The process of network security : designing and managing a safe network / Thomas A. Wadlow.

By: Wadlow, Thomas A .

Material type: materialTypeLabel

BookPublisher: Reading, Mass. ; Harlow, England : Addison-Wesley, c2000Description: xv, 283 p. : ill. ; 24 cm. + pbk.ISBN: 0201433176.Subject(s): Computer networks -- Security measures

DDC classification: 005.8

Contents:

Understanding Security -- Writing a Security Policy -- Who is attacking you? -- Security Design Process -- Building a Security Team -- Fortifying Network Components -- Personnel Security -- Physical Security -- Monitoring your Network -- Auditing Your Network -- Quantifying the value of Security -- Preparing for an Attack -- Handling an Attack -- Forensics -- Log Analysis -- Damage Control.

Holdings
Item type	Current library	Call number	Copy number	Status	Date due	Barcode	Item holds
General Lending	MTU Bishopstown Library Lending	005.8 (Browse shelf(Opens below))	1	Available		00075299

Total holds: 0

Enhanced descriptions from Syndetics:

This wide-ranging, up-to-date, conversational guide to network security focuses on the most important success factors: process and mindset . Security expert Thomas Wadlow shows exactly what it means to "be" a successful network security manager within a large business organization. KEY TOPICS: Learn how to define what an organization's security goals ought to be -- and how to implement an effective security policy quickly, without endless committee meetings or company politics. Understand who may be attacking you, and how to "think pathologically" about your network, putting yourself in the shoes of your attacker. Evaluate which information resources are most worth protecting; learn how to build an effective security team; and discover how to build security systems that protect the enterprise as a whole, not just individual devices. Learn how to fortify your network components and design; monitor and audit your network; even quantify the value of security. The book also presents five exceptionally detailed chapters on how to respond effectively to an attack -- from forensics and log analysis to damage control. MARKET: For every manager and executive concerned with network security, including sysadmins, netadmins, security managers, CIOs, CFOs, and CEOs.

Includes index.

Table of contents provided by Syndetics

Preface (p. xiii)
Acknowledgments (p. xv)
Chapter 1 Understanding Security (p. 1)
What Are We Protecting? (p. 2)
Thinking Like a Defender (p. 2)
The Reader of This Book (p. 3)
The Organization We Are Protecting (p. 3)
The Process of Security (p. 4)
How Do You Know That the Process Is Working? (p. 9)
Trend Analysis (p. 10)
Chapter 2 Writing a Security Policy (p. 11)
Pitfalls (p. 12)
Staging a Coup (p. 13)
Contents of the Policy (p. 15)
Chapter 3 Who Is Attacking You? (p. 21)
The Nature of the Beast (p. 22)
Security as an Evolutionary Strategy (p. 29)
Chapter 4 Security Design Process (p. 31)
Thinking About Security (p. 32)
Principles of Security (p. 34)
The Shape of Your Defenses (p. 51)
Organizational Network (p. 51)
Passive Outer Defenses (p. 51)
Active Inner Defenses (p. 52)
Passive Monitoring (p. 52)
Active Monitoring (p. 52)
The Shape of Your Security Organization (p. 53)
Response Team (p. 54)
Forensics Team (p. 54)
Watch Team (p. 54)
Employee Training (p. 55)
Chapter 5 Building a Security Team (p. 57)
Employee Characteristics (p. 57)
Job Functions in a Security Team (p. 59)
Training and Cross-Training (p. 62)
Interviewing Security Candidates (p. 64)
Background Checks (p. 65)
Hiring (p. 66)
Firing (p. 66)
Chapter 6 Fortifying Network Components (p. 69)
What Is a Network Component? (p. 70)
Component Types (p. 71)
Selecting Components (p. 73)
Component Categories (p. 78)
Fortifying Components (p. 79)
Customizing New Components (p. 82)
Upgrading Old Components (p. 84)
System Fortification (p. 86)
Configuration of the Operating System (p. 87)
Applying Patches (p. 88)
Removing Unnecessary Services (p. 88)
Limiting Necessary Services (p. 89)
Disabling and Deleting Unnecessary Software (p. 90)
Conclusion (p. 92)
Chapter 7 Personnel Security (p. 95)
Management Issues (p. 96)
Hiring Process (p. 96)
Interview Process (p. 96)
Probationary Period (p. 98)
Trouble with Employees (p. 98)
Firing Process (p. 99)
Resignation Process (p. 100)
Contractors (p. 100)
Chapter 8 Physical Security (p. 101)
What Are the Treats? (p. 101)
Physical Security Basics (p. 103)
Going Overboard (p. 110)
Backups (p. 111)
Denial of Service (p. 112)
Electrical Power (p. 113)
Telephones (p. 116)
Access Control Logging and Log Analysis (p. 117)
Chapter 9 Monitoring Your Network (p. 119)
The Shape of the Logging System (p. 122)
What to Log (p. 124)
Logging Mechanisms (p. 125)
Time (p. 131)
Sensors (p. 132)
Logging System Design (p. 133)
Log Management (p. 135)
Log Analysis (p. 138)
Chapter 10 Auditing Your Network (p. 141)
Why Should You Audit Your Network? (p. 142)
Types of Audit (p. 143)
What Should the Audit Measure? (p. 149)
Who Should Do the Audit? (p. 151)
Expectations (p. 154)
What You Should Expect from the Auditor (p. 154)
What the Auditor Should Expect from You (p. 155)
How the Audit Should Be Conducted (p. 156)
What You Should Do About the Audit Results (p. 156)
Chapter 11 Quantifying the Value of Security (p. 159)
Perception of Value (p. 162)
Process of Explaining Security Issues (p. 167)
Measurements (p. 169)
Chapter 12 Preparing for an Attack (p. 171)
Getting Started (p. 172)
War Games (p. 173)
Post-Mortem Analysis (p. 178)
Developing a Response Plan (p. 179)
Personnel (p. 185)
Safety Equipment (p. 186)
Survival Pack Contents (p. 187)
Choosing Hiding Places (p. 190)
Set Your Own Ground Rules (p. 191)
Chapter 13 Handling an Attack (p. 193)
Exciting, but Not Fun (p. 194)
Thinking Pathologically (p. 195)
About Attacks (p. 202)
What You Can Do (p. 206)
What You Should Not Do (p. 209)
Response Team (p. 212)
Priorities During an Attack (p. 214)
Chapter 14 Forensics (p. 221)
Getting Started (p. 222)
The Art of Investigation (p. 229)
The Clean Room (p. 233)
Analyzing the Contaminated File System (p. 237)
Analysis Tools (p. 238)
What to Look For (p. 242)
Chapter 15 Log Analysis (p. 247)
Integrity Checks (p. 250)
Log Analysis (p. 254)
The Hunt (p. 256)
Developing Theories (p. 256)
Legalities (p. 258)
Chapter 16 Damage Control (p. 261)
Priorities (p. 261)
Advance Preparation (p. 263)
Post-Mortem Analysis (p. 264)
Appendix A Glossary (p. 265)

Excerpt provided by Syndetics

A friend of mine said to me the other day that he wanted his old Internet back again. Things worked as well as they needed to. Everyone was nice. You could send mail to people you'd never met, and you'd typically get a nice reply. People gained access to different machines all around the world, which was given more or less freely, so you could log into those machines and see what they'd accomplished this month or just chat with friends. If something needed to be done, a bunch of smart people got together and did it, without too much fuss or bother. It was a nice place, for the most part. He really wasn't serious, this friend of mine. He makes his living using the Internet we have today and by speaking about the Internet we'll have tomorrow. He gets most of his news from CNN's Web site, and the computer industry-specific sites such as Slashdot and Freshmeat. I can't remember the last time he traveled without a laptop; you can send him e-mail anywhere he travels, and (if you get past his filtering software) he'll answer it from Tokyo or Singapore or Paris. The Internet is probably the most complicated thing created by the human race, and yet it is (relatively speaking, of course) easy to use and just about everywhere you'd want it to be. But I understand his point. The Internet isn't the friendly place it used to be. What was once a small town, where neighbors were friendly and you could leave your door unlocked, is now the largest (virtual) community in the world, and it's growing bigger every day. There are bad parts of town, and there are muggers and thieves and con men, just as in every other city on Earth. You can't get beaten up, but you can be robbed of your time and in some cases of your money. For all that, the Internet is probably the safest community of its size ever in existence. But that isn't something to take much comfort in. The reason I say this is that I and other members of my profession are called on to look at the security of sites on the Internet from time to time. I know the Internet is mostly safe, because the doors to most places are still unlocked and yet major catastrophes have not happened. Reasoning from that, it appears that most of the people on the Internet are not Bad Guys. Not yet, anyway. Of course, this can change at any time. And it has begun to. The 1990s saw an ever-growing number of people systematically trolling for computer weaknesses. These people are not trying to attack a specific site; rather, they are just fishing to see what they can catch. The late 1990s saw the beginning of Internet attacks for political reasons. As this book was written, the news media referred to the conflict in Kosovo as the "First Internet War" because of several hostile incidents that occurred and also because much of the unofficial communication between sides was taking place over the Internet. The Internet is becoming a dangerous place. But it is important to see this in perspective. Any large community has its bad neighborhoods, robberies, muggings and trouble spots, but that doesn't mean it is impossible to live and work there safely. The trick is to keep your eyes open, take reasonable precautions, and not act foolishly. The same rules apply to the Internet. But computer security means far more these days than the ability of one person to protect himself or herself from the dangers that can arise on the Internet. It's one thing to protect yourself. It's a very different thing indeed to protect a hundred computers, or a thousand, or ten thousand. This book is intended for the people facing that formidable challenge and the people who will assist in such an endeavour. It is not a tutorial on how to become a hacker. Nor is it a technical manual on how to run a large computer network. Many other sources cover those subjects, for better or worse. My goal here is to give a person charged with the responsibility of running the network security for a large organization a tool for understanding the language and practices of network and computer security, and to provide some hints along the way to save some time and some scraped knuckles. As with any large project, there are many ways to approach these issues. I don't claim that this book is an exhaustive survey of all possible ways. It is, however, a collection of good methodology and tips and tricks, with some warning signs at the rough spots, that have worked for me. So who am I? Well, I am an electrical engineer by training, but I was swept up into computer science in my high school and college years. My first experience with the Internet was in the late 1970s, when I discovered that I could connect from Carnegie-Mellon University, where I went to school, to a machine in London, England, over something called the ARPANET, which was just appearing on the scene at that time. Like many others at CMU, I worked in the university Computer Center. Unlike many of my colleagues there, I've kept much the same job ever since, running larger and larger collections of computers and their networks at Lawrence Livermore Laboratory, Schlumberger's Palo Alto Research Center, Xerox's Palo Alto Research Center, ParcPlace Systems, and Sun Microsystems Laboratories. Along the way, I've learned a few things about keeping large collections of machines happy and healthy and about keeping the Bad Guys out and the Good Guys working. Now I find myself as the Chief Technology Officer and Vice President of Security for Pilot Network Services, Inc., a company I helped to found and whose function is to handle Internet security for our customers, a diverse collection of some of the most dynamic and interesting (as well as the largest) companies on Earth. The principles we use to run our business safely can be found in this book. That may strike you as odd, creating a book that says how we do our business, because it enables people to compete against us, using our own principles. Well, read on. If you still think it's easy, give it a shot. We welcome the competition. Acknowledgments A great many people helped me with the production of this book, directly or indirectly, but I'd like to thank several specifically: Dr. Martine Droulers and Dr. Celine Broggio, wonderful friends who fed me delicious food and gave me the use of their French seaside attic to finish the book. Fromage! Eileen Keremitsis, who put up with my grumbling, made sure that I wasn't working too hard, and was ready with an invitation to dinner whenever I needed one. Dennis Allison, who tempted me back into the book-writing business after a long absence, and Karen Gettman and Mary Hart of Addison-Wesley, who made sure that I stayed the course. Steve Riley, Joseph Balsama, Steve Rader, John Stewart, and Clifford Neuman, who read the entire manuscript and whose numerous and insightful comments I found very helpful. And of course, the people at Pilot Network Services, who are the hardest working and nicest bunch of security folks I've ever met. Tom Wadlow San Francisco, California, USA Le Crotoy, Picardie, France, 2000 0201433176P04062001 Excerpted from The Process of Network Security: Designing and Managing a Safe Network by Thomas A. Wadlow All rights reserved by the original copyright owners. Excerpts are provided for display purposes only and may not be reproduced, reprinted or distributed without the written permission of the publisher.

Author notes provided by Syndetics

Thomas A. Wadlow is co-founder, Chief Technology Officer and Vice-President of Engineering and Security for Pilot Network Services, Inc., a company specializing in Internet security.

Back to results

1 Shaking leaves /
by Dilnot, John.
2 15 cows :
by Dilnot, John.
3 15 cows /
by Dilnot, John.