Internet Firewalls and Network Security

Internet Firewalls and Network Security reveals how security is implemented in a data-sensitive world, and points out the inadequacies of existing security products by showing how they fail to keep out intruders. With this knowledge, you can better estimate your own security requirements, risks, and advantages.

Internet Firewalls and Network Security — helping you successfully secure your computer!

Protect your System From Security Breaches!

With Internet Firewalls and Network Security, you'll

• Learn about security and the risks involved in connecting to the Internet
• Discover how to build your own firewall
• Find out more about viruses and popular firewall programs
• Build a solid understanding of security with concepts, passwords, and standards

• Part I: Background Information
1. Understanding TCP/IP
• The History of TCP/IP
• Exploring Addresses, Subnets, and Host Names
• Address Classes
• Subnets
• Host Names
• Working with Network Interfaces
• Configuring Using ifconfig
• Reviewing the Network Configuration Files
• The /etc/hsosts File
• The /etc/ethers File
• The /etc/networks File
• The /etc/protocols File
• The /etc/services File
• The /etc/inetd.conf File
• Understanding the Network Access Files
• The /etc/hosts.equiv File
• The .rhosts File
• User and Host Equivalency
• Examining TCP/IP Daemons
• The slink Daemon
• The ldsocket Daemon
• The cpd Daemon
• The Line Printer Daemon (lpd)
• The SNMP Daemon (snmpd)
• The RARP Daemon (rarpd)
• The BOOTP Daemon (bootpd)
• The Route Daemon (routed)
• The Domain Name Service — named
• The System Logger — syslogd
• Inetd — The Super-Server
• The RWHO Daemon (rwhod)
• Exploring TCP/IP Utilities
• Administration Commands
• User Commands
• Summary
2. Security
• Examining Security Levels
• Level D1
• Level C1
• Level C2
• Level B1
• Level B2
• Level B3
• Level A
• Examining Local Security Issues
• Security Policies
• The Password File
• The Shadow Password File
• The Dialup Password File
• The Group File
• Password Aging and Control
• Vandals and Passwords
• Understanding How Vandals Break Passwords
• C2 Security and the Trusted Computing Base
• Understanding Network Equivalency
• Host Equivalency
• User Equivalency
• Defining Users and Groups
• Understanding Permissions
• A Review of Standard Permissions
• Root and NFS
• Exploring Data Encryption Methods
• How Passwords Are Encrypted
• Encrypting Files
• Examining Kerberos Authentication
• Understanding Kerberos
• Disadvantages of Kerberos
• Summary
• Acknowledgments
• A Sample Program
• Listing 2.1 — pwexp.pl
3. Designing a Network Policy
• Network Security Planning
• Site Security Policy
• Approach to Security Policy
• Ensuring Responsibility for the Security Policy
• Risk Analysis
• Identifying Resources
• Identifying the Threats
• Defining Unauthorized Access
• Risk of Disclosure of Information
• Denial of Service
• Network Use and Responsibilities
• Identifying Who Is Allowed Use of Network Resources
• Identifying the Proper Use of a Resource
• Determining Who Is Authorized to Grant Access and Approve Usage
• Determining User responsibilities
• Determining the Responsibilities of System Administrators
• What to Do with Sensitive Information
• Plan of Action When Security Policy Is Violated
• Response to Policy Violations
• Response to Policy Violations by Local Users
• Response Strategies
• Defining Responsibilities of Being a Good Citizen on the Internet
• Contacts and Responsibilities to External Organzations
• Interpreting and Publicizing the Security Policy
• Identifying and Preventing Security Problems
• Access Points
• Improperly Configured Systems
• Software Bugs
• Insider Threats
• Physical Security
• Confidentiality
• Implementing Cost-Effective Policy Controls
• Selecting the Policy Control
• Using Fallback Strategies
• Detecting and Monitoring Unauthorized Activity
• Monitoring System Use
• Monitoring Mechanisms
• Monitoring Schedule
• Reporting Procedures
• Account Management Procedures
• Configuration Management Procedures
• Recovery Procedures
• Problem Reporting Procedures for System  Administrators
• Protecting Network Connections
• Using Encryption to protect the Network
• Data Encryption Standard (DES)
• Crypt
• Privacy Enhanced Mail (PEM)
• Origin Authentication
• Information Integrity
• Using Checksums
• Cryptographic Checksums
• Using Authentication Systems
• Using Smart Cards
• Using Kerberos
• Keeping Up-to-Date
• Mailing Lists
• Unix Security Mailing Lists
• The Risks Forum List
• The VIRUS-L List
• The Bugtraq List
• The Computer Underground Digest
• The CERT Mailing List
• The CERT-TOOLS Mailing List
• The TCP/IP Mailing List
• The SUN-NETS Mailing List
• Newsgroups
• Security Response Teams
• Computer Emergency Response Team
• DDN Security Coordination Center
• NIST Computer Security Resource and Response Center
• DOE Computer Incident Advisory Capability (CIAC)
• NASA Ames Computer Network Security Response Team
• Summary
• Part II: Screening Routers and Firewalls
4. An Introduction to Screening Routers
• Clarifying Definitions
• Zones of Risk
• The OSI Reference Model and Screening Routers
• Layers of the OSI Model
• Screening Routers and Firewalls in Relationship to the OSI Model
• Understanding Packet Filtering
• Packer Filtering and Network Policy
• A Simple Model for Packet Filtering
• Packet Filter Operations
• Packet Filter Designs
• Packet Filter Rules and Full-Assocoations
• Summary
5. Packet Filters
• Implementing Packet Filter Rules
• Defining Access Lists
• Using Standard Access Lists
• Using Extended Access Lists
• Filtering On Incoming and Outgoing Calls
• Understanding the IP Security Option for Cisco Routers
• Examining Packet Filter Placement and Address Spoofing
• Packet Filter Placement
• Filtering On Input and Output Ports
• Examining Protocol-Specific Issues in Packet Filtering
• Filtering FTP Network Traffic
• Filtering TELNET Network Traffic
• Filtering X-Windows Sessions
• Packet Filtering and the UDP Transport Protocol
• Packet Filtering ICMP
• Packet Filtering RIP
• Example Screening Router Configurations
• Case Study 1
• Case Study 2
• Case Study 3
• Summary
6. PC Packet Filters
• PC-based Packet Filter
• The KarlBridge Packet Filter
• The DrawBridge Packet Filter
• Summary
7. Firewall Architecture and Theory
• Examining Firewall Components
• Dual-Homed Host
• Bastion Hosts
• Screened Subnets
• Application-Level Gateways
• Summary
8. Firewall Implementations
• The TCP Wrapper
• Example 1
• Example 2
• Example 3
• Example 4
• The FireWall-1 Gateway
• Resource Requirements for FireWall-1
• Overview of FireWall-1 Architecture
• FireWall-1 Control Module
• Network Objects Manager
• Services Manager
• Rule-Base Manager
• Log Viewer
• Examples of FireWall-1 Applications
• Performance of FireWall-1
• FireWall-1 Rules Language
• Obtaining Information on FireWall-1
• ANS InterLock
• Resource Requirements for nInterLock
• Overview of InterLock
• Configuring InterLock
• The InterLock ACRB
• InterLock Proxy Application Gateway Services
• Additional Source of Information on ANS InterLock
• Trusted Information Systems Gauntlet
• Configuration Example Using Gauntlet
• Configuring Gauntlet
• Users View of Using the Gauntlet Firewall
• The TIS Firewall Toolkit
• Building the TIS Firewall Toolkit
• Configuring the Bastion Host with Minimal Services
• Installing the Toolkit Components
• The Network Permissions Table
• Summary
• Part III: Appendixes
1. List of Worksheets
2. Sources of Information
• Exploring Publicly Available Tools
• Tcpwrapper and Portmapper
• TIS Firewall Kit
• Bellcore S/Key
• The Swatch Logfile Monitor
• Tcpdump
• TAMU Tiger
• COPS
• Crack
• Finding Commercial Firewall Vendors
• Exploring Firewall and Security Mailing Lists
• Firewall Mailing Lists
• Security Forums
3. Vendor List

Basic knowledge regarding firewalls.