IPv6 Security (Paperback)

Scott Hogg, Eric Vyncke

  • 出版商: Cisco Press
  • 出版日期: 2008-12-01
  • 定價: $2,240
  • 售價: 8.0$1,792
  • 語言: 英文
  • 頁數: 576
  • 裝訂: Paperback
  • ISBN: 1587055945
  • ISBN-13: 9781587055942
  • 相關分類: IPV6資訊安全
  • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

IPv6 Security

 

Protection measures for the next Internet Protocol

 

As the world’s networks migrate to the IPv6 protocol, networking professionals need a clearer understanding of the security risks, threats, and challenges this transition presents. In IPv6 Security, two of the world’s leading Internet security practitioners review each potential security issue introduced by IPv6 networking and present today’s best solutions.

 

IPv6 Security offers guidance for avoiding security problems prior to widespread IPv6 deployment. The book covers every component of today’s networks, identifying specific security deficiencies that occur within IPv6 environments and demonstrating how to combat them.

 

The authors describe best practices for identifying and resolving weaknesses as you maintain a dual stack network. Then they describe the security mechanisms you need to implement as you migrate to an IPv6-only network. The authors survey the techniques hackers might use to try to breach your network, such as IPv6 network reconnaissance, address spoofing, traffic interception, denial of service, and tunnel injection.

 

The authors also turn to Cisco® products and protection mechanisms. You learn how to use Cisco IOS® and ASA firewalls and ACLs to selectively filter IPv6 traffic. You also learn about securing hosts with Cisco Security Agent 6.0 and about securing a network with IOS routers and switches. Multiple examples are explained for Windows, Linux, FreeBSD, and Solaris hosts. The authors offer detailed examples that are consistent with today’s best practices and easy to adapt to virtually any IPv6 environment.

 

Scott Hogg, CCIE® No. 5133, is Director of Advanced Technology Services at Global Technology Resources, Inc. (GTRI). He is responsible for setting the company’s technical direction and helping it create service offerings for emerging technologies such as IPv6. He is the Chair of the Rocky Mountain IPv6 Task Force.

 

Eric Vyncke, Cisco Distinguished System Engineer, consults on security issues throughout Europe. He has 20 years’ experience in security and teaches security seminars as a guest professor at universities throughout Belgium. He also participates in the Internet Engineering Task Force (IETF) and has helped several organizations deploy IPv6 securely.

 

  • Understand why IPv6 is already a latent threat in your IPv4-only network
  • Plan ahead to avoid IPv6 security problems before widespread deployment
  • Identify known areas of weakness in IPv6 security and the current state of attack tools and hacker skills
  • Understand each high-level approach to securing IPv6 and learn when to use each
  • Protect service provider networks, perimeters, LANs, and host/server connections
  • Harden IPv6 network devices against attack
  • Utilize IPsec in IPv6 environments
  • Secure mobile IPv6 networks
  • Secure transition mechanisms in use during the migration from IPv4 to IPv6
  • Monitor IPv6 security
  • Understand the security implications of the IPv6 protocol, including issues related to ICMPv6 and the IPv6 header structure
  • Protect your network against large-scale threats by using perimeter filtering techniques and service provider–focused security practices
  • Understand the vulnerabilities that exist on IPv6 access networks and learn solutions for mitigating each

 

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: IPv6 Security

 

 

商品描述(中文翻譯)

《IPv6安全》

下一代網際網路協議的保護措施

隨著全球網絡遷移到IPv6協議,網絡專業人員需要更清晰地了解這一轉變帶來的安全風險、威脅和挑戰。在《IPv6安全》一書中,兩位世界領先的網絡安全專家回顧了IPv6網絡引入的每個潛在安全問題,並提出了當今最佳解決方案。

《IPv6安全》提供了在廣泛部署IPv6之前避免安全問題的指導。本書涵蓋了當今網絡的每個組件,識別了IPv6環境中出現的具體安全缺陷,並展示了如何解決這些問題。

作者描述了在維護雙堆疊網絡時識別和解決弱點的最佳實踐。然後,他們描述了在遷移到僅使用IPv6的網絡時需要實施的安全機制。作者們調查了黑客可能使用的技術,試圖入侵您的網絡,例如IPv6網絡偵察、地址欺騙、流量截取、阻斷服務和隧道注入。

作者還介紹了Cisco®產品和保護機制。您將學習如何使用Cisco IOS®和ASA防火牆和ACL有選擇性地過濾IPv6流量。您還將了解如何使用Cisco Security Agent 6.0保護主機,以及如何使用IOS路由器和交換機保護網絡。書中詳細解釋了Windows、Linux、FreeBSD和Solaris主機的多個示例,這些示例符合當今最佳實踐,並且易於適應幾乎任何IPv6環境。

Scott Hogg,CCIE® No. 5133,是Global Technology Resources, Inc. (GTRI)的高級技術服務總監。他負責設定公司的技術方向,並幫助創建IPv6等新興技術的服務提供。他是Rocky Mountain IPv6 Task Force的主席。

Eric Vyncke,思科傑出系統工程師,在整個歐洲就安全問題提供諮詢。他在安全領域擁有20年的經驗,並作為客座教授在比利時的大學教授安全研討會。他還參與了互聯網工程任務組(IETF),並幫助多個組織安全地部署IPv6。

本書包含以下內容:
- 瞭解為什麼IPv6已經是IPv4-only網絡中的潛在威脅
- 提前計劃,避免廣泛部署IPv6時的安全問題
- 確定IPv6安全的已知弱點和攻擊工具和黑客技能的現狀
- 瞭解保護IPv6的每種高級方法,並學習何時使用每種方法
- 保護服務提供商網絡、邊界、局域網和主機/服務器連接
- 加固IPv6網絡設備以防攻擊
- 在IPv6環境中使用IPsec
- 保護移動IPv6網絡
- 在從IPv4遷移到IPv6的過程中保護過渡機制
- 監控IPv6安全
- 瞭解IPv6協議的安全影響,包括與ICMPv6和IPv6標頭結構相關的問題
- 通過使用邊界過濾技術和服務提供商專注的安全實踐,保護您的網絡免受大規模威脅
- 瞭解IPv6接入網絡存在的漏洞,並學習緩解每個漏洞的解決方案

本書提供了詳細的示例,符合當今最佳實踐,並且易於適應幾乎任何IPv6環境。