Title Introduction to network security / Neal Krawetz

Edition First edition Published Boston, MA : Charles River Media, [2007] ©2007

Copies

Location	Call no.	Vol.	Availability
MELB	005.8 Kra/Itn		AVAILABLE

Description xxiv, 583 pages ; 24 cm + 1 CD-ROM Series Charles River Media networking series Networking series (Charles River Media) Contents Machine derived contents note: Table of Contents -- Acknowledgements -- Part I: Overview -- Chapter 1: Security -- 1.1 Importance -- 1.1.1 Terminology -- 1.1.2 Types of Security Issues -- 1.1.3 What is ¿Secure¿? -- 1.1.4 Compromise Response -- 1.2 Threat Models -- 1.2.1 Internal verse External -- 1.2.2 Intentional verse Accidental -- 1.3 Concepts -- 1.3.1 Confidentiality and Privacy -- 1.3.2 Authentication -- 1.3.3 Authorization and Access Control -- 1.3.4 Integrity -- 1.3.5 Nonrepudiation -- 1.4 Common Mitigation Methods -- 1.4.1 Compartmentalize -- 1.4.2 Secure Fail -- 1.4.3 Defense in Depth -- 1.4.4 Security by Obscurity -- 1.4.5 Security and Usability -- 1.5 People and Staff -- 1.5.1 Education -- 1.5.2 Experience -- 1.5.3 Track Record -- 1.6 Certifications -- 1.6.1 CISSP and SSCP -- 1.6.2 Giac -- 1.6.3 CISA and CISM -- 1.6.4 Security+ -- 1.6.5 Certification Weaknesses -- 1.7 Summary -- 1.8 Review Questions -- 1.9 Discussion Topics -- 1.10 Additional Resources -- Chapter 2: Ethics -- 2.1 Ethical Training -- 2.1.1 Discipline -- 2.1.2 Access and Power -- 2.1.3 Apprenticeship and Experimentation -- 2.1.4 Professions -- 2.2 Ethical, Social, and Legal Considerations -- 2.2.1 Moral Example: Home Computing -- 2.2.2 Moral Example: Michael Lynn Verse Cisco -- 2.2.3 Moral Framework -- 2.3 Intellectual Property -- 2.3.1 Copyright -- 2.3.2 Fair Use -- 2.3.3 Trademark -- 2.3.4 Patents -- 2.3.5 Impact on Network Security -- 2.4 Computer Crimes -- 2.4.1 Motive and Intent -- 2.4.2 Libel and Defamation -- 2.4.3 Forgery and Impersonation -- 2.4.4 Handling Evidence -- 2.4.5 Expectation of Privacy -- 2.4.6 Preparing For The Future -- 2.5 Summary -- 2.6 Review Questions -- 2.7 Discussion Topics -- 2.8 Additional Resources -- Chapter 3: Network Theory -- 3.1 Standards Bodies -- 3.1.1 Standards -- 3.1.2 Rfc -- 3.2 Network Stacks -- 3.2.1 Network Stack Design -- 3.2.2 Iso Osi -- 3.2.3 DoD TCP/IP Stack -- 3.2.4 OSI verse TCP/IP -- 3.2.5 Other Stacks -- 3.2.6 User Layers -- 3.3 Multiple Stacks -- 3.3.1 Sequential Stacks -- 3.3.2 Stacks Within Stacks -- 3.3.3 Vpn -- 3.4 Layers and Protocols -- 3.4.1 Mapping Protocols to Layers -- 3.4.2 Misaligned Mappings -- 3.4.3 Different Layers, Different Views -- 3.5 Common Tools -- 3.5.1 Querying Tools -- 3.5.2 Collection Tools -- 3.5.3 Assessment Tools -- 3.5.4 Analysis Tools -- 3.6 Summary -- 3.7 Review Questions -- 3.8 Discussion Topics -- 3.9 Additional Resources -- Chapter 4: Basic Cryptography -- 4.1 Securing Information -- 4.2 Necessary Elements -- 4.2.1 Plaintext and Ciphertext -- 4.2.2 Algorithm -- 4.2.3 Environment -- 4.2.4 Key -- 4.2.5 Cracking Cryptographic Systems -- 4.3 Authentication and Keys -- 4.3.1 Key Management Risks -- 4.3.2 Keys and Automated Systems -- 4.3.3 Symmetrical verse Asymmetrical Keys -- 4.3.4 Key Exchange -- 4.3.5 Certificates and Certificate Authorities -- 4.3.6 Kerberos -- 4.4 Cryptography and Randomness -- 4.4.1 Random Numbers -- 4.4.2 Confusion and Diffusion -- 4.4.3 S-Box -- 4.5 Hashes -- 4.5.1 Parity -- 4.5.2 Checksum -- 4.5.3 Crc -- 4.5.4 Cryptographic Hash Functions -- 4.5.5 Sparse Hash Mappings -- 4.5.6 Signed Cryptographic Hashes and HMAC -- 4.6 Ciphers -- 4.6.1 Simple Ciphers -- 4.6.2 Monoalphabetic and Polyalphabetic Ciphers -- 4.6.3 One-Time Pads -- 4.6.4 Book Ciphers -- 4.7 Encryption -- 4.7.1 Streaming and Block Ciphers -- 4.7.2 Block Cipher Modes -- 4.8 Steganography -- 4.9 Summary -- 4.10 Review Questions -- 4.11 Discussion Topics -- 4.12 Additional Resources -- Part II: OSI Layer I -- Chapter 5: Physical Layer -- 5.1 Types of Physical Mediums -- 5.1.1 Wired Network Protocols -- 5.1.2 Fiber Optic Networks -- 5.1.3 Trunk Lines -- 5.1.4 Dynamic Networks -- 5.1.5 Wireless -- 5.2 Physical Network Components -- 5.3 Physical Network Risks -- 5.3.1 Eavesdropping -- 5.3.2 Replay -- 5.3.3 Insertion -- 5.3.4 Denial of Service (DoS) -- 5.4 Topologies -- 5.4.1 Bus Networks -- 5.4.2 Star Networks -- 5.4.3 Ring Networks -- 5.4.4 Broadcast Networks -- 5.4.5 Hybrid Networks -- 5.5 Physical Layer Security -- 5.6 Tracking Attacks -- 5.7 Summary -- 5.8 Review Questions -- 5.9 Discussion Topics -- 5.10 Additional Resources -- Chapter 6: Physical LAN -- 6.1 Physical LAN Regions -- 6.1.1 Lan -- 6.1.2 Wan -- 6.1.3 Dmz -- 6.1.4 Man -- 6.2 Types of Attacks -- 6.2.1 Disruption -- 6.2.2 Interference -- 6.2.3 Intentional Attacks -- 6.3 Firewalls -- 6.3.1 Software Firewalls -- 6.3.2 Hardware Firewalls -- 6.3.3 Home Users and Firewalls -- 6.4 Privileged Zones -- 6.4.1 Dmz -- 6.4.2 Onion -- 6.4.3 Garlic -- 6.5 LAN Connections -- 6.5.1 Static Connections -- 6.5.2 Dynamic Connections -- 6.6 Summary -- 6.7 Review Questions -- 6.8 Discussion Topics -- 6.9 Additional Resources -- Chapter 7: Wireless Networking -- 7.1 Wireless Spectrum -- 7.2 Wireless Protocols -- 7.2.1 Ssid -- 7.2.2 Wep -- 7.2.3 WEP Cracking -- 7.3 Wireless Risks -- 7.3.1 Packet Sniffing -- 7.3.2 SSID Information -- 7.3.3 Impersonation -- 7.3.4 Parasites -- 7.3.5 Direct Security Breaches -- 7.4 Risk Mitigation Options -- 7.4.1 SSID Labeling -- 7.4.2 Broadcasting SSID -- 7.4.3 Antenna Placement -- 7.4.4 MAC Filtering -- 7.4.5 WEP: Better Than Nothing -- 7.4.6 Other Cryptographic Systems -- 7.4.7 Network Architecture -- 7.5 Summary -- 7.6 Review Questions -- 7.7 Discussion Topics -- 7.8 Additional Resources -- Part III: OSI Layer 2 -- Chapter 8: Data Link Layer -- 8.1 Data Flow -- 8.1.1 Transmitting Data -- 8.1.2 Receiving Data -- 8.2 Common Uses -- 8.2.1 Point-to-Point Networks -- 8.2.2 Multi-Host Networks -- 8.2.3 Frame Relay -- 8.2.4 Switches -- 8.2.5 Bridges -- 8.2.5 Access Restriction -- 8.3 Layered Data Link Protocols -- 8.3.1 Low-Level Protocols -- 8.3.2 Middle-Level Protocols -- 8.3.3 High-Level Protocols -- 8.4 Uncommon Uses -- 8.4.1 Promiscuous Mode -- 8.4.2 Load Attacks -- 8.4.3 Address Attacks -- 8.4.4 Out-of-Frame Data -- 8.4.5 Covert Channels -- 8.4.6 Physical Layer Risks -- 8.5 Common Mitigation Options -- 8.5.1 Hard-Coding -- 8.5.2 Data Link Authentication -- 8.5.3 Higher-Layer Authentication -- 8.5.4 Analyzers and Tools -- 8.6 Summary -- 8.7 Review Questions -- 8.8 Discussion Topics -- 8.9 Additional Resources -- Chapter 9: SLIP and PPP -- 9.1 Simplified Data Link Services -- 9.1.1 Simplified Flow Control -- 9.1.2 Simplified Message Framing -- 9.1.3 Simplified Address Support -- 9.2 Point-to-Point Protocols -- 9.2.1 Slip -- 9.2.2 Ppp -- 9.2.3 Tunneling -- 9.3 Common Risks -- 9.3.1 Authentication -- 9.3.2 Bi-directional Communication -- 9.3.3 User Education -- 9.4 Similar Threats -- 9.5 Summary -- 9.6 Review Questions -- 9.7 Discussion Topics -- 9.8 Additional Resources -- Chapter 10: MAC and ARP -- 10.1 Data Link Sublayers -- 10.1.1 Llc -- 10.1.2 Mac -- 10.1.3 MAC Vulnerabilities -- 10.2 ARP and RARP -- 10.2.1 ARP Poisoning -- 10.2.2 ARP Poisoning Impact -- 10.2.3 Mitigating ARP Poisoning -- 10.3 Network Routing -- 10.3.1 Switches -- 10.3.2 Bridges -- 10.3.3 Switch Attacks -- 10.4 Physical Layer Risks -- 10.5 Summary -- 10.6 Review Questions -- 10.7 Discussion Topics -- 10.8 Additional Resources -- Part IV: OSI Layer 3 -- Chapter 11: Network Layer -- 11.1 Routing -- 11.1.1 Routers -- 11.1.2 Routing Tables -- 11.1.3 Routing Metrics -- 11.1.4 Applying Routes -- 11.2 Routing Risks -- 11.2.1 Direct Router Attacks -- 11.2.2 Router Table Poisoning -- 11.2.3 Router Table Flooding -- 11.2.4 Router Metric Attacks -- 11.2.5 Router Looping Attacks -- 11.3 Addressing -- 11.3.1 Numeric Addressing -- 11.3.2 Name-Based Addressing -- 11.4 Risks to Address Schemes -- 11.4.1 Address Impersonation -- 11.4.2 Address Hijacking -- 11.4.3 Dynamic Allocation Consumption -- 11.4.4 False Release Attacks -- 11.4.5 False Dynamic Allocation -- 11.5 Fragmentation -- 11.5.1 Fragments and Sequence Numbers -- 11.5.2 Fragments and Offsets -- 11.6 Fragmentation Risks -- 11.6.1 Missing Fragment Attacks -- 11.6.2 Maximum Unfragmented Size -- 11.6.3 Fragment Reassembly -- 11.7 Quality of Service -- 11.8 Quality of Service Attacks -- 11.9 Security -- 11.9.1 Secure Protocols -- 11.9.2 Network Incompatibility -- 11.9.3 Architecture -- 11.9.4 Server Filtering -- 11.9.5 Firewalls and Egress Filtering -- 11.10 Summary -- 11.11 Review Questions -- 11.12 Discussion Topics -- 11.13 Additional Resources -- Chapter 12: Internet Protocol (IP) -- 12.1 IP Addressing -- 12.1.1 Subnet Classes -- 12.1.2 Network Masks -- 12.1.3 Broadcast Addresses -- 12.1.4 Routing -- 12.1.5 Metrics -- 12.1.6 Ttl -- 12.1.7 Non-routable Addresses -- 12.2 Icmp -- 12.2.1 ICMP Support -- 12.2.2 Echo Request and Reply -- 12.2.3 Time Exceeded -- 12.2.4 Destination Unreachable -- 12.2.5 Source Quench -- 12.2.6 Redirect -- 12.2.7 Mask Solicitation -- 12.2.8 Router Advertisement -- 12.3 General Risks -- 12.3.1 Addressing Conflicts -- 12.3.2 IP Hijacking -- 12.3.3 Replay Attacks -- 12.3.4 Packet Storms -- 12.3.5 Fragmentation Attacks -- 12.3.6 Covert Channels -- 12.4 Security Options -- 12.4.1 Disable ICMP -- 12.4.2 Non-Routable Addresses -- 12.4.3 Network Address Translation (NAT) -- 12.4.4 Reverse-NAT (RNAT) -- 12.4.5 IP Filtering -- 12.4.6 Egress Filtering -- 12.4.7 IPsec -- 12.4.8 IPv6 -- 12.5 Summary -- 12.6 Review Questions -- 12.7 Discussion Topics -- 12.8 Additional Resources -- Chapter 13: Anonymity -- 13.1 Why Be Anonymous? -- 13.1.1 Anonymity Motivations -- 13.1.2 Identity Exposure -- 13.1.3 Data Retention -- 13.2 Privacy verse Anonymity -- 13.2.1 Source Anonymity -- 13.2.2 Destination Anonymity -- 13.2.3 Link Anonymity -- 13.3 Network Anonymity -- 13.3.1 Moving Addresses -- 13.3 Notes Includes index Bibliography Bibliography, pages 549-556 Subject Computer networks -- Security measures -- Textbooks. Computer network protocols -- Textbooks. Genre/Form Textbooks. LC no. 2006012902 ISBN 1584504641 paperback

  Permalink