Network Security Hacks

Andrew Lockhart

  • 出版商: O'Reilly
  • 出版日期: 2004-04-01
  • 售價: $1,060
  • 貴賓價: 9.5$1,007
  • 語言: 英文
  • 頁數: 304
  • 裝訂: Paperback
  • ISBN: 0596006438
  • ISBN-13: 9780596006433
  • 相關分類: 資訊安全
  • 已過版
    無現貨庫存(No stock available)



To the uninitiated, the title may seem like an oxymoron: after all, aren't hacks what network security is supposed to prevent? But if you're network administrator, this book's title not only makes sense; it makes a lot of sense. You know that a busy administrator needs a hatful of devilishly effective security hacks to keep your 12-hour days from becoming all-nighters.

Network Security Hacks is not a long-winded treatise on security theory. Instead, this information packed little book provides 100 quick, practical, and clever things to do to help make your Linux, UNIX, or Windows networks more secure today.

This compendium of security hacks doesn't just cover securing TCP/IP-based services, but also provides intelligent host-based security techniques. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, Network Security Hacks will demonstrate effective methods for defending your servers and networks from a variety of devious and subtle attacks.

Network Security Hacks show how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Important security tools are presented, as well as clever methods for using them to reveal real, timely, useful information about what is happening on your network.

O'Reilly's Hacks Series reclaims the term "hacking" for the good guys--innovators who use their ingenuity to solve interesting problems, explore and experiment, unearth shortcuts, and create useful tools. Network Security Hacks lives up to reputation the Hacks series has earned by providing the "roll-up-your sleeves and get-it-done" hacks that most network security tomes don't offer. Every hack can be read in just a few minutes but will save hours of searching for the right answer.

Using just one of these amazing hacks will make this slim book's price seem like a remarkable deal. The other 99 make Network Security Hacks absolutely invaluable.

Table of Contents:



Chapter 1. Unix Host Security
      1. Secure Mount Points
      2. Scan for SUID and SGID Programs
      3. Scan For World- and Group-Writable Directories
      4. Create Flexible Permissions Hierarchies with POSIX ACLs
      5. Protect Your Logs from Tampering
      6. Delegate Administrative Roles
      7. Automate Cryptographic Signature Verification
      8. Check for Listening Services
      9. Prevent Services from Binding to an Interface
      10. Restrict Services with Sandboxed Environments
      11. Use proftp with a MySQL Authentication Source
      12. Prevent Stack-Smashing Attacks
      13. Lock Down Your Kernel with grsecurity
      14. Restrict Applications with grsecurity
      15. Restrict System Calls with Systrace
      16. Automated Systrace Policy Creation
      17. Control Login Access with PAM
      18. Restricted Shell Environments
      19. Enforce User and Group Resource Limits
      20. Automate System Updates

Chapter 2. Windows Host Security
      21. Check Servers for Applied Patches
      22. Get a List of Open Files and Their Owning Processes
      23. List Running Services and Open Ports
      24. Enable Auditing
      25. Secure Your Event Logs
      26. Change Your Maximum Log File Sizes
      27. Disable Default Shares
      28. Encrypt Your Temp Folder
      29. Clear the Paging File at Shutdown
      30. Restrict Applications Available to Users

Chapter 3. Network Security
      31. Detect ARP Spoofing
      32. Create a Static ARP Table
      33. Firewall with Netfilter
      34. Firewall with OpenBSD's PacketFilter
      35. Create an Authenticated Gateway
      36. Firewall with Windows
      37. Keep Your Network Self-Contained
      38. Test Your Firewall
      39. MAC Filtering with Netfilter
      40. Block OS Fingerprinting
      41. Fool Remote Operating System Detection Software
      42. Keep an Inventory of Your Network
      43. Scan Your Network for Vulnerabilities
      44. Keep Server Clocks Synchronized
      45. Create Your Own Certificate Authority
      46. Distribute Your CA to Clients
      47. Encrypt IMAP and POP with SSL
      48. Set Up TLS-Enabled SMTP
      49. Detect Ethernet Sniffers Remotely
      50. Install Apache with SSL and suEXEC
      51. Secure BIND
      52. Secure MySQL
      53. Share Files Securely in Unix

Chapter 4. Logging
      54. Run a Central Syslog Server
      55. Steer Syslog
      56. Integrate Windows into Your Syslog Infrastructure
      57. Automatically Summarize Your Logs
      58. Monitor Your Logs Automatically
      59. Aggregate Logs from Remote Sites
      60. Log User Activity with Process Accounting

Chapter 5. Monitoring and Trending
      61. Monitor Availability
      62. Graph Trends
      63. Run ntop for Real-Time Network Stats
      64. Audit Network Traffic
      65. Collect Statistics with Firewall Rules
      66. Sniff the Ether Remotely

Chapter 6. Secure Tunnels
      67. Set Up IPsec Under Linux
      68. Set Up IPsec Under FreeBSD
      69. Set Up IPsec in OpenBSD
      70. PPTP Tunneling
      71. Opportunistic Encryption with FreeS/WAN
      72. Forward and Encrypt Traffic with SSH
      73. Quick Logins with SSH Client Keys
      74. Squid Proxy over SSH
      75. Use SSH as a SOCKS Proxy
      76. Encrypt and Tunnel Traffic with SSL
      77. Tunnel Connections Inside HTTP
      78. Tunnel with VTun and SSH
      79. Automatic vtund.conf Generator
      80. Create a Cross-Platform VPN
      81. Tunnel PPP

Chapter 7. Network Intrusion Detection
      82. Detect Intrusions with Snort
      83. Keep Track of Alerts
      84. Real-Time Monitoring
      85. Manage a Sensor Network
      86. Write Your Own Snort Rules
      87. Prevent and Contain Intrusions with Snort_inline
      88. Automated Dynamic Firewalling with SnortSam
      89. Detect Anomalous Behavior
      90. Automatically Update Snort's Rules
      91. Create a Distributed Stealth Sensor Network
      92. Use Snort in High-Performance Environments with Barnyard
      93. Detect and Prevent Web Application Intrusions
      94. Simulate a Network of Vulnerable Hosts
      95. Record Honeypot Activity

Chapter 8. Recovery and Response
      96. Image Mounted Filesystems
      97. Verify File Integrity and Find Compromised Files
      98. Find Compromised Packages with RPM
      99. Scan for Root Kits
      100. Find the Owner of a Network