Table of Contents
Preface.
I. GETTING STARTED.
1. Introduction.
Why Security?Picking a Security Policy.Strategies for a Secure
Network.The Ethics of Computer Security.WARNING.
2. An Overview
of TCP/IP.
The Different Layers.Routers and Routing Protocols.The Domain Name
System.Standard Services.RPC.based Protocols.File Transfer
Protocols.The “r” Commands.Information Services.The X11
System.Patterns of Trust.
II. BUILDING YOUR OWN FIREWALL.
3. Firewall Gateways.
Firewall Philosophy.Situating Firewalls.Packet-Filtering
Gateways.Application-Level Gateways.Circuit-Level
Gateways.Supporting Inbound Services.Tunnels Good and Bad.Joint
Ventures.What Firewalls Can't Do.
4. How to Build an
Application-Level Gateway.
Policy.Hardware Configuration Options.Initial Installation.Gateway
Tools.Installing Services.Protecting the Protectors.Gateway
Administration.Safety Analysis (Why Our Setup Is Secure and
Fail-Safe).Performance.The TIS Firewall Toolkit.Evaluating
Firewalls.Living Without a Firewall.
5. Authentication.
User Authentication.Host-to-Host Authentication.
6. Gateway
Tools.
Proxylib.Syslog.Watching the Network: Tcpdump and Friends.Adding
Logging to Standard Daemons.
7. Traps, Lures, and Honey
Pots.
What to Log.Dummy Accounts.Tracing the Connection.
8. The
Hacker's Workbench.
Introduction.Discovery.Probing Hosts.Connection Tools.Routing
Games.Network Monitors.Metastasis.Tiger Teams.Further Reading.
III. A BOOK BACK.
9. Classes of Attacks.
Stealing Passwords.Social Engineering.Bugs and
Backdoors.Authentication Failures.Protocol Failures.Information
Leakage.Denial-of-Service.
10. An Evening with Berferd.
Introduction.Unfriendly Acts.An Evening with Berferd.The Day
After.The Jail.Tracing Berferd.Berferd Comes Home.
11. Where the
Wild Things Are: A Look at the Logs.
A Year of Hacking.Proxy Use.Attack Sources.Noise on the Line.
IV. ODDS AND ENDS.
12. Legal Considerations.
Computer Crime Statutes.Log Files as Evidence.Is Monitoring
Legal?Tort Liability Considerations.
13. Secure Communications
over Insecure Networks.
An Introduction to Cryptography.The Kerberos Authentication
System.Link-Level Encryption.Network- and Transport-Level
Encryption.Application-Level Encryption.
14. Where Do We Go from
Here?
Appendix A. Useful Free Stuff.
Building Firewalls.Network Management and Monitoring Tools.Auditing
Packages.Cryptographic Software.Information Sources.
Appendix B.
TCP and UDP Ports.
Fixed Ports.MBone Usage.
Appendix C. Recommendations to
Vendors.
Everyone.Hosts.Routers.Protocols.Firewalls.
Bibliography.
List of Bombs.
Index. 0201633574T04062001About the Author
William R. Cheswick (http://cheswick.com) is Chief
Scientist at Lumeta Corporation, which explores and maps clients'
network infrastructures and finds perimeter leaks. Formerly he was
a senior researcher at Lucent Bell Labs, where he did pioneering
work in the areas of firewall design and implementation, PC
viruses, mailers, and Internet munitions.
Steven M. Bellovin (http://stevebellovin.com) is a Fellow
at AT&T Labs Research, where he works on networks, security,
and, especially, why the two don't get along. He is a member of the
National Academy of Engineering and is one of the Security Area
directors of the Internet Engineering Task Force. Long ago he was
one of the creators of NetNews.
0201633574AB01302003