Firewalls and Internet Security : Repelling the Wily Hacker
by Cheswick, William R.; Bellovin, Steven M.; Rubin, Aviel D.Edition: 2nd
Format: Paperback
Pub. Date: 2003-01-01
Publisher(s): Addison-Wesley Professional
Other versions by this Author
-
This Item Qualifies for Free Shipping!*
*Excludes marketplace orders.
List Price: $59.99
Rent Book
Select for Price
New Book
We're Sorry
Sold Out
Used Book
We're Sorry
Sold Out
eBook
We're Sorry
Not Available
How Marketplace Works:
- This item is offered by an independent seller and not shipped from our warehouse
- Item details like edition and cover design may differ from our description; see seller's comments before ordering.
- Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
- Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
- Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.
Summary
Written by two AT&T Bell Labs researchers who helped break the infamous "Berferd" hacker case, this book gives you invaluable advice and practical tools for protecting your organization's computers from the very real threat of a hacker attack through the Internet. The authors show you step-by-step how to set up a firewall gateway-a dedicated computer equipped with safeguards that acts as a single, more easily defended, Internet connection.
Table of Contents
| Preface | |
| Getting Started | |
| Introduction | |
| Why Security? | |
| Picking a Security Policy | |
| Strategies for a Secure Network | |
| The Ethics of Computer Security | |
| Warning | |
| An Overview of TCP/IP | |
| The Different Layers | |
| Routers and Routing Protocols | |
| The Domain Name System | |
| Standard Services | |
| RPC | |
| Based Protocols | |
| File Transfer Protocols | |
| The r Commands | |
| Information Services | |
| The X11 System | |
| Patterns of Trust | |
| Building Your Own Firewall | |
| Firewall Gateways | |
| Firewall Philosophy | |
| Situating Firewalls | |
| Packet-Filtering Gateways | |
| Application-Level Gateways | |
| Circuit-Level Gateways | |
| Supporting Inbound Services | |
| Tunnels Good and Bad | |
| Joint Ventures | |
| What Firewalls Can't Do | |
| How to Build an Application-Level Gateway | |
| Policy | |
| Hardware Configuration Options | |
| Initial Installation | |
| Gateway Tools | |
| Installing Services | |
| Protecting the Protectors | |
| Gateway Administration | |
| Safety Analysis (Why Our Setup Is Secure and Fail-Safe) | |
| Performance | |
| The TIS Firewall Toolkit | |
| Evaluating Firewalls | |
| Living Without a Firewall | |
| Authentication | |
| User Authentication | |
| Host-to-Host Authentication | |
| Gateway Tools | |
| Proxylib | |
| Syslog | |
| Watching the Network: Tcpdump and Friends | |
| Adding Logging to Standard Daemons | |
| Traps, Lures, and Honey Pots | |
| What to Log | |
| Dummy Accounts | |
| Tracing the Connection | |
| The Hacker's Workbench | |
| Introduction | |
| Discovery | |
| Probing Hosts | |
| Connection Tools | |
| Routing Games | |
| Network Monitors | |
| Metastasis | |
| Tiger Teams | |
| Further Reading | |
| A Book Back | |
| Classes of Attacks | |
| Stealing Passwords | |
| Social Engineering | |
| Bugs and Backdoors | |
| Authentication Failures | |
| Protocol Failures | |
| Information Leakage | |
| Denial-of-Service | |
| An Evening with Berferd | |
| Introduction | |
| Unfriendly Acts | |
| An Evening with Berferd | |
| The Day After | |
| The Jail | |
| Tracing Berferd | |
| Berferd Comes Home | |
| Where the Wild Things Are: A Look at the Logs | |
| A Year of Hacking | |
| Proxy Use | |
| Attack Sources | |
| Noise on the Line | |
| Odds And Ends | |
| Legal Considerations | |
| Computer Crime Statutes | |
| Log Files as Evidence | |
| Is Monitoring Legal? | |
| Tort Liability Considerations | |
| Secure Communications over Insecure Networks | |
| An Introduction to Cryptography | |
| The Kerberos Authentication System | |
| Link-Level Encryption | |
| Network- and Transport-Level Encryption | |
| Application-Level Encryption | |
| Where Do We Go from Here? | |
| Useful Free Stuff | |
| Building Firewalls | |
| Network Management and Monitoring Tools | |
| Auditing Packages | |
| Cryptographic Software | |
| Information Sources | |
| TCP and UDP Ports | |
| Fixed Ports | |
| MBone Usage | |
| Recommendations to Vendors | |
| Everyone | |
| Hosts | |
| Routers | |
| Protocols | |
| Firewalls | |
| Bibliography | |
| List of Bombs | |
| Index | |
| Table of Contents provided by Publisher. All Rights Reserved. |
An electronic version of this book is available through VitalSource.
This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.
By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.
Digital License
You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.
More details can be found here.
A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.
Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.
Please view the compatibility matrix prior to purchase.