Network Security Hacks
Andrew Lockhart
- 出版商: O'Reilly|英文2書85折
- 出版日期: 2004-04-01
- 售價: $1,080
- 貴賓價: 9.5 折 $1,026
- 語言: 英文
- 頁數: 304
- 裝訂: Paperback
- ISBN: 0596006438
- ISBN-13: 9780596006433
-
相關分類:
資訊安全
已過版
買這商品的人也買了...
-
$1,380$1,311 -
$980$774 -
$920$727 -
$1,030$1,009 -
$590$466 -
$990Java Web Services Architecture
-
$780$663 -
$750$675 -
$560$504 -
$2,310$2,195 -
$720$612 -
$880$695 -
$850$723 -
$280$218 -
$480$379 -
$750$593 -
$720$569 -
$780$616 -
$580$493 -
$760$646 -
$780$663 -
$590$460 -
$1,230$1,169 -
$2,310$2,195 -
$375Macromedia Dreamweaver 8 for Windows and Macintosh: Visual QuickStart Guide (Paperback)
相關主題
商品描述
To the uninitiated, the title may seem like an oxymoron: after all, aren't
hacks what network security is supposed to prevent? But if you're network
administrator, this book's title not only makes sense; it makes a lot of sense.
You know that a busy administrator needs a hatful of devilishly effective
security hacks to keep your 12-hour days from becoming all-nighters.
Network Security Hacks is not a long-winded treatise on security
theory. Instead, this information packed little book provides 100 quick,
practical, and clever things to do to help make your Linux, UNIX, or Windows
networks more secure today.
This compendium of security hacks doesn't
just cover securing TCP/IP-based services, but also provides intelligent
host-based security techniques. Loaded with concise but powerful examples of
applied encryption, intrusion detection, logging, trending, and incident
response, Network Security Hacks will demonstrate effective methods for
defending your servers and networks from a variety of devious and subtle
attacks.
Network Security Hacks show how to detect the presence
(and track every keystroke) of network intruders, methods for protecting your
network and data using strong encryption, and even techniques for laying traps
for would-be system crackers. Important security tools are presented, as well as
clever methods for using them to reveal real, timely, useful information about
what is happening on your network.
O'Reilly's Hacks Series reclaims the
term "hacking" for the good guys--innovators who use their ingenuity to solve
interesting problems, explore and experiment, unearth shortcuts, and create
useful tools. Network Security Hacks lives up to reputation the Hacks
series has earned by providing the "roll-up-your sleeves and get-it-done" hacks
that most network security tomes don't offer. Every hack can be read in just a
few minutes but will save hours of searching for the right answer.
Using
just one of these amazing hacks will make this slim book's price seem like a
remarkable deal. The other 99 make Network Security Hacks absolutely
invaluable.
Table of Contents:
Credits
Preface
Chapter 1. Unix Host Security
1. Secure Mount Points
2. Scan for SUID and SGID Programs
3. Scan For World- and Group-Writable Directories
4. Create Flexible Permissions Hierarchies with POSIX ACLs
5. Protect Your Logs from Tampering
6. Delegate Administrative Roles
7. Automate Cryptographic Signature Verification
8. Check for Listening Services
9. Prevent Services from Binding to an Interface
10. Restrict Services with Sandboxed Environments
11. Use proftp with a MySQL Authentication Source
12. Prevent Stack-Smashing Attacks
13. Lock Down Your Kernel with grsecurity
14. Restrict Applications with grsecurity
15. Restrict System Calls with Systrace
16. Automated Systrace Policy Creation
17. Control Login Access with PAM
18. Restricted Shell Environments
19. Enforce User and Group Resource Limits
20. Automate System UpdatesChapter 2. Windows Host Security
21. Check Servers for Applied Patches
22. Get a List of Open Files and Their Owning Processes
23. List Running Services and Open Ports
24. Enable Auditing
25. Secure Your Event Logs
26. Change Your Maximum Log File Sizes
27. Disable Default Shares
28. Encrypt Your Temp Folder
29. Clear the Paging File at Shutdown
30. Restrict Applications Available to UsersChapter 3. Network Security
31. Detect ARP Spoofing
32. Create a Static ARP Table
33. Firewall with Netfilter
34. Firewall with OpenBSD's PacketFilter
35. Create an Authenticated Gateway
36. Firewall with Windows
37. Keep Your Network Self-Contained
38. Test Your Firewall
39. MAC Filtering with Netfilter
40. Block OS Fingerprinting
41. Fool Remote Operating System Detection Software
42. Keep an Inventory of Your Network
43. Scan Your Network for Vulnerabilities
44. Keep Server Clocks Synchronized
45. Create Your Own Certificate Authority
46. Distribute Your CA to Clients
47. Encrypt IMAP and POP with SSL
48. Set Up TLS-Enabled SMTP
49. Detect Ethernet Sniffers Remotely
50. Install Apache with SSL and suEXEC
51. Secure BIND
52. Secure MySQL
53. Share Files Securely in UnixChapter 4. Logging
54. Run a Central Syslog Server
55. Steer Syslog
56. Integrate Windows into Your Syslog Infrastructure
57. Automatically Summarize Your Logs
58. Monitor Your Logs Automatically
59. Aggregate Logs from Remote Sites
60. Log User Activity with Process AccountingChapter 5. Monitoring and Trending
61. Monitor Availability
62. Graph Trends
63. Run ntop for Real-Time Network Stats
64. Audit Network Traffic
65. Collect Statistics with Firewall Rules
66. Sniff the Ether RemotelyChapter 6. Secure Tunnels
67. Set Up IPsec Under Linux
68. Set Up IPsec Under FreeBSD
69. Set Up IPsec in OpenBSD
70. PPTP Tunneling
71. Opportunistic Encryption with FreeS/WAN
72. Forward and Encrypt Traffic with SSH
73. Quick Logins with SSH Client Keys
74. Squid Proxy over SSH
75. Use SSH as a SOCKS Proxy
76. Encrypt and Tunnel Traffic with SSL
77. Tunnel Connections Inside HTTP
78. Tunnel with VTun and SSH
79. Automatic vtund.conf Generator
80. Create a Cross-Platform VPN
81. Tunnel PPPChapter 7. Network Intrusion Detection
82. Detect Intrusions with Snort
83. Keep Track of Alerts
84. Real-Time Monitoring
85. Manage a Sensor Network
86. Write Your Own Snort Rules
87. Prevent and Contain Intrusions with Snort_inline
88. Automated Dynamic Firewalling with SnortSam
89. Detect Anomalous Behavior
90. Automatically Update Snort's Rules
91. Create a Distributed Stealth Sensor Network
92. Use Snort in High-Performance Environments with Barnyard
93. Detect and Prevent Web Application Intrusions
94. Simulate a Network of Vulnerable Hosts
95. Record Honeypot ActivityChapter 8. Recovery and Response
96. Image Mounted Filesystems
97. Verify File Integrity and Find Compromised Files
98. Find Compromised Packages with RPM
99. Scan for Root Kits
100. Find the Owner of a NetworkIndex