Open Source Security Tools

Practical Guide to Security Applications, A

Tony Howlett (Autor)

Buch | Softcover

608 Seiten

2004
Prentice Hall (Verlag)
978-0-321-19443-5 (ISBN)

Titel ist leider vergriffen;
keine Neuauflage

Artikel merken

An introduction to "Open Source Security Tools", this work reviews the assortment of free and low-cost solutions. From how to harden Linux and Windows systems to how to investigate breaches with Sleuth Kit, and Forensic Tool Kit, each security task reviews open source tools. It explains how to use them with a case study and sample implementation.

Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses.

Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. Seasoned security expert Tony Howlett has reviewed the overwhelming assortment of these free and low-cost solutions to provide you with the “best of breed” for all major areas of information security.

Inside, you’ll find everything from how to harden Linux and Windows systems to how to investigate breaches with Sleuth Kit, Autopsy Forensic Browser, and Forensic Tool Kit. For each security task described, the author reviews the best open source tools and how to use them and also provides a case study and sample implementation. Covered tasks include:

Installing an open source firewall using Ipchains, Iptables, Turtle firewall, or Smoothwall
Scanning ports and testing for vulnerabilities using Nmap, Nlog, Nmap for Windows, Nessus,and NessusWX
Using sniffers and network-intrusion systems, including Tcpdump, Ethereal, Windump, Snort™, and Snort™ for Windows
Tracking and analyzing collected data with Swatch, ACID, and NCC
Encrypting communications with PGP, GnuPG, SSH, and Free S/WAN

This handy reference also tackles the emerging field of wireless security and covers tools such as Kismet Wireless, Airsnort, and Netstumber.

Whether you’re a Windows system administrator or a network administrator, you will come away with an understanding of how open source security tools can help protect your organization and further your own career.

Tony Howlett is the president of Network Security Services, a computer-security application service provider built entirely on open source software. A Certified Information Systems Security Professional (CISSP) and GIAC Systems and Network Auditor (GNSA), he has fourteen years of experience, including running a major regional ISP/CLEC and building a nationwide ATM/DSL network. Mr. Howlett is a frequent speaker on computer security and technology topics and has written for SysAdmin, Computer Currents, Windows Web Solutions, Security Administrator, and other magazines.

Preface.

Audience.

Contents.

CD-ROM Contents and Organization.

Tools Index.

1. Information Security and Open Source Software.

    The Practice of Information Security.

    The State of Computer Crime.

    Info-Security Business Risks.

    Open Source History.

    Open Source Advantages.

    When Open Source May Not Fit Your Needs.

    Windows and Open Source.

    Open Source Licenses.

2. Operating System Tools.

    Hardening Your Security Tool System.

    traceroute (UNIX) or tracert (Windows): Network Diagnostic Tools.

    Considerations for Hardening Windows.

3. Firewalls.

    Network Architecture Basics.

    TCP/IP Networking.

    Security Business Processes.

    SmoothWall Hardware Requirements.

    SmoothWall Express Versus SmoothWall Corporate.

    Installing SmoothWall.

    Administering the SmoothWall Firewall.

    Creating a VPN on the SmoothWall Firewall.

    Windows-Based Firewalls.

4. Port Scanners.

    Overview of Port Scanners.

    Considerations for Port Scanning.

    Uses for Port Scanners.

5. Vulnerability Scanners.

    Identifying Security Holes in Your Systems.

    Vulnerability Scanners to the Rescue.

    Considerations for Vulnerability Scanning.

    What Vulnerability Testing Doesn’t Find.

6. Network Sniffers.

    A Brief History of Ethernet.

    Considerations for Network Sniffing.

    TCP/IP Packet Headers.

7. Intrusion Detection Systems.

    NIDS Signature Examples.

    The Problem of NIDS False Positives.

    Getting the Most Out of Your IDS.

    Configuring Snort for Maximum Performance.

    Host-Based Intrusion Detection.

8. Analysis and Management Tools.

    Using Databases and Web Servers to Manage Your Security Data.

    The Birth of an Open Source Project.

9. Encryption Tools.

    Types of Encryption.

    Virtual Private Networks.

10.Wireless Tools.

    Wireless LAN Technology.

    Dangers of Wireless LANs.

    The “War-Driving” Phenomenon.

    Performing a Wireless Network Security Assessment.

    Steps for More Secure Wireless LANs.

11. Forensic Tools.

    Uses for Computer Forensic Tools.

    Building an Incident Response Plan.

    Preparing for Good Forensic Data.

    Where to Look for Forensic Data.

    Tenets of Good Forensic Analysis.

    Forensic Analysis Tools.

    Reviewing Log Files.

    Making Copies of Forensic Evidence.

12. More on Open Source Software.

    Open Source Resources.

    Joining the Open Source Movement.

    More Open Source Security Tools.

Appendix A Open Source Licenses.

Appendix B Basic Linux/UNIX Commands.

Appendix C Well-Known TCP/IP Port Numbers.

Appendix D General Permission and Waiver Form.

Appendix E.

References.

Index.

Erscheint lt. Verlag	12.8.2004
Reihe/Serie	Bruce Peren's Open Source Series
Verlagsort	Upper Saddle River
Sprache	englisch
Maße	237 x 180 mm
Gewicht	948 g
Themenwelt	Mathematik / Informatik ► Informatik ► Betriebssysteme / Server
	Informatik ► Netzwerke ► Sicherheit / Firewall
	Informatik ► Theorie / Studium ► Kryptologie
ISBN-10	0-321-19443-8 / 0321194438
ISBN-13	978-0-321-19443-5 / 9780321194435
Zustand	Neuware