Guide to Firewalls and Network Security With Intrusion Detection and VPNs

ISBN-10: 1435420160
ISBN-13: 9781435420168
Edition: 2nd 2009
List price: $235.95
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: Firewalls are among the best-known security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when they are backed by effective security planning, a well-designed security  More...

what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Periodic Table Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $235.95
Edition: 2nd
Copyright year: 2009
Publisher: Course Technology
Publication date: 6/10/2008
Binding: Paperback
Pages: 520
Size: 7.50" wide x 9.05" long x 1.00" tall
Weight: 1.694
Language: English

Firewalls are among the best-known security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when they are backed by effective security planning, a well-designed security policy, and when they work in concert with anti-virus software, intrusion detection systems, and other tools. This book aims to explore firewalls in the context of these other elements, providing readers with a solid, in-depth introduction to firewalls that focuses on both managerial and technical aspects of security. Coverage includes packet filtering, authentication, proxy servers, encryption, bastion hosts, virtual private networks (VPNs), log file maintenance, and intrusion detection systems. The second edition offers updated content and brand new material, from enhanced coverage of non-firewall subjects like information and network security to an all-new section dedicated to intrusion detection in the context of incident response. Book jacket.

Richard Austin is a professional photographer who's worked with newspapers and magazines for the past twenty years. He lives in Devon, England.

Herbert J. Mattord, Ph.D, CISM, CISSP, teaches courses in Information Security and Assurance at Kennesaw State University (KSU) in Kennesaw, GA. He is the associate director of the KSU Center for Information Security Education (infosec.kennesaw.edu), as well as the coordinator for the KSU Information Security and Assurance and Information Systems programs of study. He completed 26 years of IT industry experience before becoming a full-time academic in 2002. His experiences as an application developer, database administrator, project manager, and information security practitioner are a valuable background to his teaching role at KSU. While engaged in his IT career, he worked as an adjunct professor at KSU, Southern Polytechnic State University in Marietta, Georgia, Austin Community College in Austin, Texas, and Texas State University-San Marcos. He was formerly the manager of corporate information technology security at Georgia-Pacific Corporation, where his practical knowledge of information security implementation and management was acquired. Dr. Mattord is the co-author of ten textbooks, notably Principles of Information Security and Management of Information Security. Dr. Mattord completed his Ph.D. in Information Systems with a concentration in Information Security at Nova Southeastern University.

Michael E. Whitman, Ph.D, CISM, CISSP, is a professor of information security and director of the Coles Center for Information Security Education at Kennesaw State University (KSU) in Kennesaw, GA. With over 12 years of experience designing and implementing information security curriculum and over 20 years of experience teaching and researching at the university level, Dr. Whitman has served as a consultant to several Fortune 1000 organizations, the United States Government, and the State of Georgia on issues related to information security. He has authored several textbooks in information security including Principles of Information Security and Management of Information Security, published by Cengage/Course Technology. Dr. Whitman is an active researcher in information security, fair and responsible use policies, and ethical computing. He has published over 40 articles in top venues such as Information Systems Research, the Communications of the ACM, Information and Management, and the Journal of International Business Studies, among others. He is a member of the Information Systems Security Association, the Association for Computing Machinery, and the Association for Information Systems. Prior to his academic career, Dr. Whitman served on active duty with the 1st Squadron, 2nd Armored Cavalry Regiment in Germany where his duties included the role of Automated Data Processing Systems Security Officer (ADPSSO).

Introduction
Introduction to Information Security
Introduction
What Is Information Security?
Critical Characteristics of Information
CNSS Security Model
Securing Components
Balancing Information Security and Access
Business Needs First
Protecting the Functionality of an Organization
Enabling the Safe Operation of Applications
Protecting Data That Organizations Collect and Use
Safeguarding Technology Assets in Organizations
Security Professionals and the Organization
Data Ownership
Threats
Human Error or Failure
Compromises to Intellectual Property
Espionage or Trespass
Information Extortion
Sabotage or Vandalism
Theft
Software Attacks
Forces of Nature
Deviations in Quality of Service
Hardware Failures or Errors
Software Failures or Errors
Obsolescence
Attacks
Malicious Code
"Hoaxes"
Back Doors
Password Crack
Brute Force
Dictionary
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS)
Spoofing
Man-in-the-Middle
Spam
Mail Bombing
Sniffers
Social Engineering
Buffer Overflow
Timing Attack
Chapter Summary
Review Questions
Exercises
Case Exercises
An Introduction to Networking
Introduction
Networking Fundamentals
Reasons to Network
Types of Networks
Network Standards
Internet Society (ISOC)
Internet Assigned Numbers Authority (IANA)
American National Standards Institute (ANSI)
International Telecommunication Union (ITU)
Institute of Electrical and Electronics Engineers (IEEE)
Telecommunications Industry Association (TIA)
International Organization for Standardization (ISO)
OSI Reference Model and Security
The Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer
The Internet and TCP/IP
The World Wide Web
TCP/IP
Chapter Summary
Review Questions
Exercises
Case Exercises
Security Policies, Standards, and Planning
Introduction
Information Security Policy, Standards, and Practices
Definitions
Enterprise Information Security Policy (EISP)
Issue-Specific Security Policy (ISSP)
System-Specific Policy (SysSP)
Policy Management
Frameworks and Industry Standards
The ISO 27000 Series
NIST Security Models
IETF Security Architecture
Benchmarking and Best Business Practices
Security Architecture
Security Education, Training, and Awareness Program
Security Education
Security Training
Security Awareness
Continuity Strategies
Business Impact Analysis
Incident Response Planning
Disaster Recovery Planning
Business Continuity Planning
Crisis Management
Chapter Summary
Review Questions
Exercises
Case Exercises
Finding Network Vulnerabilities
Introduction
Common Vulnerabilities
Defects in Software or Firmware
Weaknesses in Processes and Procedures
Scanning and Analysis Tools
Port Scanners
Firewall Analysis Tools
Operating System Detection Tools
Vulnerability Scanners
Packet Sniffers
Wireless Security Tools
Penetration Testing
Chapter Summary
Review Questions
Exercises
Case Exercises
Firewall Planning and Design
Introduction
Misconceptions About Firewalls
Firewalls Explained
An Analogy: Office Tower Security Guard
Firewall Security Features
Firewall User Protection
Firewall Network Perimeter Security
Firewall Components
Firewall Security Tasks
Types of Firewall Protection
Packet Filtering
PAT and NAT
Application Layer Gateways
Firewall Categories
Processing Mode
Firewall Generation
Firewall Structures
Firewall Architectures
Limitations of Firewalls
Chapter Summary
Review Questions
Exercises
Case Exercises
Packet Filtering
Introduction
Understanding Packets and Packet Filtering
Packet-Filtering Devices
Anatomy of a Packet
Packet-Filtering Rules
Packet-Filtering Methods
Stateless Packet Filtering
Stateful Packet Filtering
Filtering Based on Packet Content
Setting Specific Packet Filter Rules
Best Practices for Firewall Rules
Rules That Cover Multiple Variations
Rules for ICMP Packets
Rules That Enable Web Access
Rules That Enable DNS
Rules That Enable FTP
Rules That Enable E-Mail
Chapter Summary
Review Questions
Exercises
Case Exercises
Working with Proxy Servers and Application-Level Firewalls
Introduction
Overview of Proxy Servers
How Proxy Servers Work
How Proxy Servers Differ from Packet Filters
Sample Proxy Server Configurations
Goals of Proxy Servers
Concealing Internal Clients
Blocking URLs
Blocking and Filtering Content
E-Mail Proxy Protection
Improving Performance
Ensuring Security
Providing User Authentication
Redirecting URLs
Proxy Server Configuration Considerations
Providing for Scalability
Working with Client Configurations
Working with Service Configurations
Creating Filter Rules
Recognizing the Single Point of Failure
Recognizing Buffer Overflow Vulnerabilities
Choosing a Proxy Server
Transparent Proxies
Nontransparent Proxies
SOCKS-Based Proxies
Proxy Server-Based Firewalls Compared
T.REX Open-Source Firewall
Squid
WinGate
Symantec Enterprise Firewall
Microsoft Internet Security & Acceleration Server
Reverse Proxies
When a Proxy Service Isn't the Correct Choice
Chapter Summary
Review Questions
Exercises
Case Exercises
Firewall Configuration and Administration
Introduction
Establishing Firewall Rules and Restrictions
The Role of the Rules File
Restrictive Firewalls
Connectivity-Based Firewalls
Firewall Configuration Strategies
Scalability
Productivity
Dealing with IP Address Issues
Approaches That Add Functionality to Your Firewall
NAT/PAT
Encryption
Application Proxies
VPNs
Intrusion Detection and Prevention Systems
Enabling a Firewall to Meet New Needs
Verifying Resources Needed by the Firewall
Identifying New Risks
Adding Software Updates and Patches
Adding Hardware
Dealing with Complexity on the Network
Adhering to Proven Security Principles
Environmental Management
BIOS, Boot, and Screen Locks
Remote Management Interface
Why Remote Management Tools Are Important
Security Concerns
Basic Features of Remote Management Tools
Automating Security Checks
Configuring Advanced Firewall Functions
Data Caching
Hot Standby Redundancy
Load Balancing
Filtering Content
Chapter Summary
Review Questions
Exercises
Case Exercises
Encryption and Firewalls
Introduction
Firewalls and Encryption
The Cost of Encryption
Preserving Data Integrity
Maintaining Confidentiality
Authenticating Network Clients
Enabling Virtual Private Networks (VPNs)
Principles of Cryptography
Encryption Definitions
Cryptographic Notation
Encryption Operations
Using Cryptographic Controls
E-mail Security
Securing the Web
Securing Authentication
Attacks on Cryptosystems
Man-in-the-Middle Attack
Correlation Attacks
Dictionary Attacks
Timing Attacks
Defending from Attacks
Chapter Summary
Review Questions
Exercises
Case Exercises
Authenticating Users
Introduction
The Authentication Process in General
How Firewalls Implement the Authentication Process
Firewall Authentication Methods
User Authentication
Client Authentication
Session Authentication
Centralized Authentication
Kerberos
TACACS+
Remote Authentication Dial-In User Service (RADIUS)
TACACS+ and RADIUS Compared
Password Security Issues
Passwords That Can Be Cracked
Password Vulnerabilities
Lax Security Habits
Password Security Tools
One-Time Password Software
The Shadow Password System
Other Authentication Systems
Single-Password Systems
One-Time Password Systems
Certificate-Based Authentication
802.1X Wi-Fi Authentication
Chapter Summary
Review Questions
Exercises
Case Exercises
Setting Up a Virtual Private Network
Introduction
VPN Components and Operations
VPN Components
Essential Activities of VPNs
Benefits and Drawbacks of VPNs
VPNs Extend Network Boundaries
Types of VPNs
VPN Appliances
Software VPN Systems
VPN Combinations of Hardware and Software
Combination VPNs
VPN Setups
Mesh Configuration
Hub-and-Spoke Configuration
Hybrid Configuration
Configurations and Extranet and Intranet Access
Tunneling Protocols Used with VPNs
IPSec/IKE
PPTP
L2TP
PPP Over SSL/PPP Over SSH
Enabling Remote Access Connections Within VPNs
Configuring the Server
Configuring Clients
VPN Best Practices
The Need for a VPN Policy
Packet Filtering and VPNs
Auditing and Testing the VPN
Chapter Summary
Review Questions
Exercises
Case Exercises
Contingency Planning
Introduction
What Is Contingency Planning?
Components of Contingency Planning
Business Impact Analysis
Incident Response Plan
Disaster Recovery Plan
Business Continuity Plan
Incident Response: Preparation, Organization, and Prevention
Planning for the Response During the Incident
Planning for After the Incident
Planning for Before the Incident
Incident Classification and Detection
Classifying Incidents
Data Collection
Detecting Compromised Software
Challenges in Intrusion Detection
Incident Reaction
Selecting an IR Strategy
Notification
Documenting an Incident
Incident Containment Strategies
Interviewing Individuals Involved in the Incident
Recovering from Incidents
Identify and Resolve Vulnerabilities
Restore Data
Restore Services and Processes
Restore Confidence Across the Organization
IR Plan Maintenance
The After-Action Review
IR Plan Review and Maintenance
Training
Rehearsal
Data and Application Resumption
Disk-to-Disk-to-Tape
Backup Strategies
Tape Backup and Recovery
Redundancy-Based Backup and Recovery Using RAID
Database Backups
Application Backups
Real-Time Protection, Server Recovery, and Application Recovery
Service Agreements
Chapter Summary
Review Questions
Exercises
Case Exercises
Intrusion Detection and Prevention Systems
Introduction
Intrusion Detection and Prevention
IDPS Terminology
Why Use an IDPS?
Network-Based IDPS
Host-Based IDPS
IDPS Detection Methods
IDPS Response Behavior
Selecting IDPS Approaches and Products
Strengths and Limitations of IDPSs
Deployment and Implementation of an IDPS
Measuring the Effectiveness of IDPSs
Honey Pots, Honey Nets, and Padded Cell System
Trap and Trace Systems
Active Intrusion Prevention
Chapter Summary
Review Questions
Exercises
Case Exercises
Digital Forensics
Introduction
The Digital Forensic Team
The First Response Team
The Analysis Team
Digital Forensics Methodology
Affidavits and Search Warrants
Acquiring the Evidence
Identifying Sources
Authenticating Evidence
Collecting Evidence
Maintaining the Chain of Custody
Analyzing Evidence
Searching for Evidence
Reporting the Findings
Interacting with Law Enforcement
Anti-Forensics
Chapter Summary
Review Questions
Exercises
Case Exercise
Glossary
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×