1. Here There Be Hackers! Essentials First: Looking for a Target. Hacking Innocent Information. Targets of Opportunity. Are You a Target of Opportunity? Targets of Choice. Are You a Target of Choice? The Process of an Attack. Reconnaissance and Footprinting (a.k.a. Casing the Joint). Scanning. Enumeration. Gaining Access. Application Attacks. Misconfiguration Attacks. Script Attacks. Escalating Privilege. Covering Tracks. Network Security Organizations. SANS. Center for Internet Security (CIS). SCORE. Internet Storm Center. ICAT Metabase. Security Focus. Learning from the Network Security Organizations. Overview of Common Attacks and Exploits. Chapter Summary. Chapter Review.
2. Security Policies and Responses. Defining Trust. Acceptable Use Policy. Policy Overview. Purpose. Scope General Use and Ownership. Security and Proprietary Information. Unacceptable Use. E-mail and Communications Activities. Enforcement. Conclusion. Password Policy. Overview. Purpose. Scope. General Policy. General Password Construction Guidelines. Password Protection Standards. Enforcement. Conclusion. Virtual Private Network (VPN) Security Policy. Scope. Policy. Conclusion. Extranet Connection Policy. Scope. Security Review. Third-Party Connection Agreement. Business Case. Point of Contact. Establishing Connectivity. Modifying or Changing Connectivity and Access. Terminating Access. Conclusion. ISO Certification and Security. Sample Security Policies on the Internet. Chapter Summary. Chapter Review.
3. Overview of Security Technologies. Security First Design Concepts. Packet Filtering via Access Control Lists (ACLs). Limitations of Packet Filtering. Stateful Packet Inspection (SPI). Detailed Packet Flow Using SPI. Limitations of Stateful Packet Inspection. Network Address Translation (NAT). NAT's Limitations. Proxies and Application Level Protection. Content Filters. Public Key Infrastructure (PKI). AAA Technologies. Authorization. Accounting. Remote Authentication Dial-In User Service (RADIUS). Terminal Access Controller Access Control System (TACACS). TACACS+ Versus RADIUS. Chapter Summary. Chapter Review Questions.
4. Security Protocols. DES Encryption. Limitations of DES. Triple DES Encryption. Limitations of 3DES. Message Digest 5 Algorithm. Point-to-Point Tunneling Protocol (PPTP). Limitations of PPTP. Layer 2 Tunneling Protocol (L2TP). Benefits of L2TP. L2TP Operation. Secure Shell (SSH). SSH Operation. Tunneling and Port Forwarding. Limitations of SSH. Chapter Summary. Chapter Review Questions.
5. Firewalls. Firewall Frequently Asked Questions. Why Do I Need a Firewall? Do I Have Anything Worth Protecting? What Does a Firewall Do? Firewalls Are "The Security Policy". Firewall Operational Overview. Implementing a Firewall. Determine the Inbound Access Policy. Determine Outbound Access Policy. Essentials First: Life in the DMZ. Case Studies. Case Study: Firewall Deployment with Mail Server Inside the Protected (Internal). Case Study: Firewall Deployment with Mail Server in DMZ. Firewall Limitations. Chapter Summary. Chapter Review Questions.
6. Router Security. Edge Router as a Choke Point. Edge Router as a Packet Inspector. Content-Based Packet Inspection. Intrusion Detection with Cisco IOS. When to Use the FFS IDS. FFS IDS Operational Overview. FFS Limitations. Secure IOS Template. Chapter Summary. Chapter Review Questions.
7. IPSec Virtual Private Networks (VPNs). Analogy: VPNs Connect IsLANds Securely. VPN Overview. VPN Benefits and Goals. VPN Implementation Strategies. Split Tunneling. Overview of IPSec VPNs. Tunneling Data. Encryption Modes. Transport Mode. IPSec Protocols. Internet Key Exchange (IKE). ISAKMP Overview. IPSec Operational Overview. IKE Phase 2. Diffie-Hellman Algorithm. Router Configuration as VPN Peer. Configuring IPSec. Step 2: Create the IPSec Transforms. Step 3: Create the Crypto Map. Step 4: Apply the Crypto Map to an Interface. Firewall VPN Configuration for Client Access. Chapter Summary. Chapter Review Questions.
8. Wireless Security. Essentials First: Wireless LANs. Benefits of Wireless LANs. Wireless Equals Radio Frequency. Wireless Networking. Coverage. Bandwidth Availability. WarGames Wirelessly. WarDriving. WarFlying. WarSpamming. WarSpying. Wireless Threats. Denial of Service Attacks. Rogue/Unauthorized Access Points. Incorrectly Configured Access Points. Network Abuses. Wireless Security. Device and Access Point Association. Wired Equivalent Privacy (WEP). MAC Address Filtering. Extensible Authentication Protocol (EAP). LEAP (EAP-Cisco). EAP-TLS EAP-TTLS. Essentials First: Wireless Hacking Tools. Wireless Packet Sniffers. AirSNORT. Chapter Summary. Chapter Review Questions.
9. Intrusion Detection and Honeypots. Essentials First: Intrusion Detection. IDS Functional Overview. Host Intrusion Detection System (HIDS). How Are Intrusions Detected? Protocol Analysis. Anomaly Detection. Signature/Pattern Matching. Log Analysis. Combining Methods. Intrusion Prevention. IPS Responses and Actions. IDS Products. Essentials First: Honeypots. Honeypot Limitations. Chapter Summary. Chapter Review Questions.
10. Tools of the Trade. Essentials First: Vulnerability Analysis. Fundamental Attacks. Packet Sniffers. Denial of Service (DoS) Attacks. Man-in-the-Middle Attacks. Back Doors. Miscellaneous Attacks. Security Assessments and Penetration Testing. Internal Vulnerability and Penetration Assessment. External Penetration and Vulnerability Assessment. Physical Security Assessment. Miscellaneous Assessments. Vulnerability Scanners. Features and Benefits of Vulnerability Scanners. Nessus. In Their Own Words. Scan and Detection Accuracy. Documentation and Support. Reporting. Vulnerability Updates. Retina. Scan and Detection Accuracy. Documentation and Support. Reporting. Vulnerability Updates. Penetration Testing Products. Scan and Detection Accuracy. Documentation. Documentation and Support. Vulnerability Updates. Core Impact In Action. Chapter Summary. Chapter Review Questions.
Appendix A: Answers to Chapter Review Questions