How to Cheat at Configuring Open Source Security Tools - Michael Gregg, Matt Jonkman, Raffael Marty, Angela Orebaugh, Eric Seagren

How to Cheat at Configuring Open Source Security Tools (eBook)

, , , , (Autoren)

eBook Download: PDF
2011 | 1. Auflage
528 Seiten
Elsevier Science (Verlag)
978-0-08-055356-6 (ISBN)
Systemvoraussetzungen
39,95 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen
The Perfect Reference for the Multitasked SysAdmin
This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.

* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if they're being exceeded and watch for unauthorized traffic on your network.

*Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet
*Companion Web site contains dozens of working scripts and tools for readers
*Follows Syngress' proven How to Cheat pedagogy providing readers with everything they need and nothing they don't
The Perfect Reference for the Multitasked SysAdminThis is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.* Take InventorySee how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.* Use NmapLearn how Nmap has more features and options than any other free scanner.* Implement FirewallsUse netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.* Perform Basic HardeningPut an IT security policy in place so that you have a concrete set of standards against which to measure. * Install and Configure Snort and WiresharkExplore the feature set of these powerful tools, as well as their pitfalls and other security considerations.* Explore Snort Add-OnsUse tools like Oinkmaster to automatically keep Snort signature files current.* Troubleshoot Network ProblemsSee how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.* Learn Defensive Monitoring ConsiderationsSee how to define your wireless network boundaries, and monitor to know if they're being exceeded and watch for unauthorized traffic on your network. Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet Follows Syngress' proven "e;How to Cheat"e; pedagogy providing readers with everything they need and nothing they don't

Front Cover 1
How to Cheat at Configuring: Open Source Security Tools 4
Copyright Page 5
Contents 10
Chapter 1. Testing and Auditing Your Systems 18
Introduction 19
Taking Inventory 19
Vulnerability Scanning 40
OSSTMM 51
Summary 53
Solutions Fast Track 53
Frequently Asked Questions 54
Chapter 2. Protecting Your Perimeter 56
Introduction 57
Firewall Types 57
Firewall Architectures 58
Implementing Firewalls 62
Providing Secure Remote Access 102
Summary 134
Solutions Fast Track 134
Frequently Asked Questions 136
Chapter 3. Protecting Network Resources 138
Introduction 139
Performing Basic Hardening 139
Hardening Windows Systems 142
Hardening Linux Systems 159
Hardening Infrastructure Devices 168
Patching Systems 169
Personal Firewalls 171
Providing Antivirus and Antispyware Protection 178
Encrypting Sensitive Data 187
Summary 193
Solutions Fast Track 193
Frequently Asked Questions 195
Chapter 4. Introducing Snort 198
Introduction 199
How an IDS Works 200
Where Snort Fits 202
Snort System Requirements 203
Exploring Snort's Features 205
Using Snort on Your Network 212
Security Considerations with Snort 224
Summary 227
Solutions Fast Track 227
Frequently Asked Questions 228
Chapter 5. Installing Snort 2.6 230
Introduction 231
Choosing the Right OS 231
Hardware Platform Considerations 247
Installing Snort 252
Configuring Snort 260
Testing Snort 271
Maintaining Snort 274
Updating Snort 276
Summary 277
Solutions Fast Track 277
Frequently Asked Questions 279
Chapter 6. Configuring Snort and Add-Ons 280
Placing Your NIDS 281
Configuring Snort on a Windows System 283
Configuring Snort on a Linux System 297
Demonstrating Effectiveness 310
Summary 311
Solutions Fast Track 312
Frequently Asked Questions 313
Chapter 7. Introducing Wireshark: Network Protocol Analyzer 314
Introduction 315
What is Wireshark? 315
Supporting Programs 327
Using Wireshark in Your Network Architecture 332
Using Wireshark for Network Troubleshooting 334
Using Wireshark for System Administration 337
Securing Ethereal 340
Optimizing Wireshark 341
Advanced Sniffing Techniques 342
Securing Your Network from Sniffers 345
Employing Detection Techniques 347
Summary 349
Solutions Fast Track 349
Frequently Asked Questions 351
Chapter 8. Getting and Installing Wireshark 354
Introduction 355
Getting Wireshark 355
Packet Capture Drivers 357
Installing Wireshark on Windows 363
Installing Wireshark on Linux 364
Installing Wireshark on Mac OSX 366
Installing Wireshark from Source 372
Summary 377
Solutions Fast Track 377
Frequently Asked Questions 379
Chapter 9. Using Wireshark 380
Introduction 381
Getting Started with Wireshark 381
Exploring the Main Window 382
Other Window Components 388
Exploring the Menus 390
View 402
Go 409
Capture 410
Analyze 420
Statistics 430
Help 445
Pop-up Menus 450
Using Command-line Options 454
Summary 456
Solutions Fast Track 456
Frequently Asked Questions 457
Chapter 10. Network Reporting and Troubleshooting with other Tools 460
Introduction 461
Reporting on Bandwidth Usage and Other Metrics 461
Collecting Data for Analysis 462
Understanding SNMP 464
Troubleshooting Network Problems from the Command Line 485
Additional Troubleshooting Tools 489
Summary 491
Solutions Fast Track 492
Frequently Asked Questions 493
Chapter 11. Wireless Monitoring and Intrusion Detection 494
Introduction 495
Designing for Detection 495
Defensive Monitoring Considerations 497
Intrusion Detection Strategies 502
Conducting Vulnerability Assessments 508
Incident Response and Handling 511
Conducting Site Surveys for Rogue Access Points 514
Summary 518
Solutions Fast Track 519
Frequently Asked Questions 520
Index 522

Erscheint lt. Verlag 18.4.2011
Sprache englisch
Themenwelt Sachbuch/Ratgeber
Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
ISBN-10 0-08-055356-7 / 0080553567
ISBN-13 978-0-08-055356-6 / 9780080553566
Haben Sie eine Frage zum Produkt?
PDFPDF (Adobe DRM)
Größe: 89,8 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Andere Ausgabe
Buch | Softcover (2007)
47,35 €
Mehr entdecken
aus dem Bereich
Handbuch Unternehmenssicherheit - Klaus-Rainer Müller
Handbuch Unternehmenssicherheit
Umfassendes Sicherheits-, Kontinuitäts- und Risikomanagement mit …

von Klaus-Rainer Müller

eBook Download (2023)
Springer Fachmedien Wiesbaden (Verlag)
79,99
Modernes IT-Management - Markus Mangiapane; Roman P. Büchler
Modernes IT-Management
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99
auf Facebook teilen
bei Twitter
Link zu dieser Seite kopieren