Vacca Practical Internet Security
1. Auflage 2007
ISBN: 978-0-387-29844-3
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, 536 Seiten, eBook
ISBN: 978-0-387-29844-3
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
As organizations today are linking their systems across enterprise-wide networks and VPNs as well as increasing their exposure to customers, competitors, browsers and hackers on the Internet, it becomes increasingly imperative for Web professionals to be trained in techniques for effectively protecting their sites from internal and external threats. Each connection magnifies the vulnerability to attack. With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. Furthermore, the exploding use of Web technologies for corporate intranets and Internet sites has escalated security risks to corporate data and information systems.
Practical Internet Security reveals how the Internet is paving the way for secure communications within organizations and on the public Internet. This book provides the fundamental knowledge needed to analyze risks to a system and to implement a security policy that protects information assets from potential intrusion, damage, or theft. It provides dozens of real-life scenarios and examples, as well as hands-on instruction in securing Web communications and sites. You will learn the common vulnerabilities of Web sites; as well as, how to carry out secure communications across unsecured networks. All system administrators and IT security managers will find this book an essential practical resource.
Zielgruppe
Professional/practitioner
Autoren/Hrsg.
Weitere Infos & Material
to Internet Security.- Internet Technologies.- Basic Security Issues.- Establishing Your Organization’s Security.- Real Threats That Impact Security.- A Security Policy: The Foundation of Your Protection.- Developing Your Security Policy.- Steps to Take Now.- Responding to Attacks.- Securing the Web Client.- Threats and Vulnerabilities.- Protecting Your Web Browser.- Network Interconnections: A Majorpoint of Vulnerability.- Basic Operating System and TCP/IP Concepts.- Early System Security Improvements.- Deterring Masqueraders and Ensuring Authenticity.- Impersonating Users.- How Masqueraders Infiltrate a System.- Holding Your Defensive Line.- Preventing Eavesdropping to Protect Your Privacy.- Unauthorized Listening and Looking.- Countering or not Countering the Eavesdropper: That’s the Question?.- Thwarting Counterfeiters and Forgery to Retain Integrity.- The Forger’s Arsenal.- Shielding your Assets.- Avoiding Disruption of Service to Maintain Availability.- Denial-of-Service Attacks.- Constructing Your Bastions.- The Importance of Firewalls.- Configuring Operating System and Network Security.- Operating Systems that Pose Security Risks.- Network Security.- Enhancing Web Server Security.- Controlling Access.- Extended Web Site Security Functionality.- Securing Web Communications with SSL VPNS.- Issuing and Managing Certificates.- Why Digital Certificates are Used.- Certificate Authorities.- Trusting SSL CAs in Servers and Browsers.- Firewalls and Firewall Topologies.- Protecting Servers and Clients with Firewalls.- Choosing the Right Firewall.- Firewall Topologies.- Selecting Firewall Security Topology Policy.- Security Management Solutions and Future Directions.- Identifying and Responding to Security Violations.- Real-Time Monitoring and Auditing.- LimitingDamage.- Keeping Up to Date on New Threats.- Emerging Technologies.- Summary, Conclusions and Recommendations.
Chapter 7 THREATS AND VULNERABILITIES (p. 145)
INTRODUCTION
Six years ago, the SANS Institute [1] and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities, with regards to securing the Web client. Thousands of enterprises used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes .rst. The vulnerable services and the threats that they posed, led to worms like Blaster, Slammer, Code Red and many others, that have been on these lists [1].
This chapter presents an overview of these vulnerabilities and threats, and is a marked deviation from the previous Top-20 lists. In addition to Windows and UNIX categories, SANS and NIPC have also included cross-platform applications and networking products. The change re.ects the dynamic nature of the evolving threat landscape and the vulnerabilities that attackers target. Unlike the previous Top-20 lists, this list is not cumulative in nature. SANS and NIPC have only listed critical vulnerabilities and threats from 2005 and 2006. If you have not patched your systems for a length of time, it is highly recommended that you .rst patch the vulnerabilities listed in the Top-20 2005 list [1].
SANS and NIPC have made a best effort to make this list meaningful for most enterprises. Hence, the Top-20 is a consensus list of vulnerabilities and threats that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore, the leading security software vendors and consulting .rms, the top university-based security programs, many other user enterprises, and the SANS Institute [1].
The SANS Top-20 is a living list. It includes step-by-step instructions and pointers to additional information useful for correcting the security .aws. SANS and NIPC will update the list and the instructions as more critical vulnerabilities and more current or convenient methods of protection are identi.ed, and they welcome your input along the way. This is a community consensus list – your experience in .ghting attackers and in eliminating the vulnerabilities and threats, can help others who come after you [1].
TOP THREATS AND VULNERABILITIES IN WINDOWS SYSTEMS
The family of Windows Operating systems supports a wide variety of services, networking methods and technologies. Many of these components are implemented as Service Control Programs (SCP) under the control of Service Control Manager (SCM), which runs as Services.exe. Vulnerabilities in these services that implement these Operating System functionalities are one of the most common avenues for exploitation [1].
Windows Services
Remotely exploitable buffer over.ow vulnerabilities continue to be the number one issue that affects Windows services. Several of the core system services provide remote interfaces to client components through Remote Procedure Calls (RPC). They are mostly exposed through named pipe endpoints accessible through the Common Internet File System (CIFS) protocol, well known TCP/UDP ports and in certain cases ephemeral TCP/UDP ports.
