E-Book, Englisch, 528 Seiten, Web PDF
Gregg / Seagren / Orebaugh How to Cheat at Configuring Open Source Security Tools
1. Auflage 2011
ISBN: 978-0-08-055356-6
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, 528 Seiten, Web PDF
ISBN: 978-0-08-055356-6
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
The Perfect Reference for the Multitasked SysAdmin
This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.
* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if they're being exceeded and watch for unauthorized traffic on your network.
*Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet
*Companion Web site contains dozens of working scripts and tools for readers
*Follows Syngress' proven How to Cheat pedagogy providing readers with everything they need and nothing they don't
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;How to Cheat at Configuring: Open Source Security Tools;4
3;Copyright Page;5
4;Contents;10
5;Chapter 1. Testing and Auditing Your Systems;18
5.1;Introduction;19
5.2;Taking Inventory;19
5.3;Vulnerability Scanning;40
5.4;OSSTMM;51
5.5;Summary;53
5.6;Solutions Fast Track;53
5.7;Frequently Asked Questions;54
6;Chapter 2. Protecting Your Perimeter;56
6.1;Introduction;57
6.2;Firewall Types;57
6.3;Firewall Architectures;58
6.4;Implementing Firewalls;62
6.5;Providing Secure Remote Access;102
6.6;Summary;134
6.7;Solutions Fast Track;134
6.8;Frequently Asked Questions;136
7;Chapter 3. Protecting Network Resources;138
7.1;Introduction;139
7.2;Performing Basic Hardening;139
7.3;Hardening Windows Systems;142
7.4;Hardening Linux Systems;159
7.5;Hardening Infrastructure Devices;168
7.6;Patching Systems;169
7.7;Personal Firewalls;171
7.8;Providing Antivirus and Antispyware Protection;178
7.9;Encrypting Sensitive Data;187
7.10;Summary;193
7.11;Solutions Fast Track;193
7.12;Frequently Asked Questions;195
8;Chapter 4. Introducing Snort;198
8.1;Introduction;199
8.2;How an IDS Works;200
8.3;Where Snort Fits;202
8.4;Snort System Requirements;203
8.5;Exploring Snort's Features;205
8.6;Using Snort on Your Network;212
8.7;Security Considerations with Snort;224
8.8;Summary;227
8.9;Solutions Fast Track;227
8.10;Frequently Asked Questions;228
9;Chapter 5. Installing Snort 2.6;230
9.1;Introduction;231
9.2;Choosing the Right OS;231
9.3;Hardware Platform Considerations;247
9.4;Installing Snort;252
9.5;Configuring Snort;260
9.6;Testing Snort;271
9.7;Maintaining Snort;274
9.8;Updating Snort;276
9.9;Summary;277
9.10;Solutions Fast Track;277
9.11;Frequently Asked Questions;279
10;Chapter 6. Configuring Snort and Add-Ons;280
10.1;Placing Your NIDS;281
10.2;Configuring Snort on a Windows System;283
10.3;Configuring Snort on a Linux System;297
10.4;Demonstrating Effectiveness;310
10.5;Summary;311
10.6;Solutions Fast Track;312
10.7;Frequently Asked Questions;313
11;Chapter 7. Introducing Wireshark: Network Protocol Analyzer;314
11.1;Introduction;315
11.2;What is Wireshark?;315
11.3;Supporting Programs;327
11.4;Using Wireshark in Your Network Architecture;332
11.5;Using Wireshark for Network Troubleshooting;334
11.6;Using Wireshark for System Administration;337
11.7;Securing Ethereal;340
11.8;Optimizing Wireshark;341
11.9;Advanced Sniffing Techniques;342
11.10;Securing Your Network from Sniffers;345
11.11;Employing Detection Techniques;347
11.12;Summary;349
11.13;Solutions Fast Track;349
11.14;Frequently Asked Questions;351
12;Chapter 8. Getting and Installing Wireshark;354
12.1;Introduction;355
12.2;Getting Wireshark;355
12.3;Packet Capture Drivers;357
12.4;Installing Wireshark on Windows;363
12.5;Installing Wireshark on Linux;364
12.6;Installing Wireshark on Mac OSX ;366
12.7;Installing Wireshark from Source;372
12.8;Summary;377
12.9;Solutions Fast Track;377
12.10;Frequently Asked Questions;379
13;Chapter 9. Using Wireshark;380
13.1;Introduction;381
13.2;Getting Started with Wireshark;381
13.3;Exploring the Main Window;382
13.4;Other Window Components;388
13.5;Exploring the Menus;390
13.6;View;402
13.7;Go;409
13.8;Capture;410
13.9;Analyze;420
13.10;Statistics;430
13.11;Help;445
13.12;Pop-up Menus;450
13.13;Using Command-line Options;454
13.14;Summary;456
13.15;Solutions Fast Track;456
13.16;Frequently Asked Questions;457
14;Chapter 10. Network Reporting and Troubleshooting with other Tools;460
14.1;Introduction;461
14.2;Reporting on Bandwidth Usage and Other Metrics;461
14.3;Collecting Data for Analysis;462
14.4;Understanding SNMP;464
14.5;Troubleshooting Network Problems from the Command Line;485
14.6;Additional Troubleshooting Tools;489
14.7;Summary;491
14.8;Solutions Fast Track;492
14.9;Frequently Asked Questions;493
15;Chapter 11. Wireless Monitoring and Intrusion Detection;494
15.1;Introduction;495
15.2;Designing for Detection;495
15.3;Defensive Monitoring Considerations;497
15.4;Intrusion Detection Strategies;502
15.5;Conducting Vulnerability Assessments;508
15.6;Incident Response and Handling;511
15.7;Conducting Site Surveys for Rogue Access Points;514
15.8;Summary;518
15.9;Solutions Fast Track;519
15.10;Frequently Asked Questions;520
16;Index;522
