This page intentionally left blank Network Security Fundamentals Eric Cole, Ronald L. Krutz, James W. Conley, Brian Reisman, Mitch Ruebush, and Dieter Gollmann with Rachelle Reese Credits PUBLISHER PROJECT MANAGER Anne Smith Tenea Johnson PROJECTEDITOR PRODUCTION EDITOR Brian B. Baker Kerry Weinstein MARKETING MANAGER CREATIVE DIRECTOR Jennifer Slomack Harry Nolan SENIOR EDITORIAL ASSISTANT COVER DESIGNER Tiara Kelly Hope Miller PRODUCTION MANAGER COVER PHOTO Kelly Tavares Tetra Images/Getty Images Wiley 200th Anniversary Logo designed by: Richard J. Pacifico This book was set in Times New Roman by Aptara, Inc. and printed and bound by R. R. Donnelley. The cover was printed by R. R. Donnelley. Microsoft product screen shot(s) reprinted with permission from Microsoft Corporation. Copyright © 2008 John Wiley & Sons, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, website www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, (201) 748-6011, fax (201) 748-6008, website www.wiley.com/go/permissions. To order books or for customer service please call 1-800-CALL WILEY (225-5945). ISBN 978-0-470-10192-6 Printed in the United States of America 10 9 8 7 6 5 4 3 2 1 ABOUT THE AUTHORS Eric Cole is the author of Hackers Beware, Hiding in Plain Sight: Steganography and the Art of Covert Communication, and co-author of Network Security Bible and SANS GIAC Certification: Security Essentials Toolkit (GSEC). He has appeared as a security expert on CBS News, 60 Minutes, and CNN Headline News. Ronald L. Krutz is the author of Securing SCADA Systems and co-author of Net- work Security Bible, The CISM Prep Guide: Mastering the Five Domains of Information Security Management, The CISSP prep guide: Mastering CISSP and CAP, Security(cid:1) Prep Guide, and is the founder of the Carnegie Mellon Research Institute Cyber- security Center. James W. Conley is co-author of Network Security Bible and has been a security officer in the United States Navy and a senior security specialist on CIA devel- opment efforts. Brian Reisman is co-author of MCAD/MCSD: Visual Basic .NET Windows and Web Applications Study Guide, MCAD/MCSD: Visual Basic .Net XML Web Services and Server Components Study Guide, MCSE: Windows Server 2003 Network Security Design Study Guide. He is a technical trainer for Online Consulting, a Microsoft Certified Technical Education Center, and is a contributor to MCP Magazine, CertCities.com, and ASPToday.com. Mitch Ruebush is co-author of MCAD/MCSD: Visual Basic .NET Windows and Web Applications Study Guide, MCAD/MCSD: Visual Basic .Net XML Web Services and Server Components Study Guide, MCSE: Windows Server 2003 Network Security Design Study Guide. He is a Senior Consultant and Trainer for Online Consult- ing, Inc. He has been deploying, securing and developing for Windows and UNIX platforms for 14 years. Dieter Gollmann is Professor for Security in Distributed Applications at Hamburg University of Technology. He is also a visiting Professor at Royal Holloway, University of London and Adjunct Professor at the Technical University of Denmark. Previously he was a researcher in Information Security at Microsoft Research in Cambridge. Rachelle Reese has been designing and developing technical training courses for over ten years and has written a number of books on programming. She has an MA from San Jose State University and is also a Microsoft Certified Application Developer (MCAD). This page intentionally left blank PREFACE College classrooms bring together learners from many backgrounds, with a variety of aspirations. Although the students are in the same course, they are not necessarily on the same path. This diversity, cou- pled with the reality that these learners often have jobs, families, and other commitments, requires a flexibility that our nation’s higher education system is addressing. Distance learning, shorter course terms, new disciplines, evening courses, and certification programs are some of the approaches that colleges employ to reach as many stu- dents as possible and help them clarify and achieve their goals. Wiley Pathways books, a new line of texts from John Wiley & Sons, Inc., are designed to help you address this diversity and the need for flexibility. These books focus on the fundamentals, iden- tify core competencies and skills, and promote independent learning. Their focus on the fundamentals helps students grasp the subject, bringing them all to the same basic understanding. These books use clear, everyday language and are presented in an uncluttered format, making the reading experience more pleasurable. The core compe- tencies and skills help students succeed in the classroom and beyond, whether in another course or in a professional setting. A variety of built-in learning resources promote independent learning and help instructors and students gauge students’ understanding of the con- tent. These resources enable students to think critically about their new knowledge and to apply their skills in any situation. Our goal with Wiley Pathways books—with their brief, inviting format, clear language, and core competencies and skills focus—is to celebrate the many students in your courses, respect their needs, and help you guide them on their way. CASE Learning System To meet the needs of working college students, Network Security Fundamentals uses a four-part process called the CASE Learning System: ▲ C: Content ▲ A: Analysis ▲ S: Synthesis ▲ E: Evaluation viii PREFACE Based on Bloom’s taxonomy of learning, CASE presents key topics in network security fundamentals in easy-to-follow chapters. The text then prompts analysis, synthesis, and evaluation with a variety of learning aids and assessment tools. Students move efficiently from reviewing what they have learned, to acquiring new informa- tion and skills, to applying their new knowledge and skills to real-life scenarios. Using the CASE Learning System, students not only achieve academic mastery of network security topics, but they master real-world skills related to that content. The CASE Learning System also helps students become independent learners, giving them a distinct advan- tage in the field, whether they are just starting out or seeking to advance in their careers. Organization, Depth, and Breadth of the Text ▲ Modular Format. Research on college students shows that they access information from textbooks in a non-linear way. Instruc- tors also often wish to reorder textbook content to suit the needs of a particular class. Therefore, although Network Security Fundamentals proceeds logically from the basics to increasingly more challenging material, chapters are further organized into sections that are self-contained for maximum teaching and learning flexibility. ▲ Numeric System of Headings. Network Security Fundamentals uses a numeric system for headings (e.g., 2.3.4 identifies the fourth subsection of Section 3 of Chapter 2). With this system, students and teachers can quickly and easily pinpoint topics in the table of contents and the text, keeping class time and study sessions focused. ▲ Core Content. The topics in Network Security Fundamentals are organized into 12 chapters. Chapter 1, Computer and Network Security Principles, intro- duces basic terminology and concepts related to security and gets the student thinking about why it is important to take security mea- sures to protect a network and its resources. The chapter begins with an overview of different types of attacks. Next it discusses the three key aspects of security: confidentiality, integrity, and authentication. From there it moves on to discuss risk analysis, including identify- ing and ranking assets, threats, and vulnerabilities. The chapter con- cludes with an overview of security policies and standards.