- Copyright
- About the Lead Author
- About the Contributing Authors
- Acknowledgments
- We Want to Hear from You!
- Reader Services
- Introduction
- I. Security Concepts
- 1. Building a Roadmap for Securing Your Enterprise
- 2. The State of the Net: A World at War
- 3. Hackers and Crackers
- 4. Mining the Data Monster
- 5. Internal Security
- II. Hacking 101
- 6. A Brief TCP/IP Primer
- 7. Spoofing Attacks
- 8. Personal Privacy
- 9. Dispelling Some of the Myths
- When Can Attacks Occur?
- What Kinds of Attackers Exist?
- Operating Systems Used by Crackers
- Is There a Typical Attack?
- Who Gets Targeted Most Frequently?
- What Is the Motivation Behind Attacks?
- Summary
- III. A Defender’s Toolkit
- 10. Firewalls
- What Is a Firewall?
- Other Features Found in Firewall Products
- Firewalls Are Not Bulletproof
- A Look Under the Hood of Firewalling Products
- Programmers Bypassing the Firewall
- Pitfalls of Firewalling
- Firewall Appliances
- Building Firewalls in the Real World
- Sample Failures of Firewall Technology
- Commercial Firewalls
- Summary
- 11. Vulnerability Assessment Tools (Scanners)
- 12. Intrusion Detection Systems
- 13. Logging Tools
- 14. Password Security
- 15. Sniffers
- Sniffers as Security Risks
- What Level of Risk Do Sniffers Represent?
- Has Anyone Actually Seen a Sniffer Attack?
- What Information Do Sniffers Capture?
- Where Is One Likely to Find a Sniffer?
- Where Can I Get a Sniffer?
- Commercial Sniffers
- Sniffer Technologies and Products from Network Associates
- Finisar-Systems Surveyor
- PacketView by Klos Technologies
- Ranger Network Probe from Network Communications
- LANWatch by Precision Guesswork
- EtherPeek and AiroPeek from WildPackets Inc.
- NetMinder Ethernet by Neon Software
- LinkView Classic Network Analyzer by Acterna
- ProConvert from WildPackets, Inc.
- LANdecoder32 by Triticom
- Vericept
- Freely Available Sniffers
- Commercial Sniffers
- Defeating Sniffer Attacks
- Summary
- Further Reading on Sniffers
- 10. Firewalls
- IV. Weapons of Mass Destruction
- 16. Denial-of-Service Attacks
- 17. Viruses and Worms
- 18. Trojans
- V. Architecture, Platforms, and Security
- 19. Network Architecture Considerations
- 20. Microsoft
- Windows 9x and Windows Me
- Windows NT
- Internal Windows NT Security
- Windows 2000
- Improvements to Security
- Windows 2000 Distributed Security Overview
- General Windows 2000 Security Vulnerabilities
- The Malformed Data Transfer Request Vulnerability
- The Windows 2000 Directory Service Restore Mode Password Vulnerability
- The Netmon Protocol Parsing Vulnerability
- The Network Dynamic Data Exchange (DDE) Agent Request Vulnerability
- The Phone Book Service Buffer Overflow Vulnerability
- The Telnet Client NTLM Authentication Vulnerability
- The Telnet Server Flooding Vulnerability
- Summary of Windows 2000
- Windows XP
- Modern Vulnerabilities in Microsoft Applications
- Microsoft Internet Explorer
- Microsoft Exchange Server
- Microsoft Exchange Encapsulated SMTP Address Vulnerability
- Microsoft Exchange Malformed MIME Header Vulnerability
- Microsoft Exchange NNTP Denial-of-Service Vulnerability
- Microsoft Exchange SMTP Denial of Service Vulnerability
- Microsoft Exchange Error Message Vulnerability
- Microsoft Exchange User Account Vulnerability
- Internet Information Server
- Buffer Overrun in HTR ISAPI Extension Vulnerability
- Cross-Site Scripting in IIS Help File Search Facility Vulnerability
- The IIS Cross-Site Scripting Vulnerabilities
- The IIS Malformed Web Form Submission Vulnerability
- The IIS New Variant of File Fragment Reading via .HTR Vulnerability
- The IIS Session ID Cookie Marking Vulnerability
- The IIS Web Server File Request Parsing Vulnerability
- The Invalid URL Vulnerability
- The Myriad Escaped Characters Vulnerability
- The Web Server Folder Traversal Vulnerability
- Tools
- Access Control Software
- Good Online Sources of Information
- The Windows NT Security FAQ
- NTBugTraq
- NTSECURITY.com for Windows 2000 and Windows NT
- Expert Answers for Windows XP, Windows 2000, Windows NT, and Windows 9x/Me
- Windows IT Security (Formerly NTSecurity.net)
- “An Introduction to the Windows 2000 Public Key Infrastructure”
- Windows and .NET Magazine Online
- Securing Windows NT Installation
- Checklist for Upgrading to Windows 2000 Server
- The University of Texas at Austin Computation Center NT Archive
- Books on Windows 2000 and Windows NT Security
- Summary
- 21. Unix
- A Whistle-Stop Tour of Unix History
- Classifying Unix Distributions
- Security Considerations in Choosing a Distribution
- Unix Security Risks
- Breaking set-uid Programs for Fun and Profit
- Rootkits and Defenses
- Host Network Security
- Telnet
- An Essential Tool: Secure Shell
- FTP
- The r Services
- REXEC
- SMTP
- DNS
- finger
- SNMP
- Network File System
- The Caveats of chroot
- Better the Daemon You Know…
- Assessing Your Unix Systems for Vulnerabilities
- Summary
- 22. Novell NetWare
- The OS Facts of Life
- Watching the Big Three
- Server Environment
- Client Environment
- Novell Directory Services (NDS) Environment
- A Good Start: Intruder Detection
- User Names: Admin
- Guest and Other No-Password Users
- Understanding and Applying NDS “Best Practices”
- NDS Auditing Tools
- AuditWare for NDS
- bv-Control for NDS
- JRButils
- LT Auditor+ 8.0
- Commercial Secure Remote Control Products
- SecureConsole for NetWare 3.4
- AdRem sfConsole
- Useful Freeware
- Further Reading
- Summary
- 23. Routers, Switches, and Hubs
- 24. Macintosh
- Mac OS X—Apple’s New Operating System
- Establishing the Macintosh as a Server
- Vulnerabilities on the Macintosh Platform
- About File Sharing and Security
- Server Management and Security
- Firewall Protection
- Internal Security
- Mac OS X Screensaver Password Protection
- Mac OS X Login
- BootLogger
- DiskLocker
- Empower
- Ferret
- Filelock
- FullBack
- Invisible Oasis
- TypeRecorder
- KeysOff and KeysOff Enterprise
- LockOut
- OnGuard Emergency Passwords
- Password Key
- Password Security Control Panel Emergency Password
- Aladdin Secure Delete
- SecurityWare Locks
- Stealth Signal
- Mac OS X Single User Root Mode
- Super Save 2.02
- SubRosa Utilities
- Open Firmware Password Protection
- Password Crackers and Related Utilities
- Anonymous Email and Mailbombing
- Macintosh Viruses, Worms, and Antivirus Solutions
- Spyware and Detection
- Resources
- 25. Policies, Procedures, and Enforcement
- VI. Security and Integrated Services
- 26. Secure Application Development, Languages, and Extensions
- 27. Wireless Security Auditing
- VII. References
- A. Security Bibliography—Further Reading
- B. How to Get More Information
- C. Vendor Information and Security Standards
- D. What’s on the CD-ROM
- Glossary
- 28. CD-ROM
IN THIS APPENDIX
This appendix is designed to provide you with some of the sources consulted in this book, as well as sites (or documents) that can assist you in better understanding security.
The following list of resources includes articles, papers, and tools. The majority were authored or created by individuals working in security.
The BugTraq List. This list is for posting or discussing bugs in various operating systems, although Unix is the most often discussed. The information here can be quite explicit. If you are looking to learn the fine aspects (and cutting-edge news) of Unix security, this list is for you. Instructions for subscribing can be found at http://online.securityfocus.com/cgi-bin/sfonline/subscribe.pl.
Intrusion Detection Systems. This list concentrates on discussions about methods of intrusion or intrusion detection.
Target: [email protected]
Command:
subscribe ids(in body of message)
The NT Security List. This list is devoted to discussing all techniques of security related to the Microsoft Windows NT operating system. Individuals also discuss security aspects of other Microsoft operating systems.
Target: [email protected]
Command:
subscribe ntsecurity(in body of message)
The NTBugTraq List. This list is for posting or discussing bugs in Windows NT/2000.
Target: [email protected]
Command:
SUBSCRIBE NTBUGTRAQfirstname lastname
The Secure HTTP List. This list is devoted to the discussion of S-HTTP and techniques to facilitate this new form of security for WWW transactions.
Target: [email protected]
Command:
SUBSCRIBE(in body of message)
The Sneakers List. This list discusses methods of circumventing firewall and general security. This list is reserved for lawful tests and techniques.
Target: [email protected]
Command:
SUBSCRIBE Sneakers(in body of message)
The WWW Security List. List members discuss all techniques to maintain (or subvert) WWW security (things involving secure methods of HTML, HTTP and CGI).
Target: [email protected]
Command:
SUBSCRIBE www-securityyour_email_address(in body of message)
-
No Comment