Master the tools of the network security trade with the official book from SANS Press! You need more than a hammer to build a house, and you need more than one tool to secure your network. Security Essentials Toolkit covers the critical tools that you need to secure your site, showing you why, when, and how to use them. Based on the SANS Institute's renowned Global Information Assurance Certification (GIAC) program, this book takes a workbook-style approach that gives you hands-on experience and teaches you how to install, configure, and run the best security tools of the trade.
Who Should Read This Book. What's in This Book. Conventions Used in This Book.
Introduction to Security Tools. Exercise 1: Configuring Your System.
I. SECURITY OVERVIEW.2. Trojans.
Exercise 1: Trust Relationships. Exercise 2: Trojan Software NetBus. Exercise 3: Trojan Software SubSeven.3. Host-Based Intrusion Detection.
Exercise 1: TCP Wrappers. Exercise 2: xinetd. Exercise 3: Tripwire. Exercise 4: Swatch. Exercise 5: PortSentry. Exercise 6: Auditing Your System.4. Network-Based Intrusion Detection.
Exercise 1: Sniffing with tcpdump. Exercise 2: Nuking a System. Exercise 3: Snort.5. Firewalls.
Exercise 1: Personal Firewalls and ZoneAlarm. Exercise 2: Tiny Firewall. Exercise 3: ipchains.6. Scanning Tools.
Exercise 1: Scanning with Nmap. Exercise 2: Scanning with SuperScan. Exercise 3: Vulnerability Scanning with Nessus. Exercise 4: Legion. Exercise 5: hping2.
II. SECURITY CONCEPTS.7. Understanding Exploits.
Exercise 1: Null Session Exploits. Exercise 2: Extracting Information with DumpSec.8. Security Policy.
Exercise 1: Developing a Security Policy.9. Password Cracking.
Exercise 1: John the Ripper. Exercise 2: L0pht Crack (LC3).10. Forensic Backups.
Exercise 1: Disk Imaging with Ghost. Exercise 2: Forensics with dd.11. Denial of Service and Deception Attacks.
Exercise 1: Denial of Service with TFN2K. Exercise 2: Deception with Fragrouter.12. Web Security.
Exercise 1: Web Security with BlackWidow. Exercise 2: Web Security with WebSleuth. Exercise 3: Finding Web Vulnerabilities with Whisker.
III. NETWORK SECURITY.13. Network Design.
Exercise 1: Cisco ConfigMaker.14. Base Conversions, IP Addressing, and Subnetting.
Exercise 1: Binary Conversion. Exercise 2: Subnetting.15. Network Security Tools.
Exercise 1: Router ACLs. Exercise 2: Scanning Hosts with Ping War. Exercise 3: Analysis with Ethereal.
IV. SECURE COMMUNICATIONS.16. Secure Communications.
Exercise 1: PGP. Exercise 2: Steganography with JPHS. Exercise 3: Steganography with S-Tools.
V. WINDOWS.17. Windows Security.
Exercise 1: Security Configuration and Analysis. Exercise 2: Startup Cop. Exercise 3: Hfnetchk. Exercise 4: MPSA. Exercise 5: How to Baseline and Audit Your System. Exercise 6: Backups. Exercise 7: IIS Lockdown. Exercise 8: Socket80.
VI. UNIX.18. Unix.
Exercise 1: The Unix File System. Exercise 2: Sudo. Exercise 3: Unix Permissions. Exercise 4: Unix Network Commands. Exercise 5: Log Files. Exercise 6: tar.19. Summary.