Network Security Hacks

10.11.2006

Englisch

9780596527631

O'Reilly and Associates

Nein

Andrew Lockhart

478

2

Broschiert

Tips & Tools for Protecting Your Privacy

network security, wireless, privacy, secure, monitoring

Inhaltsverzeichnis Credits Preface Chapter 1. Unix Host Security       1. Secure Mount Points       2. Scan for SUID and SGID Programs       3. Scan for World- and Group-Writable Directories       4. Create Flexible Permissions Hierarchies with POSIX ACLs       5. Protect Your Logs from Tampering       6. Delegate Administrative Roles       7. Automate Cryptographic Signature Verification       8. Check for Listening Services       9. Prevent Services from Binding to an Interface       10. Restrict Services with Sandboxed Environments       11. Use proftpd with a MySQL Authentication Source       12. Prevent Stack-Smashing Attacks       13. Lock Down Your Kernel with grsecurity       14. Restrict Applications with grsecurity       15. Restrict System Calls with systrace       16. Create systrace Policies Automatically       17. Control Login Access with PAM       18. Restrict Users to SCP and SFTP       19. Use Single-Use Passwords for Authentication       20. Restrict Shell Environments       21. Enforce User and Group Resource Limits       22. Automate System Updates Chapter 2. Windows Host Security       23. Check Servers for Applied Patches       24. Use Group Policy to Configure Automatic Updates       25. List Open Files and Their Owning Processes       26. List Running Services and Open Ports       27. Enable Auditing       28. Enumerate Automatically Executed Programs       29. Secure Your Event Logs       30. Change Your Maximum Log File Sizes       31. Back Up and Clear the Event Logs       32. Disable Default Shares       33. Encrypt Your Temp Folder       34. Back Up EFS       35. Clear the Paging File at Shutdown       36. Check for Passwords That Never Expire Chapter 3. Privacy and Anonymity       37. Evade Traffic Analysis       38. Tunnel SSH Through Tor       39. Encrypt Your Files Seamlessly       40. Guard Against Phishing       41. Use the Web with Fewer Passwords       42. Encrypt Your Email with Thunderbird       43. Encrypt Your Email in Mac OS X Chapter 4. Firewalling       44. Firewall with Netfilter       45. Firewall with OpenBSD's PacketFilter       46. Protect Your Computer with the Windows Firewall       47. Close Down Open Ports and Block Protocols       48. Replace the Windows Firewall       49. Create an Authenticated Gateway       50. Keep Your Network Self-Contained       51. Test Your Firewall       52. MAC Filter with Netfilter       53. Block Tor Chapter 5. Encrypting and Securing Services       54. Encrypt IMAP and POP with SSL       55. Use TLS-Enabled SMTP with Sendmail       56. Use TLS-Enabled SMTP with Qmail       57. Install Apache with SSL and suEXEC       58. Secure BIND       59. Set Up a Minimal and Secure DNS Server       60. Secure MySQL       61. Share Files Securely in Unix Chapter 6. Network Security       62. Detect ARP Spoofing       63. Create a Static ARP Table       64. Protect Against SSH Brute-Force Attacks       65. Fool Remote Operating System Detection Software       66. Keep an Inventory of Your Network       67. Scan Your Network for Vulnerabilities       68. Keep Server Clocks Synchronized       69. Create Your Own Certificate Authority       70. Distribute Your CA to Clients       71. Back Up and Restore a Certificate Authority with Certificate Services       72. Detect Ethernet Sniffers Remotely       73. Help Track Attackers       74. Scan for Viruses on Your Unix Servers       75. Track Vulnerabilities Chapter 7. Wireless Security       76. Turn Your Commodity Wireless Routers into a Sophisticated Security Platform       77. Use Fine-Grained Authentication for Your Wireless Network       78. Deploy a Captive Portal Chapter 8. Logging       79. Run a Central Syslog Server       80. Steer Syslog       81. Integrate Windows into Your Syslog Infrastructure       82. Summarize Your Logs Automatically       83. Monitor Your Logs Automatically       84. Aggregate Logs from Remote Sites       85. Log User Activity with Process Accounting       86. Centrally Monitor the Security Posture of Your Servers Chapter 9. Monitoring and Trending       87. Monitor Availability       88. Graph Trends       89. Get Real-Time Network Stats       90. Collect Statistics with Firewall Rules       91. Sniff the Ether Remotely Chapter 10. Secure Tunnels       92. Set Up IPsec Under Linux       93. Set Up IPsec Under FreeBSD       94. Set Up IPsec in OpenBSD       95. Encrypt Traffic Automatically with Openswan       96. Forward and Encrypt Traffic with SSH       97. Automate Logins with SSH Client Keys       98. Use a Squid Proxy over SSH       99. Use SSH As a SOCKS Proxy       100. Encrypt and Tunnel Traffic with SSL       101. Tunnel Connections Inside HTTP       102. Tunnel with VTun and SSH       103. Generate VTun Configurations Automatically       104. Create a Cross-Platform VPN       105. Tunnel PPP Chapter 11. Network Intrusion Detection       106. Detect Intrusions with Snort       107. Keep Track of Alerts       108. Monitor Your IDS in Real Time       109. Manage a Sensor Network       110. Write Your Own Snort Rules       111. Prevent and Contain Intrusions with Snort_inline       112. Automatically Firewall Attackers with SnortSam       113. Detect Anomalous Behavior       114. Automatically Update Snort's Rules       115. Create a Distributed Stealth Sensor Network       116. Use Snort in High-Performance Environments with Barnyard       117. Detect and Prevent Web Application Intrusions       118. Scan Network Traffic for Viruses       119. Simulate a Network of Vulnerable Hosts       120. Record Honeypot Activity Chapter 12. Recovery and Response       121. Image Mounted Filesystems       122. Verify File Integrity and Find Compromised Files       123. Find Compromised Packages       124. Scan for Rootkits       125. Find the Owner of a Network Index