Building Internet Firewalls

ISBN-10: 1565928717
ISBN-13: 9781565928718
Edition: 2nd 2000
List price: $59.99 Buy it from $3.00
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into  More...

New Starting from $56.44
eBooks Starting from $47.99
Rent
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Periodic Table Online content $4.95 $1.99
Add to cart
Study Briefs
Medical Terminology Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $59.99
Edition: 2nd
Copyright year: 2000
Publisher: O'Reilly Media, Incorporated
Publication date: 7/6/2000
Binding: Paperback
Pages: 896
Size: 7.25" wide x 9.25" long x 1.75" tall
Weight: 2.794
Language: English

In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated "Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, "Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes: Firewall technologies: packet filtering, proxying, network address translation, virtual private networks Architectures such as screening routers, dual-homed hosts, screened hosts, screenedsubnets, perimeter networks, internal firewalls Issues involved in a variety of new Internet services and protocols through a firewall Email and News Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo) File transfer and sharing services such as NFS, Samba Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000 Real-time conferencing services such as ICQ and talk Naming and directory services (e.g., DNS, NetBT, the Windows Browser) Authentication and auditing services (e.g., PAM, Kerberos, RADIUS); Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics) Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP) Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server) The book's complete list of resources includes the location of many publicly available firewall construction tools.

Preface
Network Security
Why Internet Firewalls?
What Are You Trying to Protect?
What Are You Trying to Protect Against?
Who Do You Trust?
How Can You Protect Your Site?
What Is an Internet Firewall?
Religious Arguments
Internet Services
Secure Services and Safe Services
The World Wide Web
Electronic Mail and News
File Transfer, File Sharing, and Printing
Remote Access
Real-Time Conferencing Services
Naming and Directory Services
Authentication and Auditing Services
Administrative Services
Databases
Games
Security Strategies
Least Privilege
Defense in Depth
Choke Point
Weakest Link
Fail-Safe Stance
Universal Participation
Diversity of Defense
Simplicity
Security Through Obscurity
Building Firewalls
Packets and Protocols
What Does a Packet Look Like?
IP
Protocols Above IP
Protocols Below IP
Application Layer Protocols
IP Version 6
Non-IP Protocols
Attacks Based on Low-Level Protocol Details
Firewall Technologies
Some Firewall Definitions
Packet Filtering
Proxy Services
Network Address Translation
Virtual Private Networks
Firewall Architectures
Single-Box Architectures
Screened Host Architectures
Screened Subnet Architectures
Architectures with Multiple Screened Subnets
Variations on Firewall Architectures
Terminal Servers and Modem Pools
Internal Firewalls
Firewall Design
Define Your Needs
Evaluate the Available Products
Put Everything Together
Packet Filtering
What Can You Do with Packet Filtering?
Configuring a Packet Filtering Router
What Does the Router Do with Packets?
Packet Filtering Tips and Tricks
Conventions for Packet Filtering Rules
Filtering by Address
Filtering by Service
Choosing a Packet Filtering Router
Packet Filtering Implementations for General-Purpose Computers
Where to Do Packet Filtering
What Rules Should You Use?
Putting It All Together
Proxy Systems
Why Proxying?
How Proxying Works
Proxy Server Terminology
Proxying Without a Proxy Server
Using SOCKS for Proxying
Using the TIS Internet Firewall Toolkit for Proxying
Using Microsoft Proxy Server
What If You Can't Proxy?
Bastion Hosts
General Principles
Special Kinds of Bastion Hosts
Choosing a Machine
Choosing a Physical Location
Locating Bastion Hosts on the Network
Selecting Services Provided by a Bastion Host
Disabling User Accounts on Bastion Hosts
Building a Bastion Host
Securing the Machine
Disabling Nonrequired Services
Operating the Bastion Host
Protecting the Machine and Backups
Unix and Linux Bastion Hosts
Which Version of Unix?
Securing Unix
Disabling Nonrequired Services
Installing and Modifying Services
Reconfiguring for Production
Running a Security Audit
Windows NT and Windows 2000 Bastion Hosts
Approaches to Building Windows NT Bastion Hosts
Which Version of Windows NT?
Securing Windows NT
Disabling Nonrequired Services
Installing and Modifying Services
Internet Services
Internet Services and Firewalls
Attacks Against Internet Services
Evaluating the Risks of a Service
Analyzing Other Protocols
What Makes a Good Firewalled Service?
Choosing Security-Critical Programs
Controlling Unsafe Configurations
Intermediary Protocols
Remote Procedure Call (RPC)
Distributed Component Object Model (DCOM)
NetBIOS over TCP/IP (NetBT)
Common Internet File System (CIFS) and Server Message Block (SMB)
Common Object Request Broker Architecture (CORBA) and Internet Inter-Orb Protocol (IIOP)
ToolTalk
Transport Layer Security (TLS) and Secure Socket Layer (SSL)
The Generic Security Services API (GSSAPI)
IPsec
Remote Access Service (RAS)
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Transport Protocol (L2TP)
The World Wide Web
HTTP Server Security
HTTP Client Security
HTTP
Mobile Code and Web-Related Languages
Cache Communication Protocols
Push Technologies
RealAudio and RealVideo
Gopher and WAIS
Electronic Mail and News
Electronic Mail
Simple Mail Transfer Protocol (SMTP)
Other Mail Transfer Protocols
Microsoft Exchange
Lotus Notes and Domino
Post Office Protocol (POP)
Internet Message Access Protocol (IMAP)
Microsoft Messaging API (MAPI)
Network News Transfer Protocol (NNTP)
File Transfer, File Sharing, and Printing
File Transfer Protocol (FTP)
Trivial File Transfer Protocol (TFTP)
Network File System (NFS)
File Sharing for Microsoft Networks
Summary of Recommendations for File Sharing
Printing Protocols
Related Protocols
Remote Access to Hosts
Terminal Access (Telnet)
Remote Command Execution
Remote Graphical Interfaces
Real-Time Conferencing Services
Internet Relay Chat (IRC)
ICQ
Talk
Multimedia Protocols
NetMeeting
Multicast and the Multicast Backbone (MBONE)
Naming and Directory Services
Domain Name System (DNS)
Network Information Service (NIS)
NetBIOS for TCP/IP Name Service and Windows Internet Name Service
The Windows Browser
Lightweight Directory Access Protocol (LDAP)
Active Directory
Information Lookup Services
Authentication and Auditing Services
What Is Authentication?
Passwords
Authentication Mechanisms
Modular Authentication for Unix
Kerberos
NTLM Domains
Remote Authentication Dial-in User Service (RADIUS)
TACACS and Friends
Auth and identd
Administrative Services
System Management Protocols
Routing Protocols
Protocols for Booting and Boot-Time Configuration
ICMP and Network Diagnostics
Network Time Protocol (NTP)
File Synchronization
Mostly Harmless Protocols
Databases and Games
Databases
Games
Two Sample Firewalls
Screened Subnet Architecture
Merged Routers and Bastion Host Using General-Purpose Hardware
Keeping Your Site Secure
Security Policies
Your Security Policy
Putting Together a Security Policy
Getting Strategic and Policy Decisions Made
What If You Can't Get a Security Policy?
Maintaining Firewalls
Housekeeping
Monitoring Your System
Keeping up to Date
How Long Does It Take?
When Should You Start Over?
Responding to Security Incidents
Responding to an Incident
What to Do After an Incident
Pursuing and Capturing the Intruder
Planning Your Response
Being Prepared
Appendixes
Resources
Tools
Cryptography
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×