Building Internet Firewalls - Brossura

Preface; Scope of This Book; Audience; Platforms; Products; Examples; Conventions Used in This Book; Comments and Questions; Acknowledgments for the Second Edition; Acknowledgments for the First Edition; Part I: Network Security; Chapter 1: Why Internet Firewalls?; 1.1 What Are You Trying to Protect?; 1.2 What Are You Trying to Protect Against?; 1.3 Who Do You Trust?; 1.4 How Can You Protect Your Site?; 1.5 What Is an Internet Firewall?; 1.6 Religious Arguments; Chapter 2: Internet Services; 2.1 Secure Services and Safe Services; 2.2 The World Wide Web; 2.3 Electronic Mail and News; 2.4 File Transfer, File Sharing, and Printing; 2.5 Remote Access; 2.6 Real-Time Conferencing Services; 2.7 Naming and Directory Services; 2.8 Authentication and Auditing Services; 2.9 Administrative Services; 2.10 Databases; 2.11 Games; Chapter 3: Security Strategies; 3.1 Least Privilege; 3.2 Defense in Depth; 3.3 Choke Point; 3.4 Weakest Link; 3.5 Fail-Safe Stance; 3.6 Universal Participation; 3.7 Diversity of Defense; 3.8 Simplicity; 3.9 Security Through Obscurity; Part II: Building Firewalls; Chapter 4: Packets and Protocols; 4.1 What Does a Packet Look Like?; 4.2 IP; 4.3 Protocols Above IP; 4.4 Protocols Below IP; 4.5 Application Layer Protocols; 4.6 IP Version 6; 4.7 Non-IP Protocols; 4.8 Attacks Based on Low-Level Protocol Details; Chapter 5: Firewall Technologies; 5.1 Some Firewall Definitions; 5.2 Packet Filtering; 5.3 Proxy Services; 5.4 Network Address Translation; 5.5 Virtual Private Networks; Chapter 6: Firewall Architectures; 6.1 Single-Box Architectures; 6.2 Screened Host Architectures; 6.3 Screened Subnet Architectures; 6.4 Architectures with Multiple Screened Subnets; 6.5 Variations on Firewall Architectures; 6.6 Terminal Servers and Modem Pools; 6.7 Internal Firewalls; Chapter 7: Firewall Design; 7.1 Define Your Needs; 7.2 Evaluate the Available Products; 7.3 Put Everything Together; Chapter 8: Packet Filtering; 8.1 What Can You Do with Packet Filtering?; 8.2 Configuring a Packet Filtering Router; 8.3 What Does the Router Do with Packets?; 8.4 Packet Filtering Tips and Tricks; 8.5 Conventions for Packet Filtering Rules; 8.6 Filtering by Address; 8.7 Filtering by Service; 8.8 Choosing a Packet Filtering Router; 8.9 Packet Filtering Implementations for General-Purpose Computers; 8.10 Where to Do Packet Filtering; 8.11 What Rules Should You Use?; 8.12 Putting It All Together; Chapter 9: Proxy Systems; 9.1 Why Proxying?; 9.2 How Proxying Works; 9.3 Proxy Server Terminology; 9.4 Proxying Without a Proxy Server; 9.5 Using SOCKS for Proxying; 9.6 Using the TIS Internet Firewall Toolkit for Proxying; 9.7 Using Microsoft Proxy Server; 9.8 What If You Can't Proxy?; Chapter 10: Bastion Hosts; 10.1 General Principles; 10.2 Special Kinds of Bastion Hosts; 10.3 Choosing a Machine; 10.4 Choosing a Physical Location; 10.5 Locating Bastion Hosts on the Network; 10.6 Selecting Services Provided by a Bastion Host; 10.7 Disabling User Accounts on Bastion Hosts; 10.8 Building a Bastion Host; 10.9 Securing the Machine; 10.10 Disabling Nonrequired Services; 10.11 Operating the Bastion Host; 10.12 Protecting the Machine and Backups; Chapter 11: Unix and Linux Bastion Hosts; 11.1 Which Version of Unix?; 11.2 Securing Unix; 11.3 Disabling Nonrequired Services; 11.4 Installing and Modifying Services; 11.5 Reconfiguring for Production; 11.6 Running a Security Audit; Chapter 12: Windows NT and Windows 2000 Bastion Hosts; 12.1 Approaches to Building Windows NT Bastion Hosts; 12.2 Which Version of Windows NT?; 12.3 Securing Windows NT; 12.4 Disabling Nonrequired Services; 12.5 Installing and Modifying Services; Part III: Internet Services; Chapter 13: Internet Services and Firewalls; 13.1 Attacks Against Internet Services; 13.2 Evaluating the Risks of a Service; 13.3 Analyzing Other Protocols; 13.4 What Makes a Good Firewalled Service?; 13.5 Choosing Security-Critical Programs; 13.6 Controlling Unsafe Configurations; Chapter 14: Intermediary Protocols; 14.1 Remote Procedure Call (RPC); 14.2 Distributed Component Object Model (DCOM); 14.3 NetBIOS over TCP/IP (NetBT); 14.4 Common Internet File System (CIFS) and Server Message Block (SMB); 14.5 Common Object Request Broker Architecture (CORBA) and Internet Inter-Orb Protocol (IIOP); 14.6 ToolTalk; 14.7 Transport Layer Security (TLS) and Secure Socket Layer (SSL); 14.8 The Generic Security Services API (GSSAPI); 14.9 IPsec; 14.10 Remote Access Service (RAS); 14.11 Point-to-Point Tunneling Protocol (PPTP); 14.12 Layer 2 Transport Protocol (L2TP); Chapter 15: The World Wide Web; 15.1 HTTP Server Security; 15.2 HTTP Client Security; 15.3 HTTP; 15.4 Mobile Code and Web-Related Languages; 15.5 Cache Communication Protocols; 15.6 Push Technologies; 15.7 RealAudio and RealVideo; 15.8 Gopher and WAIS; Chapter 16: Electronic Mail and News; 16.1 Electronic Mail; 16.2 Simple Mail Transfer Protocol (SMTP); 16.3 Other Mail Transfer Protocols; 16.4 Microsoft Exchange; 16.5 Lotus Notes and Domino; 16.6 Post Office Protocol (POP); 16.7 Internet Message Access Protocol (IMAP); 16.8 Microsoft Messaging API (MAPI); 16.9 Network News Transfer Protocol (NNTP); Chapter 17: File Transfer, File Sharing, and Printing; 17.1 File Transfer Protocol (FTP); 17.2 Trivial File Transfer Protocol (TFTP); 17.3 Network File System (NFS); 17.4 File Sharing for Microsoft Networks; 17.5 Summary of Recommendations for File Sharing; 17.6 Printing Protocols; 17.7 Related Protocols; Chapter 18: Remote Access to Hosts; 18.1 Terminal Access (Telnet); 18.2 Remote Command Execution; 18.3 Remote Graphical Interfaces; Chapter 19: Real-Time Conferencing Services; 19.1 Internet Relay Chat (IRC); 19.2 ICQ; 19.3 talk; 19.4 Multimedia Protocols; 19.5 NetMeeting; 19.6 Multicast and the Multicast Backbone (MBONE); Chapter 20: Naming and Directory Services; 20.1 Domain Name System (DNS); 20.2 Network Information Service (NIS); 20.3 NetBIOS for TCP/IP Name Service and Windows Internet Name Service; 20.4 The Windows Browser; 20.5 Lightweight Directory Access Protocol (LDAP); 20.6 Active Directory; 20.7 Information Lookup Services; Chapter 21: Authentication and Auditing Services; 21.1 What Is Authentication?; 21.2 Passwords; 21.3 Authentication Mechanisms; 21.4 Modular Authentication for Unix; 21.5 Kerberos; 21.6 NTLM Domains; 21.7 Remote Authentication Dial-in User Service (RADIUS); 21.8 TACACS and Friends; 21.9 Auth and identd; Chapter 22: Administrative Services; 22.1 System Management Protocols; 22.2 Routing Protocols; 22.3 Protocols for Booting and Boot-Time Configuration; 22.4 ICMP and Network Diagnostics; 22.5 Network Time Protocol (NTP); 22.6 File Synchronization; 22.7 Mostly Harmless Protocols; Chapter 23: Databases and Games; 23.1 Databases; 23.2 Games; Chapter 24: Two Sample Firewalls; 24.1 Screened Subnet Architecture; 24.2 Merged Routers and Bastion Host Using General-Purpose Hardware; Part IV: Keeping Your Site Secure; Chapter 25: Security Policies; 25.1 Your Security Policy; 25.2 Putting Together a Security Policy; 25.3 Getting Strategic and Policy Decisions Made; 25.4 What If You Can't Get a Security Policy?; Chapter 26: Maintaining Firewalls; 26.1 Housekeeping; 26.2 Monitoring Your System; 26.3 Keeping up to Date; 26.4 How Long Does It Take?; 26.5 When Should You Start Over?; Chapter 27: Responding to Security Incidents; 27.1 Responding to an Incident; 27.2 What to Do After an Incident; 27.3 Pursuing and Capturing the Intruder; 27.4 Planning Your Response; 27.5 Being Prepared; Part V: Appendixes; Appendix A: Resources; A.1 Web Pages; A.2 FTP Sites; A.3 Mailing Lists; A.4 Newsgroups; A.5 Response Teams; A.6 Other Organizations; A.7 Conferences; A.8 Papers; A.9 Books; Appendix B: Tools; B.1 Authentication Tools; B.2 Analysis Tools; B.3 Packet Filtering Tools; B.4 Proxy Systems Tools; B.5 Daemons; B.6 Utilities; Appendix C: Cryptography; C.1 What Are You Protecting and Why?; C.2 Key Components of Cryptographic Systems; C.3 Combined Cryptography; C.4 What Makes a Protocol Secure?; C.5 Information About Algorithms; Colophon;|

• Preface
• Part I: Network Security
  • Chapter 1: Why Internet Firewalls?
  • Chapter 2: Internet Services
  • Chapter 3: Security Strategies
• Part II: Building Firewalls
  • Chapter 4: Packets and Protocols
  • Chapter 5: Firewall Technologies
  • Chapter 6: Firewall Architectures
  • Chapter 7: Firewall Design
  • Chapter 8: Packet Filtering
  • Chapter 9: Proxy Systems
  • Chapter 10: Bastion Hosts
  • Chapter 11: Unix and Linux Bastion Hosts
  • Chapter 12: Windows NT and Windows 2000 Bastion Hosts
• Part III: Internet Services
  • Chapter 13: Internet Services and Firewalls
  • Chapter 14: Intermediary Protocols
  • Chapter 15: The World Wide Web
  • Chapter 16: Electronic Mail and News
  • Chapter 17: File Transfer, File Sharing, and Printing
  • Chapter 18: Remote Access to Hosts
  • Chapter 19: Real-Time Conferencing Services
  • Chapter 20: Naming and Directory Services
  • Chapter 21: Authentication and Auditing Services
  • Chapter 22: Administrative Services
  • Chapter 23: Databases and Games
  • Chapter 24: Two Sample Firewalls
• Part IV: Keeping Your Site Secure
  • Chapter 25: Security Policies
  • Chapter 26: Maintaining Firewalls
  • Chapter 27: Responding to Security Incidents
• Part V: Appendixes
  • Appendix A: Resources
  • Appendix B: Tools
  • Appendix C: Cryptography
• Colophon