reklama - zainteresowany?

Network Security Hacks. 2nd Edition - Helion

Network Security Hacks. 2nd Edition
ebook
Autor: Andrew Lockhart
ISBN: 978-05-965-5143-8
stron: 480, Format: ebook
Data wydania: 2006-10-30
Księgarnia: Helion

Cena książki: 118,15 zł (poprzednio: 137,38 zł)
Oszczędzasz: 14% (-19,23 zł)

Dodaj do koszyka Network Security Hacks. 2nd Edition

Tagi: Bezpieczeństwo sieci | Budowa sieci | Konfiguracja sieci

In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The second edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.

This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending and incident response.

In fact, this "roll up your sleeves and get busy" security book features updated tips, tricks & techniques across the board to ensure that it provides the most current information for all of the major server software packages. These hacks are quick, clever, and devilishly effective.

Dodaj do koszyka Network Security Hacks. 2nd Edition

Spis treści

Network Security Hacks. 2nd Edition eBook -- spis treści

  • Network Security Hacks
    • SPECIAL OFFER: Upgrade this ebook with OReilly
    • Copyright
    • Credits
      • About the Author
      • Contributors
      • Acknowledgments
    • Preface
      • Why Network Security Hacks?
      • How This Book Is Organized
      • Conventions Used in This Book
      • Safari Enabled
      • Using Code Examples
      • How to Contact Us
      • Got a Hack?
    • 1. Unix Host Security
      • Hack #1. Secure Mount Points
      • Hack #2. Scan for SUID and SGID Programs
      • Hack #3. Scan for World- and Group-Writable Directories
      • Hack #4. Create Flexible Permissions Hierarchies with POSIX ACLs
        • Enabling ACLs
        • Managing ACLs
      • Hack #5. Protect Your Logs from Tampering
      • Hack #6. Delegate Administrative Roles
      • Hack #7. Automate Cryptographic Signature Verification
      • Hack #8. Check for Listening Services
      • Hack #9. Prevent Services from Binding to an Interface
      • Hack #10. Restrict Services with Sandboxed Environments
        • Using chroot()
        • Using FreeBSDs jail()
      • Hack #11. Use proftpd with a MySQL Authentication Source
        • See Also
      • Hack #12. Prevent Stack-Smashing Attacks
      • Hack #13. Lock Down Your Kernel with grsecurity
        • Patching the Kernel
        • Configuring Kernel Options
          • Low security
          • Medium security
          • High security
          • Customized security settings
      • Hack #14. Restrict Applications with grsecurity
      • Hack #15. Restrict System Calls with systrace
      • Hack #16. Create systrace Policies Automatically
      • Hack #17. Control Login Access with PAM
        • Limiting Access by Origin
        • Restricting Access by Time
      • Hack #18. Restrict Users to SCP and SFTP
        • Setting Up rssh
        • Configuring chroot()
      • Hack #19. Use Single-Use Passwords for Authentication
        • OPIE Under FreeBSD
        • S/Key Under OpenBSD
      • Hack #20. Restrict Shell Environments
      • Hack #21. Enforce User and Group Resource Limits
      • Hack #22. Automate System Updates
    • 2. Windows Host Security
      • Hack #23. Check Servers for Applied Patches
        • Using HFNetChk
        • See Also
      • Hack #24. Use Group Policy to Configure Automatic Updates
        • Some Recommendations
        • Digging Deeper
      • Hack #25. List Open Files and Their Owning Processes
      • Hack #26. List Running Services and Open Ports
      • Hack #27. Enable Auditing
      • Hack #28. Enumerate Automatically Executed Programs
      • Hack #29. Secure Your Event Logs
      • Hack #30. Change Your Maximum Log File Sizes
      • Hack #31. Back Up and Clear the Event Logs
        • The Code
        • Running the Hack
      • Hack #32. Disable Default Shares
      • Hack #33. Encrypt Your Temp Folder
      • Hack #34. Back Up EFS
        • Backing Up Encrypted Data and EFS Keys
        • Restoring EFS Keys
        • Backing Up Recovery Agent Keys
      • Hack #35. Clear the Paging File at Shutdown
      • Hack #36. Check for Passwords That Never Expire
        • The Code
        • Running the Hack
    • 3. Privacy and Anonymity
      • Hack #37. Evade Traffic Analysis
        • Onion Routing
        • Installing Tor
        • Installing Privoxy
        • Configuring Privoxy for Tor
        • See Also
      • Hack #38. Tunnel SSH Through Tor
        • See Also
      • Hack #39. Encrypt Your Files Seamlessly
      • Hack #40. Guard Against Phishing
        • SpoofGuard
        • Installing SpoofGuard
        • How SpoofGuard Works
      • Hack #41. Use the Web with Fewer Passwords
        • PwdHash
        • Remote PwdHash
      • Hack #42. Encrypt Your Email with Thunderbird
        • Setting Up Thunderbird
        • Providing a Public/Private Key Pair
          • Importing an existing key pair
          • Generating a new key pair
        • Sending and Receiving Encrypted Email
      • Hack #43. Encrypt Your Email in Mac OS X
        • Installing GPG
        • Creating a GPG Key
        • Installing GPGMail
        • Sending and Receiving Encrypted Email
    • 4. Firewalling
      • Hack #44. Firewall with Netfilter
        • Setting the Filtering Policy
        • Rule Examples
        • A Word About Stateful Inspection
        • Ordering Rules
      • Hack #45. Firewall with OpenBSDs PacketFilter
        • Configuring PF
        • Global Options
        • Traffic Normalization Rules
        • Filtering Rules
      • Hack #46. Protect Your Computer with the Windows Firewall
        • Allow Programs to Bypass the Firewall
        • Tracking Firewall Activity with a Windows Firewall Log
        • Problems with Email and the Windows Firewall
        • Hacking the Hack
        • See Also
      • Hack #47. Close Down Open Ports and Block Protocols
      • Hack #48. Replace the Windows Firewall
        • Installing CORE FORCE
        • The Configuration Wizard
        • Manual Configuration
      • Hack #49. Create an Authenticated Gateway
      • Hack #50. Keep Your Network Self-Contained
      • Hack #51. Test Your Firewall
      • Hack #52. MAC Filter with Netfilter
      • Hack #53. Block Tor
    • 5. Encrypting and Securing Services
      • Hack #54. Encrypt IMAP and POP with SSL
      • Hack #55. Use TLS-Enabled SMTP with Sendmail
      • Hack #56. Use TLS-Enabled SMTP with Qmail
      • Hack #57. Install Apache with SSL and suEXEC
        • Apache 1.x
        • Apache 2.x
      • Hack #58. Secure BIND
        • See Also
      • Hack #59. Set Up a Minimal and Secure DNS Server
        • Installing daemontools
        • Installing Djbdns
        • Adding Records
      • Hack #60. Secure MySQL
      • Hack #61. Share Files Securely in Unix
    • 6. Network Security
      • Hack #62. Detect ARP Spoofing
      • Hack #63. Create a Static ARP Table
      • Hack #64. Protect Against SSH Brute-Force Attacks
        • Changing the Port
        • Disabling Password Authentication
        • Firewalling the SSH Daemon
          • Limiting connections to your sshd
          • Parsing logs and blocking an IP
          • Rate-limiting SYN packets
      • Hack #65. Fool Remote Operating System Detection Software
      • Hack #66. Keep an Inventory of Your Network
      • Hack #67. Scan Your Network for Vulnerabilities
        • Nessus 2.x
        • Nessus 3.x
      • Hack #68. Keep Server Clocks Synchronized
      • Hack #69. Create Your Own Certificate Authority
        • Creating the CA
        • Signing Certificates
      • Hack #70. Distribute Your CA to Clients
      • Hack #71. Back Up and Restore a Certificate Authority with Certificate Services
        • Backing Up a CA
        • The Certification Authority Backup Wizard
        • Restoring a CA to a Working Server
        • Restoring a CA to a Different Server
        • Decommissioning the Old CA
      • Hack #72. Detect Ethernet Sniffers Remotely
        • Sniffing Shared Mediums
        • Sniffing in Switched Environments
        • Installing SniffDet
        • Testing with ARP Queries
      • Hack #73. Help Track Attackers
      • Hack #74. Scan for Viruses on Your Unix Servers
        • Installing ClamAV
        • Configuring clamd
      • Hack #75. Track Vulnerabilities
        • Mailing Lists
        • RSS Feeds
        • Cassandra
        • Summary
    • 7. Wireless Security
      • Hack #76. Turn Your Commodity Wireless Routers into a Sophisticated Security Platform
      • Hack #77. Use Fine-Grained Authentication for Your Wireless Network
        • Deploying the RADIUS Server
        • Configuring Your AP
      • Hack #78. Deploy a Captive Portal
        • The Authentication Server
        • Installing the Gateway
    • 8. Logging
      • Hack #79. Run a Central Syslog Server
      • Hack #80. Steer Syslog
      • Hack #81. Integrate Windows into Your Syslog Infrastructure
        • Using NTsyslog
        • Using Eventlog to Syslog
      • Hack #82. Summarize Your Logs Automatically
      • Hack #83. Monitor Your Logs Automatically
        • Installing swatch
        • Configuration Syntax
      • Hack #84. Aggregate Logs from Remote Sites
        • Compiling syslog-ng
        • Configuring syslog-ng
        • Translating Your syslog.conf
      • Hack #85. Log User Activity with Process Accounting
      • Hack #86. Centrally Monitor the Security Posture of Your Servers
        • Installation
        • Adding Agents
        • Installing a Windows Agent
        • Configuration
        • Active Responses
        • See Also
    • 9. Monitoring and Trending
      • Hack #87. Monitor Availability
        • Installing Nagios
        • Installing Plug-ins
        • Configuring Nagios
          • Adding hosts to monitor
          • Creating host groups
          • Creating contacts and contact groups
          • Configuring services to monitor
          • Defining time periods
      • Hack #88. Graph Trends
      • Hack #89. Get Real-Time Network Stats
      • Hack #90. Collect Statistics with Firewall Rules
      • Hack #91. Sniff the Ether Remotely
    • 10. Secure Tunnels
      • Hack #92. Set Up IPsec Under Linux
      • Hack #93. Set Up IPsec Under FreeBSD
        • Client Configuration
        • Gateway Configuration
        • Using x.509 Certificates
      • Hack #94. Set Up IPsec in OpenBSD
        • Password Authentication
        • Certificate Authentication
      • Hack #95. Encrypt Traffic Automatically with Openswan
      • Hack #96. Forward and Encrypt Traffic with SSH
      • Hack #97. Automate Logins with SSH Client Keys
      • Hack #98. Use a Squid Proxy over SSH
      • Hack #99. Use SSH As a SOCKS Proxy
      • Hack #100. Encrypt and Tunnel Traffic with SSL
        • Building Stunnel
        • Configuring stunnel
        • Encrypting Services
      • Hack #101. Tunnel Connections Inside HTTP
      • Hack #102. Tunnel with VTun and SSH
        • Configuring VTun
        • Testing VTun
        • Encrypting the Tunnel
      • Hack #103. Generate VTun Configurations Automatically
        • The Code
        • Running the Hack
      • Hack #104. Create a Cross-Platform VPN
        • Installing OpenVPN
        • Testing OpenVPN
        • Creating Your Configuration
        • Using OpenVPN and Windows
        • Using OpenVPN with Mac OS X
      • Hack #105. Tunnel PPP
        • See Also
    • 11. Network Intrusion Detection
      • Hack #106. Detect Intrusions with Snort
        • Installing Snort
        • Testing Snort
        • Configuring Snort
        • See Also
      • Hack #107. Keep Track of Alerts
      • Hack #108. Monitor Your IDS in Real Time
        • Creating the Database
        • Setting Up the Server
        • Installing a Sensor
          • Patching Snort
          • Patching Barnyard
        • Finishing Up
      • Hack #109. Manage a Sensor Network
        • Installing the Prerequisites
        • Setting Up the Console
        • Setting Up an Agent
        • Adding an Agent to the Console
      • Hack #110. Write Your Own Snort Rules
        • Rule Basics
          • Actions
          • Protocols
          • IP addresses
          • Ports
        • Options
          • Adding human-readable messages
          • Inspecting packet content
          • Matching TCP flags
        • Thresholding
          • Thresholding by signature ID
          • Thresholding with rule options
        • Suppression
      • Hack #111. Prevent and Contain Intrusions with Snort_inline
      • Hack #112. Automatically Firewall Attackers with SnortSam
        • Installing SnortSam
        • Configuring SnortSam
        • See Also
      • Hack #113. Detect Anomalous Behavior
      • Hack #114. Automatically Update Snorts Rules
      • Hack #115. Create a Distributed Stealth Sensor Network
      • Hack #116. Use Snort in High-Performance Environments with Barnyard
        • Installation
        • Configuring Snort
        • Configuring Barnyard
        • Testing Barnyard
      • Hack #117. Detect and Prevent Web Application Intrusions
        • Installing mod_security
        • Enabling and Configuring mod_security
        • Creating Filters
        • See Also
      • Hack #118. Scan Network Traffic for Viruses
        • Patching Snort
        • Configuring the Preprocessor
          • Ports to scan
          • Direction to scan
          • Blocking propagation
          • Miscellaneous options
        • Trying It Out
      • Hack #119. Simulate a Network of Vulnerable Hosts
        • Compiling honeyd
        • Configuring honeyd
        • Running honeyd
        • Testing honeyd
      • Hack #120. Record Honeypot Activity
        • Installing the Linux Client
        • Setting Up the Server
        • Installing the Windows Client
    • 12. Recovery and Response
      • Hack #121. Image Mounted Filesystems
      • Hack #122. Verify File Integrity and Find Compromised Files
        • Building and Installing Tripwire
        • Configuring Tripwire
        • Day-to-Day Use
        • See Also
      • Hack #123. Find Compromised Packages
        • Using RPM
        • Using Other Package Managers
      • Hack #124. Scan for Rootkits
      • Hack #125. Find the Owner of a Network
        • Getting DNS Information
        • Getting Netblock Information
    • About the Author
    • Colophon
    • SPECIAL OFFER: Upgrade this ebook with OReilly

Dodaj do koszyka Network Security Hacks. 2nd Edition

Code, Publish & WebDesing by CATALIST.com.pl



(c) 2005-2024 CATALIST agencja interaktywna, znaki firmowe należą do wydawnictwa Helion S.A.