Sie sind auf Seite 1von 9

Inside Network Perimeter

Security

Table Of Contents
1. Inside Network Perimeter Security ............................................ Error! Bookmark not defined.
2. Table of Contents ....................................................................... Error! Bookmark not defined.
3. Copyright .................................................................................... Error! Bookmark not defined.
4. About the Authors ..................................................................... Error! Bookmark not defined.
5. About the Technical Editors ....................................................... Error! Bookmark not defined.
6. Acknowledgments...................................................................... Error! Bookmark not defined.
7. We Want to Hear from You! ...................................................... Error! Bookmark not defined.
8. Reader Services .......................................................................... Error! Bookmark not defined.
9. Preface ....................................................................................... Error! Bookmark not defined.
9.1 Rickety Planes ...................................................................... Error! Bookmark not defined.
9.2 Fires in the West .................................................................. Error! Bookmark not defined.
9.3 Rapid Advances in Technology............................................. Error! Bookmark not defined.
9.4 Decline in Personal Service .................................................. Error! Bookmark not defined.
9.5 Continuous Inspections........................................................ Error! Bookmark not defined.
9.6 Defense in Depth ................................................................. Error! Bookmark not defined.
9.7 Core Business Sector ............................................................ Error! Bookmark not defined.
10. Introduction ............................................................................. Error! Bookmark not defined.
10.1 Who Should Read This Book .............................................. Error! Bookmark not defined.
10.2 Why We Created This Book's Second Edition .................... Error! Bookmark not defined.
10.3 Overview of the Book's Contents....................................... Error! Bookmark not defined.
10.4 Conventions ....................................................................... Error! Bookmark not defined.
11. Part I: The Essentials of Network Perimeter Security ............. Error! Bookmark not defined.
11.1 Chapter 1. Perimeter Security Fundamentals ................... Error! Bookmark not defined.
11.1.1 Terms of the Trade ...................................................... Error! Bookmark not defined.
11.1.2 Defense in Depth ........................................................ Error! Bookmark not defined.
11.1.3 Case Study: Defense in Depth in Action...................... Error! Bookmark not defined.
11.1.4 Summary ..................................................................... Error! Bookmark not defined.
11.2 Chapter 2. Packet Filtering ................................................ Error! Bookmark not defined.
11.2.1 TCP/IP Primer: How Packet Filtering Works ............... Error! Bookmark not defined.
11.2.2 TCP and UDP Ports ...................................................... Error! Bookmark not defined.

11.2.3 TCP's Three-way Handshake ....................................... Error! Bookmark not defined.


11.2.4 The Cisco Router as a Packet Filter ............................. Error! Bookmark not defined.
11.2.5 An Alternative Packet Filter: IPChains......................... Error! Bookmark not defined.
11.2.6 The Cisco ACL .............................................................. Error! Bookmark not defined.
11.2.7 Effective Uses of Packet-Filtering Devices .................. Error! Bookmark not defined.
11.2.8 Egress Filtering ............................................................ Error! Bookmark not defined.
11.2.9 Tracking Rejected Traffic............................................. Error! Bookmark not defined.
11.2.10 Problems with Packet Filters..................................... Error! Bookmark not defined.
11.2.11 Dynamic Packet Filtering and the Reflexive Access ListError! Bookmark not defined.
11.2.12 Summary ................................................................... Error! Bookmark not defined.
11.2.13 References ................................................................ Error! Bookmark not defined.
11.3 Chapter 3. Stateful Firewalls ............................................. Error! Bookmark not defined.
11.3.1 How a Stateful Firewall Works .................................... Error! Bookmark not defined.
11.3.2 The Concept of State................................................... Error! Bookmark not defined.
11.3.3 Stateful Filtering and Stateful Inspection ................... Error! Bookmark not defined.
11.3.4 Summary ..................................................................... Error! Bookmark not defined.
11.3.5 References .................................................................. Error! Bookmark not defined.
11.4 Chapter 4. Proxy Firewalls................................................. Error! Bookmark not defined.
11.4.1 Fundamentals of Proxying .......................................... Error! Bookmark not defined.
11.4.2 Pros and Cons of Proxy Firewalls ................................ Error! Bookmark not defined.
11.4.3 Types of Proxies .......................................................... Error! Bookmark not defined.
11.4.4 Tools for Proxying ....................................................... Error! Bookmark not defined.
11.4.5 Summary ..................................................................... Error! Bookmark not defined.
11.5 Chapter 5. Security Policy ................................................. Error! Bookmark not defined.
11.5.1 Firewalls Are Policy ..................................................... Error! Bookmark not defined.
11.5.2 How to Develop Policy ................................................ Error! Bookmark not defined.
11.5.3 Perimeter Considerations ........................................... Error! Bookmark not defined.
11.5.4 Summary ..................................................................... Error! Bookmark not defined.
11.5.5 References .................................................................. Error! Bookmark not defined.
12. Part II: Fortifying the Security Perimeter ................................ Error! Bookmark not defined.
12.1 Chapter 6. The Role of a Router ........................................ Error! Bookmark not defined.
12.1.1 The Router as a Perimeter Device .............................. Error! Bookmark not defined.
12.1.2 The Router as a Security Device .................................. Error! Bookmark not defined.

12.1.3 Router Hardening ........................................................ Error! Bookmark not defined.


12.1.4 Summary ..................................................................... Error! Bookmark not defined.
12.2 Chapter 7. Virtual Private Networks ................................. Error! Bookmark not defined.
12.2.1 VPN Basics ................................................................... Error! Bookmark not defined.
12.2.2 Advantages and Disadvantages of VPNs ..................... Error! Bookmark not defined.
12.2.3 IPSec Basics ................................................................. Error! Bookmark not defined.
12.2.4 Other VPN Protocols: PPTP and L2TP ......................... Error! Bookmark not defined.
12.2.5 Summary ..................................................................... Error! Bookmark not defined.
12.2.6 References .................................................................. Error! Bookmark not defined.
12.3 Chapter 8. Network Intrusion Detection........................... Error! Bookmark not defined.
12.3.1 Network Intrusion Detection Basics ........................... Error! Bookmark not defined.
12.3.2 The Roles of Network IDS in a Perimeter Defense ..... Error! Bookmark not defined.
12.3.3 IDS Sensor Placement ................................................. Error! Bookmark not defined.
12.3.4 Case Studies ................................................................ Error! Bookmark not defined.
12.3.5 Summary ..................................................................... Error! Bookmark not defined.
12.4 Chapter 9. Host Hardening................................................ Error! Bookmark not defined.
12.4.1 The Need for Host Hardening ..................................... Error! Bookmark not defined.
12.4.2 Removing or Disabling of Unnecessary Programs ...... Error! Bookmark not defined.
12.4.3 Limiting Access to Data and Configuration Files ......... Error! Bookmark not defined.
12.4.4 Controlling User and Privileges ................................... Error! Bookmark not defined.
12.4.5 Maintaining Host Security Logs................................... Error! Bookmark not defined.
12.4.6 Applying Patches ......................................................... Error! Bookmark not defined.
12.4.7 Additional Hardening Guidelines ................................ Error! Bookmark not defined.
12.4.8 Summary ..................................................................... Error! Bookmark not defined.
12.5 Chapter 10. Host Defense Components............................ Error! Bookmark not defined.
12.5.1 Hosts and the Perimeter ............................................. Error! Bookmark not defined.
12.5.2 Antivirus Software....................................................... Error! Bookmark not defined.
12.5.3 Host-Based Firewalls ................................................... Error! Bookmark not defined.
12.5.4 Host-Based Intrusion Detection .................................. Error! Bookmark not defined.
12.5.5 Challenges of Host Defense Components ................... Error! Bookmark not defined.
12.5.6 Summary ..................................................................... Error! Bookmark not defined.
12.5.7 References .................................................................. Error! Bookmark not defined.
12.6 Chapter 11. Intrusion Prevention Systems ....................... Error! Bookmark not defined.

12.6.1 Rapid Changes in the Marketplace ............................. Error! Bookmark not defined.
12.6.2 What Is IPS? ................................................................ Error! Bookmark not defined.
12.6.3 IPS Limitations ............................................................. Error! Bookmark not defined.
12.6.4 NIPS ............................................................................. Error! Bookmark not defined.
12.6.5 Host-Based Intrusion Prevention Systems .................. Error! Bookmark not defined.
12.6.6 Summary ..................................................................... Error! Bookmark not defined.
13. Part III: Designing a Secure Network Perimeter...................... Error! Bookmark not defined.
13.1 Chapter 12. Fundamentals of Secure Perimeter Design ... Error! Bookmark not defined.
13.1.1 Gathering Design Requirements ................................. Error! Bookmark not defined.
13.1.2 Design Elements for Perimeter Security ..................... Error! Bookmark not defined.
13.1.3 Summary ..................................................................... Error! Bookmark not defined.
13.1.4 References .................................................................. Error! Bookmark not defined.
13.2 Chapter 13. Separating Resources .................................... Error! Bookmark not defined.
13.2.1 Security Zones ............................................................. Error! Bookmark not defined.
13.2.2 Common Design Elements .......................................... Error! Bookmark not defined.
13.2.3 VLAN-Based Separation .............................................. Error! Bookmark not defined.
13.2.4 Summary ..................................................................... Error! Bookmark not defined.
13.2.5 References .................................................................. Error! Bookmark not defined.
13.3 Chapter 14. Wireless Network Security ............................ Error! Bookmark not defined.
13.3.1 802.11 Fundamentals ................................................. Error! Bookmark not defined.
13.3.2 Securing Wireless Networks ....................................... Error! Bookmark not defined.
13.3.3 Auditing Wireless Security .......................................... Error! Bookmark not defined.
13.3.4 Case Study: Effective Wireless Architecture ............... Error! Bookmark not defined.
13.3.5 Summary ..................................................................... Error! Bookmark not defined.
13.3.6 References .................................................................. Error! Bookmark not defined.
13.4 Chapter 15. Software Architecture ................................... Error! Bookmark not defined.
13.4.1 Software Architecture and Network Defense ............. Error! Bookmark not defined.
13.4.2 How Software Architecture Affects Network Defense Error! Bookmark not defined.
13.4.3 Software Component Placement ................................ Error! Bookmark not defined.
13.4.4 Identifying Potential Software Architecture Issues .... Error! Bookmark not defined.
13.4.5 Software Testing ......................................................... Error! Bookmark not defined.
13.4.6 Network Defense Design Recommendations ............. Error! Bookmark not defined.
13.4.7 Case Study: Customer Feedback System .................... Error! Bookmark not defined.

13.4.8 Case Study: Web-Based Online Billing Application ..... Error! Bookmark not defined.
13.4.9 Summary ..................................................................... Error! Bookmark not defined.
13.4.10 References ................................................................ Error! Bookmark not defined.
13.5 Chapter 16. VPN Integration ............................................. Error! Bookmark not defined.
13.5.1 Secure Shell ................................................................. Error! Bookmark not defined.
13.5.2 Secure Sockets Layer ................................................... Error! Bookmark not defined.
13.5.3 Remote Desktop Solutions .......................................... Error! Bookmark not defined.
13.5.4 IPSec ............................................................................ Error! Bookmark not defined.
13.5.5 Other VPN Considerations .......................................... Error! Bookmark not defined.
13.5.6 VPN Design Case Study ............................................... Error! Bookmark not defined.
13.5.7 Summary ..................................................................... Error! Bookmark not defined.
13.5.8 References .................................................................. Error! Bookmark not defined.
13.6 Chapter 17. Tuning the Design for Performance .............. Error! Bookmark not defined.
13.6.1 Performance and Security........................................... Error! Bookmark not defined.
13.6.2 Network Security Design Elements That Impact PerformanceError! Bookmark not defined.
13.6.3 Impact of Encryption ................................................... Error! Bookmark not defined.
13.6.4 Using Load Balancing to Improve Performance .......... Error! Bookmark not defined.
13.6.5 Mitigating the Effects of DoS Attacks ......................... Error! Bookmark not defined.
13.6.6 Summary ..................................................................... Error! Bookmark not defined.
13.6.7 References .................................................................. Error! Bookmark not defined.
13.7 Chapter 18. Sample Designs.............................................. Error! Bookmark not defined.
13.7.1 Review of Security Design Criteria .............................. Error! Bookmark not defined.
13.7.2 Case Studies ................................................................ Error! Bookmark not defined.
13.7.3 Summary ..................................................................... Error! Bookmark not defined.
14. Part IV: Maintaining and Monitoring Perimeter Security ....... Error! Bookmark not defined.
14.1 Chapter 19. Maintaining a Security Perimeter ................. Error! Bookmark not defined.
14.1.1 System and Network Monitoring ................................ Error! Bookmark not defined.
14.1.2 Incident Response ....................................................... Error! Bookmark not defined.
14.1.3 Accommodating Change ............................................. Error! Bookmark not defined.
14.1.4 Summary ..................................................................... Error! Bookmark not defined.
14.1.5 References .................................................................. Error! Bookmark not defined.
14.2 Chapter 20. Network Log Analysis .................................... Error! Bookmark not defined.
14.2.1 The Importance of Network Log Files ......................... Error! Bookmark not defined.

14.2.2 Log Analysis Basics ...................................................... Error! Bookmark not defined.


14.2.3 Analyzing Router Logs ................................................. Error! Bookmark not defined.
14.2.4 Analyzing Network Firewall Logs ................................ Error! Bookmark not defined.
14.2.5 Analyzing Host-Based Firewall and IDS Logs ............... Error! Bookmark not defined.
14.2.6 Summary ..................................................................... Error! Bookmark not defined.
14.3 Chapter 21. Troubleshooting Defense Components ........ Error! Bookmark not defined.
14.3.1 The Process of Troubleshooting ................................. Error! Bookmark not defined.
14.3.2 Troubleshooting Rules of Thumb ................................ Error! Bookmark not defined.
14.3.3 The Troubleshooter's Toolbox .................................... Error! Bookmark not defined.
14.3.4 Summary ..................................................................... Error! Bookmark not defined.
14.3.5 References .................................................................. Error! Bookmark not defined.
14.4 Chapter 22. Assessment Techniques ................................ Error! Bookmark not defined.
14.4.1 Roadmap for Assessing the Security of Your Network Error! Bookmark not defined.
14.4.2 Planning....................................................................... Error! Bookmark not defined.
14.4.3 Reconnaissance ........................................................... Error! Bookmark not defined.
14.4.4 Network Service Discovery ......................................... Error! Bookmark not defined.
14.4.5 Vulnerability Discovery ............................................... Error! Bookmark not defined.
14.4.6 Verification of Perimeter Components ....................... Error! Bookmark not defined.
14.4.7 Remote Access ............................................................ Error! Bookmark not defined.
14.4.8 Exploitation ................................................................. Error! Bookmark not defined.
14.4.9 Results Analysis and Documentation .......................... Error! Bookmark not defined.
14.4.10 Summary ................................................................... Error! Bookmark not defined.
14.5 Chapter 23. Design Under Fire .......................................... Error! Bookmark not defined.
14.5.1 The Hacker Approach to Attacking Networks ............. Error! Bookmark not defined.
14.5.2 Adversarial Review ...................................................... Error! Bookmark not defined.
14.5.3 GIAC GCFW Student Practical Designs ........................ Error! Bookmark not defined.
14.5.4 Summary ..................................................................... Error! Bookmark not defined.
14.5.5 References .................................................................. Error! Bookmark not defined.
14.6 Chapter 24. A Unified Security Perimeter: The Importance of Defense in DepthError! Bookmark
not defined.
14.6.1 Castles: An Example of Defense-in-Depth ArchitectureError! Bookmark not defined.
14.6.2 Absorbent Perimeters ................................................. Error! Bookmark not defined.
14.6.3 Defense in Depth with Information ............................ Error! Bookmark not defined.
14.6.4 Summary ..................................................................... Error! Bookmark not defined.

15. Part V: Appendixes .................................................................. Error! Bookmark not defined.


15.1 Appendix A. Cisco Access List Sample Configurations ...... Error! Bookmark not defined.
15.1.1 Complete Access List for a Private-Only Network ...... Error! Bookmark not defined.
15.1.2 Complete Access List for a Screened Subnet Network That Allows Public Server Internet
Access ..................................................................................... Error! Bookmark not defined.
15.1.3 Example of a Router Configuration as Generated by the Cisco Auto Secure FeatureError!
Bookmark not defined.
15.2 Appendix B. Crypto 101 .................................................... Error! Bookmark not defined.
15.2.1 Encryption Algorithms ................................................ Error! Bookmark not defined.
15.2.2 References .................................................................. Error! Bookmark not defined.
16. Index......................................................................................... Error! Bookmark not defined.
16.1 SYMBOL .............................................................................. Error! Bookmark not defined.
16.2 A ......................................................................................... Error! Bookmark not defined.
16.3 B ......................................................................................... Error! Bookmark not defined.
16.4 C ......................................................................................... Error! Bookmark not defined.
16.5 D ......................................................................................... Error! Bookmark not defined.
16.6 E.......................................................................................... Error! Bookmark not defined.
16.7 F.......................................................................................... Error! Bookmark not defined.
16.8 G ......................................................................................... Error! Bookmark not defined.
16.9 H ......................................................................................... Error! Bookmark not defined.
16.10 I ........................................................................................ Error! Bookmark not defined.
16.11 J ........................................................................................ Error! Bookmark not defined.
16.12 K ....................................................................................... Error! Bookmark not defined.
16.13 L ........................................................................................ Error! Bookmark not defined.
16.14 M ...................................................................................... Error! Bookmark not defined.
16.15 N ....................................................................................... Error! Bookmark not defined.
16.16 O ....................................................................................... Error! Bookmark not defined.
16.17 P ....................................................................................... Error! Bookmark not defined.
16.18 Q ....................................................................................... Error! Bookmark not defined.
16.19 R ....................................................................................... Error! Bookmark not defined.
16.20 S........................................................................................ Error! Bookmark not defined.
16.21 T........................................................................................ Error! Bookmark not defined.
16.22 U ....................................................................................... Error! Bookmark not defined.
16.23 V ....................................................................................... Error! Bookmark not defined.

16.24 W ...................................................................................... Error! Bookmark not defined.


16.25 Z........................................................................................ Error! Bookmark not defined.