• Index
• Reviews
• Errata
• Academic
Network Security Hacks
By Andrew Lockhart
Publisher: O''Reilly
Pub Date: April 2004
ISBN: 0-596-00643-8
Pages: 312
Slots: 1.0
Section 1. Secure Mount Points
Section 2. Scan for SUID and SGID Programs
Section 3. Scan For World- and Group-Writable Directories
Section 4. Create Flexible Permissions Hierarchies with POSIX ACLs
Section 5. Protect Your Logs from Tampering
Section 6. Delegate Administrative Roles
Section 7. Automate Cryptographic Signature Verification
Section 8. Check for Listening Services
Section 9. Prevent Services from Binding to an Interface
Section 10. Restrict Services with Sandboxed Environments
Section 11. Use proftp with a MySQL Authentication Source
Section 12. Prevent Stack-Smashing Attacks
Section 13. Lock Down Your Kernel with grsecurity
Section 14. Restrict Applications with grsecurity
Section 15. Restrict System Calls with Systrace
Section 16. Automated Systrace Policy Creation
Section 17. Control Login Access with PAM
Section 18. Restricted Shell Environments
Section 19. Enforce User and Group Resource Limits
Section 20. Automate System Updates
Chapter 2. Windows Host Security
Section 21. Check Servers for Applied Patches
Section 22. Get a List of Open Files and Their Owning Processes
Section 23. List Running Services and Open Ports
Section 25. Secure Your Event Logs
Section 26. Change Your Maximum Log File Sizes
Section 27. Disable Default Shares
Section 28. Encrypt Your Temp Folder
Section 29. Clear the Paging File at Shutdown
Section 30. Restrict Applications Available to Users
Section 31. Detect ARP Spoofing
Section 32. Create a Static ARP Table
Section 33. Firewall with Netfilter
Section 34. Firewall with OpenBSD''s PacketFilter
Section 35. Create an Authenticated Gateway
Section 36. Firewall with Windows
Section 37. Keep Your Network Self-Contained
Section 38. Test Your Firewall
Section 39. MAC Filtering with Netfilter
Section 40. Block OS Fingerprinting
Section 41. Fool Remote Operating System Detection Software
Section 42. Keep an Inventory of Your Network
Section 43. Scan Your Network for Vulnerabilities
Section 44. Keep Server Clocks Synchronized
Section 45. Create Your Own Certificate Authority
Section 46. Distribute Your CA to Clients
Section 47. Encrypt IMAP and POP with SSL
Section 48. Set Up TLS-Enabled SMTP
Section 49. Detect Ethernet Sniffers Remotely
Section 50. Install Apache with SSL and suEXEC
Section 53. Share Files Securely in Unix
Section 54. Run a Central Syslog Server
Section 56. Integrate Windows into Your Syslog Infrastructure
Section 57. Automatically Summarize Your Logs
Section 58. Monitor Your Logs Automatically
Section 59. Aggregate Logs from Remote Sites
Section 60. Log User Activity with Process Accounting
Chapter 5. Monitoring and Trending
Section 61. Monitor Availability
Section 63. Run ntop for Real-Time Network Stats
Section 64. Audit Network Traffic
Section 65. Collect Statistics with Firewall Rules
Section 66. Sniff the Ether Remotely
Section 67. Set Up IPsec Under Linux
Section 68. Set Up IPsec Under FreeBSD
Section 69. Set Up IPsec in OpenBSD
Section 71. Opportunistic Encryption with FreeS/WAN
Section 72. Forward and Encrypt Traffic with SSH
Section 73. Quick Logins with SSH Client Keys
Section 74. Squid Proxy over SSH
Section 75. Use SSH as a SOCKS Proxy
Section 76. Encrypt and Tunnel Traffic with SSL
Section 77. Tunnel Connections Inside HTTP
Section 78. Tunnel with VTun and SSH
Section 79. Automatic vtund.conf Generator
Section 80. Create a Cross-Platform VPN
Chapter 7. Network Intrusion Detection
Section 82. Detect Intrusions with Snort
Section 83. Keep Track of Alerts
Section 84. Real-Time Monitoring
Section 85. Manage a Sensor Network
Section 86. Write Your Own Snort Rules
Section 87. Prevent and Contain Intrusions with Snort_inline
Section 88. Automated Dynamic Firewalling with SnortSam
Section 89. Detect Anomalous Behavior
Section 90. Automatically Update Snort''s Rules
Section 91. Create a Distributed Stealth Sensor Network
Section 92. Use Snort in High-Performance Environments with Barnyard
Section 93. Detect and Prevent Web Application Intrusions
Section 94. Simulate a Network of Vulnerable Hosts
Section 95. Record Honeypot Activity
Chapter 8. Recovery and Response
Section 96. Image Mounted Filesystems
Section 97. Verify File Integrity and Find Compromised Files
Section 98. Find Compromised Packages with RPM
Section 99. Scan for Root Kits
Section 100. Find the Owner of a Network