Firewalls and Internet Security : Repelling the Wily Hacker (Addison-wesley Professional Computing Series) (2ND)

個数:

Firewalls and Internet Security : Repelling the Wily Hacker (Addison-wesley Professional Computing Series) (2ND)

  • 在庫がございません。海外の書籍取次会社を通じて出版社等からお取り寄せいたします。
    通常6~9週間ほどで発送の見込みですが、商品によってはさらに時間がかかることもございます。
    重要ご説明事項
    1. 納期遅延や、ご入手不能となる場合がございます。
    2. 複数冊ご注文の場合、分割発送となる場合がございます。
    3. 美品のご指定は承りかねます。
  • 【入荷遅延について】
    世界情勢の影響により、海外からお取り寄せとなる洋書・洋古書の入荷が、表示している標準的な納期よりも遅延する場合がございます。
    おそれいりますが、あらかじめご了承くださいますようお願い申し上げます。
  • ◆画像の表紙や帯等は実物とは異なる場合があります。
  • ◆ウェブストアでの洋書販売価格は、弊社店舗等での販売価格とは異なります。
    また、洋書販売価格は、ご注文確定時点での日本円価格となります。
    ご注文確定後に、同じ洋書の販売価格が変動しても、それは反映されません。
  • 製本 Paperback:紙装版/ペーパーバック版/ページ数 464 p.
  • 言語 ENG
  • 商品コード 9780201634662
  • DDC分類 005.8

Full Description

The best-selling first edition of Firewalls and Internet Security became the bible of Internet security by showing readers how to think about threats and solutions. The completely updated and expanded second edition defines the security problems students face in today's Internet, identifies the weaknesses of the most popular security technologies, and illustrates the ins and outs of deploying an effective firewall. Students learn how to plan and execute a security strategy that allows easy access to Internet services while defeating even the wiliest of hackers. Written by well-known senior researchers at AT&T Bell Labs, Lumeta, and Johns Hopkins University the students will benefit from the actual, real-world experiences of the authors maintaining, improving, and redesigning AT&T's Internet gateway.

Contents

Preface to the Second Edition.


Preface to the First Edition.
I. GETTING STARTED.

1. Introduction.


Security Truisms.



Picking a Security Policy.



Host-Based Security.



Perimeter Security.



Strategies for a Secure Network.



The Ethics of Computer Security.



WARNING.

2. A Security Review of Protocols: Lower Layers.


Basic Protocols.



Managing Addresses and Names.



IP Version 6.



Network Address Translators.



Wireless Security.

3. Security Review: The Upper Layers.


Messaging.



Internet Telephony.



RPC-Based Protocols.



File Transfer Protocols.



Remote Login.



Simple Network Management Protocol-SNMP.



The Network Time Protocol.



Information Services.



Proprietary protocols.



Peer-to-Peer Networking.



The X11 Window System.



The Small Services.

4. The Web: Threat or Menace?


The Web Protocols.



Risks to the Clients.



Risks to the Server.



Web Servers vs. Firewalls.



The Web and Databases.



Parting Thoughts.

II. THE THREATS.

5. Classes of Attacks.


Stealing Passwords.



Social Engineering.



Bugs and Backdoors.



Authentication Failures.



Protocol Failures.



Information Leakage.



Exponential Attacks-Viruses and Worms.



Denial-of-Service Attacks.



Botnets.



Active Attacks.

6. The Hacker's Workbench, and Other Munitions.


Introduction.



Hacking Goals.



Scanning a Network.



Breaking into the Host.



The Battle for the Host.



Covering Tracks.



Metastasis.



Hacking Tools.



Tiger Teams.

III. SAFER TOOLS AND SERVICES.

7. Authentication.


Remembering Passwords.



Time-Based One-Time Passwords.



Challenge/Response One-Time Passwords.



Lamport's One-Time Password Algorithm.



Smart Cards.



Biometrics.



RADIUS.



SASL: An Authentication Framework.



Host-to-Host Authentication.



PKI.

8. Using Some Tools and Services.


Inetd-Network Services.



Ssh-Terminal and File Access.



Syslog.



Network Administration Tools.



Chroot-Caging Suspect Software.



Jailing the Apache Web Server.



Aftpd-A Simple Anonymous FTP Daemon.



Mail Transfer Agents.



POP3 and IMAP.



Samba: An SMB Implementation.



Taming Named.



Adding SSL Support with sslwrap.

IV. FIREWALLS AND VPNS.

9. Kinds of Firewalls.


Packet Filters.



Application-Level Filtering.



Circuit-Level Gateways.



Dynamic Packet Filters.



Distributed Firewalls.



What Firewalls Cannot Do.

10. Filtering Services.


Reasonable Services to Filter.



Digging for Worms.



Services We Don't Like.



Other Services.



Something New.

11. Firewall Engineering.


Rulesets.



Proxies.



Building a Firewall from Scratch.



Firewall Problems.



Testing Firewalls.

12. Tunneling and VPNs.


Tunnels.



Virtual Private Networks (VPNs).



Software vs. Hardware.



V. PROTECTING AN ORGANIZATION.

13. Network Layout.


Intranet Explorations.



Intranet Routing Tricks.



In Host We Trust.



Belt and Suspenders.



Placement Classes.

14. Safe Hosts in a Hostile Environment.


What Do We Mean by "Secure"?



Properties of Secure Hosts.



Hardware Configuration.



Field Stripping a Host.



Loading New Software.



Administering a Secure Host.



Skinny-Dipping: Life Without a Firewall.

15. Intrusion Detection.


Where to Monitor.



Types of IDS.



Administering an IDS.



IDS Tools.

VI. LESSONS LEARNED.

16. Une Soirie avec Berferd.


Introduction.



Unfriendly Acts.



An Evening with Berferd.



The Day After.



The Jail.



Tracing Berferd.



Berferd Comes Home.

17. The Taking of Clark.


Prelude.



Clark.



Crude Forensics.



Examining Clark.



The Password File.



How Did They Get In?



Better Forensics.



Lessons Learned.

18. Secure Communications over Insecure Networks.


An Introduction to Cryptography.



The Kerberos Authentication System.



Link-Level Encryption.



Network-Level Encryption.



Application-Level Encryption.

19. Where Do We Go from Here?


IPv6.



DNSsec.



Internet Ubiquity.



Internet Security.



Conclusion.

A. An Introduction to Cryptography.


Introduction.

B. Keeping up.
Bibliography.
List of Bombs.
List of Acronyms.
Index. 020163466XT01082003