- ホーム
- > 洋書
- > 英文書
- > Internet / General
Full Description
The E-mail Virus Protection Handbook is organised around specific e-mail clients, server environments, and anti-virus software. The first eight chapters are useful to both users and network professionals; later chapters deal with topics relevant mostly to professionals with an emphasis on how to use e-mail filtering software to monitor all incoming documents for malicious behaviour. In addition, the handbook shows how to scan content and counter email address forgery attacks. A chapter on mobile code applications, which use Java applets and Active X controls to infect email and, ultimately, other applications and whole systems is presented.The book covers spamming and spoofing: Spam is the practice of sending unsolicited email to users. One spam attack can bring down an entire enterprise email system by sending thousands of bogus messages or "mailbombing," which can overload servers. Email spoofing means that users receive messages that appear to have originated from one user, but in actuality were sent from another user. Email spoofing can be used to trick users into sending sensitive information, such as passwords or account numbers, back to the spoofer.
Contents
IntroductionChapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit ServersIntroductionEssential ConceptsServers, Services, and ClientsAuthentication and Access ControlHackers and Attack TypesWhat Do Hackers Do?Attack TypesOverview of E-mail Clients and ServersUnderstanding a Mail User Agent and a Mail Transfer AgentThe Mail Delivery AgentWhen Are Security Problems Introduced?History of E-mail AttacksThe MTA and the Robert Morris Internet WormMDA AttacksAnalyzing Famous AttacksCase StudyLearning from Past AttacksViruses WormsTypes of WormsTrojansIllicit ServersDifferentiating between Trojans and Illicit Serversxiv ContentsE-mail BombingSniffing AttacksCarnivoreSpamming and SecurityCommon Authoring LanguagesProtecting Your E-mailProtecting E-mail ClientsThird-party ApplicationsEncryptionHash Encryption and Document SigningSummaryFAQsChapter 2: Securing Outlook 2000IntroductionCommon Targets, Exploits, and WeaknessesThe Address BookThe Mail FoldersVisual Basic FilesAttacks Specific to This ClientSecurity UpdatesEnabling FilteringJunk E-mailFiltering KeywordsMail Settings and OptionsHTML MessagesZone SettingsEnabling S/MIMEWhy You Should Use Public Key EncryptionInstalling and Enabling Pretty Good Privacy (PGP)Understanding Public Key EncryptionSummaryFAQsChapter 3: Securing Outlook Express 5.0 and Eudora 4.3IntroductionOutlook Express for WindowsSecurity SettingsAttachmentsOutlook Express for MacintoshJunk Mail FilterMessage RulesAttachmentsEudora for Windows and MacintoshSecurityAttachmentsFilteringEnabling PGP for both Outlook Express and EudoraSending and Receiving PGP-Secured MessagesAutomatic Processing of MessagesFile Attachments and PGPSummaryFAQsChapter 4: Web-based Mail IssuesIntroductionChoices in Web-based E-mail ServicesWhy Is Web-based E-mail So Popular?The Cost of ConvenienceSpecific WeaknessesCase StudySpecific Sniffer ApplicationsCode-based AttacksSolving the ProblemUsing Secure Sockets Layer (SSL)Secure HTTPPractical ImplementationsLocal E-mail Servers Using PGP with Web-based E-mailMaking Yourself AnonymousSummaryFAQsChapter 5: Client-Side Anti-Virus ApplicationsIntroductionMcAfee VirusScan 5Norton AntiVirus 2000Trend Micro PC-cillin 2000SummaryFAQsChapter 6: Mobile Code ProtectionIntroductionDynamic E-mailActive ContentTaking Advantage of Dynamic E-mailDangersNo Hiding Behind the FirewallMobile CodeJavaSecurity ModelPoints of WeaknessHow Hackers Take AdvantagePrecautions You Can TakeJavaScriptSecurity ModelPoints of WeaknessHow Hackers Take AdvantagePrecautions to TakeActiveXSecurity ModelPoints of WeaknessHow Hackers Can Take AdvantagePrecautions to TakeVBScriptSecurity ModelPoints of WeaknessHow Hackers Take AdvantagePrecautions to TakeSummaryFAQsChapter 7: Personal FirewallsIntroductionWhat Is a Personal Firewall?Blocks PortsBlock IP AddressesAccess Control List (ACL)Execution Control List (ECL)Intrusion DetectionPersonal Firewalls and E-mail ClientsFalse PositivesNetwork Ice BlackICE Defender 2.1InstallationConfigurationE-mail and BlackICEAladdin Networks' eSafe, Version 2.2InstallationConfigurationE-mail and ESafeNorton Personal Firewall 2000 2.0InstallationConfigurationZoneAlarm 2.1InstallationConfigurationE-mail and ZoneAlarmSummaryFAQsChapter 8: Securing Windows 2000 Advanced Server and Red Hat Linux 6 for E-mail ServicesIntroductionUpdating the Operating SystemMicrosoft Service PacksRed Hat Linux Updates and Errata Service PackagesDisabling Unnecessary Services and PortsWindows 2000 Advanced Server-Services to DisableInternet Information Services (IIS)Red Hat Linux-Services to DisableInetd.confLocking Down PortsWell-Known and Registered PortsDetermining Ports to BlockBlocking Ports in WindowsBlocking Ports in Linux Maintenance IssuesMicrosoft Service Pack Updates, Hot Fixes, and Security PatchesRed Hat Linux Errata: Fixes and AdvisoriesWindows Vulnerability Scanner (ISS System Scanner)Linux Vulnerability Scanner (WebTrends Security Analyzer)LoggingCommon Security ApplicationsFirewall PlacementSummaryFAQsChapter 9: Microsoft Exchange Server 5.5IntroductionSecuring the Exchange Server from SpamExchange and Virus Attacks: Myths and RealitiesLearning from Recent AttacksExchange MaintenanceService PacksPlug-ins and Add-onsThird-party Add-onsMicrosoft UtilitiesContent FilteringAttachment ScanningRecoveryBacking Up DataRestoring DataSummaryFAQsChapter 10: Sendmail and IMAP SecurityIntroductionSendmail and Security: A Contradiction in Terms?Sendmail's HistoryThreats to SendMail SecurityFixesAlternatives: Postfix and QmailComparing Your OptionsInternet Message Access Protocol (IMAP)The IMAP AdvantageUnderstanding IMAP Implementations Administering the ServerIMAP SummaryRecoveryBacking Up DataRestoring DataThe Bottom Line on BackupSummaryFAQsChapter 11: Deploying Server-side E-mail Content Filters and ScannersIntroductionOverview of Content FilteringFiltering by SenderFiltering by ReceiverSubject Headings and Message BodyOverview of Attachment ScanningAttachment SizeAttachment Type (Visual Basic, Java, ActiveX)McAfee GroupShieldInstallation of GroupShield ConfigurationSpecific SettingsTrend Micro ScanMail for Exchange ServerInstallation of ScanMailConfigurationSpecific SettingsAdditional ScanMail OfferingsContent Technologies' MAILsweeper for Exchange 5.5Installation of MAILsweeperConfigurationSpecific SettingsFirewall and E-mail Content ScanningContent Technologies MIMEsweeper for CheckPoint's Firewall-1Axent Raptor FirewallAttack Detection and System ScanningAttacksReal-time, Third-party ServicesEvinciSecurifySummaryFAQsAppendix: SecretsLesser-known ShortcutsUnder-documented Features and FunctionsDisable an ActiveX ControlFor Experts Only (Advanced features)Web Pages on Mobile Code Security TopicsOutlook Web Access (OWA)Using SendMail To Refuse E-mails with the Love Letter VirusTroubleshooting and Optimization TipsIndex
