Network Security Fundamentals [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Network Security Fundamentals [Electronic resources] - نسخه متنی

Gert De Laet, Gert Schauwers

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Acknowledgments

Icons Used in This Book

Command Syntax Conventions

Foreword

Introduction

Part I. Introduction

Chapter 1. Network Security Overview

Defining Trust

Weaknesses and Vulnerabilities

Responsibilities for Network Security

Security Objectives

Conclusion

Q&A

Chapter 2. Understanding VulnerabilitiesThe Need for Security

Risk and Vulnerability

TCP/IP Suite Weaknesses

Buffer Overflows

Spoofing Techniques

Social Engineering

Conclusion

Q&A

Chapter 3. Understanding Defenses

Digital IDs

Intrusion Detection System

PC CardBased Solutions

Physical Security

Encrypted Login

Firewalls

Reusable Passwords

Antivirus Software

Encrypted Files

Biometrics

Conclusion

Q&A

Part II. Building Blocks

Chapter 4. Cryptography

Cryptography versus Cryptanalysis

Modern-Day Techniques

Conclusion

Q&A

Chapter 5. Security Policies

Defining a Security Policy?

Importance of a Security Policy

Development Process

Incident Handling Process

Security Wheel

Sample Security Policy

Conclusion

Q&A

Chapter 6. Secure Design

Network DesignPrinciples

Network DesignMethodology

Return on Investment

Physical Security Issues

Switches and Hubs

Conclusion

Q&A

Part III. Tools and Techniques

Chapter 7. Web Security

Hardening

Case Study

Conclusion

Q&A

Chapter 8. Router Security

Basic Router Security

Router Security to Protect the Network

CBAC

Case Study

Conclusion

Q&A

References in This Chapter

Chapter 9. Firewalls

Firewall Basics

Different Types of Firewalls

Enhancements for Firewalls

Case Study: Placing Filtering Routers and Firewalls

Summary

Q&A

Chapter 10. Intrusion Detection System Concepts

Introduction to Intrusion Detection

Host-Based IDSs

Network-Based IDSs

IDS Management CommunicationsMonitoring the Network

Sensor Maintenance

Case Study: Deployment of IDS Sensors in the Organization and Their Typical Placement

Conclusion

Q&A

Chapter 11. Remote Access

AAA Model

AAA Servers

Lock-and-Key Feature

Two-Factor Identification

Case Study: Configuring Secure Remote Access

Summary

Q&A

Chapter 12. Virtual Private Networks

Generic Routing Encapsulation Tunnels

IP Security

VPNs with IPSec

Case Study: Remote Access VPN

Conclusion

Q&A

Chapter 13. Public Key Infrastructure

Public Key Distribution

Trusted Third Party

PKI Topology

Enrollment Procedure

Revocation Procedure

Case Study: Creating Your Own CA

Conclusion

Q&A

Chapter 14. Wireless Security

Different WLAN Configurations

What Is a WLAN?

How Wireless Works

Risks of Open Wireless Ports

War-Driving and War-Chalking

SAFE WLAN Design Techniques and Considerations

Case Study: Adding Wireless Solutions to a Secure Network

Conclusion

Q&A

Chapter 15. Logging and Auditing

Logging

SYSLOG

Simple Network Management Protocol

Remote Monitoring

Service Assurance Agent

Case Study

Conclusion

Q&A

Part IV. Appendixes

Appendix A. SAFE Blueprint

Introduction to the SAFE Blueprint

SAFE Blueprint: Overview of the Architecture

Summary

References in This Appendix

Appendix B. SANS Policies

SANS Overview

SANS Initiatives and Programs

Security Policy Project

Is It a Policy, a Standard, or a Guideline?

References in This Appendix

Appendix C. NSA Guidelines

Security Guides

References in This Appendix

Appendix D. Answers to Chapter Q&A

Chapter 1 Q&A

Chapter 2 Q&A

Chapter 3 Q&A

Chapter 4 Q&A

Chapter 5 Q&A

Chapter 6 Q&A

Chapter 7 Q&A

Chapter 8 Q&A

Chapter 9 Q&A

Chapter 10 Q&A

Chapter 11 Q&A

Chapter 12 Q&A

Chapter 13 Q&A

Chapter 14 Q&A

Chapter 15 Q&A

Bibliography

Books

Website References

Index
توضیحات
افزودن یادداشت جدید

Case Study: Creating Your Own CA


This case study shows you how to install your own CA. For this case study, use the Windows 2000 server that comes with Microsoft CA software called Certificate Services. Other vendors, such as Netscape, also have certificate servers. All these servers can issue certificates, which can be used on any brand of web server and are accepted by any modern web browser.

To install Microsoft's Certificate Services, follow these steps:


Step 1.

Launch the Control Panel and click

Add/Remove Programs , as shown in Figure 13-12.

Figure 13-12. Add/Remove Programs

[View full size image]

Step 2.

On the screen that displays, click

Add/Remove Windows Components to get the Windows Components Wizard, as shown in Figure 13-13.

Figure 13-13. Windows Components Wizard

[View full size image]

If you click on the check box next to Certificate Services, a warning message is presented, as shown in Figure 13-14. By clicking

Yes on the warning message, you return to the Windows Component Wizard.

Figure 13-14. Warning Message

[View full size image]

Step 3.

On the Windows Component Wizard screen, click

Next to proceed to the next screen. That brings you to the screen shown in Figure 13-15.

Figure 13-15. Certification Authority Type

[View full size image]

Step 4.

Make sure that

Stand-alone root

CA is selected, as well as

Advanced options. Then click

Next to get to the screen shown in Figure 13-16. The choices you have specified for Figure 13-15 create a standalone root CA, and you will change some advanced options.

Figure 13-16. Public and Private Key Pair

[View full size image]

In the screen shown in Figure 13-16, you have to change the key length to the longest key offered. In this case, it is 1024. In general, longer keys take more CPU and memory, but they are more resistant to brute-force attacks. After clicking

Next on this screen, a screen displays on which you fill in information about the CA and specify where to store the certificates. After this process is finished, the CA is installed on your computer and is ready for use.


NOTE

After the installation of this software, it is advisable but not mandatory to reboot your server.

Now that the server is set up, you can use it to generate a certificate for a browser. To do so, follow these steps:


Step 1.

Connect to the certificate server by using the following URL: http://Servername/CertSrv/.

Step 2.

Make sure you select the

Request a certificate radio button, as shown in Figure 13-17.

Figure 13-17. Request a Certificate

[View full size image]

Step 3.

Click

Next to go to the next screen, which is shown in Figure 13-18.

Figure 13-18. Choose Request Type

[View full size image]

On the screen displayed in Figure 13-18, you can choose a request type. The two choices available are an automated request (the first option) and a manual request (the second option). For this case study, choose the first option. This automated option lets you choose between a Web Browser Certificate and an E-Mail Protection Certificate.

Step 4.

Click

Web Browser Certificate >

Next to proceed to the next screen, which is shown in Figure 13-19.

Figure 13-19. Identifying Information

[View full size image]

Step 5.

On that screen, fill in the contact information that will appear on your certificate and then click the

Submit button.

The request is sent to the server, where it waits for the administrator to issue the certificate. You see the Certificate Pending screen shown in Figure 13-20.

Figure 13-20. Certificate Pending

[View full size image]

Figure 13-21 is a screenshot from the server. In that screenshot, you can see that the request is pending and that the administrator is going to approve the certificate and issue it.

Figure 13-21. Certificate Being Issued

[View full size image]

Step 6.

After the CA has issued your certificate, open the web page again, as shown in Figure 13-17. Select the first task to retrieve the certificate.

Step 7.

After it is downloaded, double-click on the certificate so that you can install it. When you click

Install Certificate , you start the Certificate Import Wizard, as shown in Figure 13-22. Click

Next .

Figure 13-22. Certificate Import Wizard

The Certificate Store shown in Figure 13-23 displays.

Figure 13-23. Certificate Store

Step 8.

Select a store where the certificates are to be kept. Choose automatic selection or point the Wizard to a storage location.

The certificate is installed on your PC, as you can see in Figure 13-24. You can see who issued the certificate, the date that it was issued, and the day it will expire. If you click on the Details tab, you can also verify all the details of the certificate.

Figure 13-24. Certificate Information



/ 196