 126 Cisco Intrusion-Detection and Prevention ....................... 127 Understanding and Implementing Honeypots .............................. 128 Specter .................................................... 129 Symantec Decoy Server ...................................... 131 Intrusion Deflection .......................................... 132 Intrusion Deterrence ......................................... 132 Summary ............................................................ 134 Table of Contents vii Chapter 6: Encryption Fundamentals 140 Introduction .......................................................... 140 The History of Encryption ............................................... 140 The Caesar Cipher .......................................... 141 ROT 13 .................................................... 142 Atbash Cipher .............................................. 143 Multi-Alphabet Substitution ................................... 143 Rail Fence ................................................. 143 Vigenère ................................................... 144 Enigma .................................................... 145 Binary Operations ........................................... 145 Learning About Modern Encryption Methods ............................... 147 Symmetric Encryption ........................................ 148 Key Stretching .............................................. 153 PRNG ..................................................... 154 Public Key Encryption ........................................ 154 Digital Signatures ........................................... 157 Identifying Good Encryption ............................................. 158 Understanding Digital Signatures and Certificates ........................... 158 Digital Certificates ........................................... 159 PGP Certificates ............................................ 160 MD5 ...................................................... 161 SHA ...................................................... 161 RIPEMD ................................................... 162 HAVAL .................................................... 162 Understanding and Using Decryption ..................................... 162 Cracking Passwords ................................................... 163 John the Ripper ............................................. 163 Using Rainbow Tables ........................................ 164 viii Table of Contents Using Other Password Crackers ............................... 164 General Cryptanalysis ........................................ 164 Steganography ....................................................... 167 Steganalysis .......................................................... 168 Quantum Computing and Quantum Cryptography .......................... 169 Summary ............................................................ 170 Chapter 7: Virtual Private Networks 176 Introduction .......................................................... 176 Basic VPN Technology ................................................. 177 Using VPN Protocols for VPN Encryption .................................. 178 PPTP ...................................................... 178 PPTP Authentication ......................................... 180 L2TP ...................................................... 181 L2TP Authentication ......................................... 182 L2TP Compared to PPTP ..................................... 186 IPSec ............................................................... 187 SSL/TLS ............................................................. 188 Implementing VPN Solutions ............................................ 191 Cisco Solutions ............................................. 191 Service Solutions ............................................ 191 Openswan ................................................. 191 Other Solutions ............................................. 192 Summary ............................................................ 195 Chapter 8: Operating System Hardening 202 Introduction .......................................................... 202 Configuring Windows Properly ........................................... 203 Accounts, Users, Groups, and Passwords ....................... 203 Setting Security Policies ...................................... 208 Registry Settings ............................................ 211 Table of Contents ix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.