Multimedia Protocols Packet filtering characteristics of T. Proxying characteristics of T. Network address translation characteristics of T. Packet filtering characteristics of H.
Proxying characteristics of H. Network address translation characteristics of H. Summary of recommendations for T. NetMeeting Packet Filtering Characteristics of NetMeeting Proxying Characteristics of NetMeeting Summary of Recommendations for NetMeeting Summary of Recommendations for Multicast Naming and Directory Services Proxying Characteristics of DNS DNS Data DNS Security Problems Bogus answers to DNS queries Malicious DNS queries Dynamic update Revealing too much information to attackers Set up a real DNS server on an internal system for internal hosts to use Internal DNS clients query the internal server Bastion DNS clients also query the internal server What your packet filtering system needs to allow Windows and DNS Summary of Recommendations for DNS Summary of Recommendations for NIS Name Resolution Under Windows General principles of NetBT operations Name registration Name refresh Name resolution Name release Conflict management The Windows Browser Domains and Workgroups Windows Browser Roles Domain master browser Master browser Backup browsers Potential browsers Browseable server Browser client Browser Elections Security Implications of the Windows Browser Packet Filtering Characteristics of the Windows Browser Proxying Characteristics of the Windows Browser Summary of Recommendations for the Windows Browser LDAPS Active Directory Information Lookup Services Packet filtering characteristics of finger Proxying characteristics of finger Network address translation characteristics of finger Summary of recommendations for finger Packet filtering characteristics of whois Proxying characteristics of whois Network address translation characteristics of whois Summary of recommendations for whois Authentication and Auditing Services What Is Authentication?
Something You Are Something You Know Something You Have Passwords Authentication Mechanisms One-Time Password Software One-Time Password Hardware Modular Authentication for Unix Problems with the authentication server Kerberos How It Works Extending Trust Packet Filtering Characteristics of Kerberos Summary of Recommendations for Kerberos NTLM Domains Finding a Domain Controller The Logon Process Secure Channel Setup SMB Authentication Accessing Other Computers Alternate Authentication Methods Controller-to-Controller Communication The User Manager Auth and identd Packet Filtering Characteristics of Auth Proxying Characteristics of Auth Network Address Translation Characteristics of Auth Summary of Recommendations for Auth Administrative Services System Management Protocols Packet filtering characteristics of syslog Proxying characteristics of syslog Network address translation and syslog Summary of recommendations for syslog SNMP version 3 Packet filtering characteristics of SNMP Proxying characteristics of SNMP Network address translation and SNMP Performance Monitor and Network Monitor Summary Recommendations for System Management Routing Protocols Packet filtering characteristics of RIP Packet filtering characteristics of OSPF Packet filtering characteristics of IGMP Packet filtering characteristics of router discovery Proxying Characteristics of Routing Protocols Summary of Recommendations for Routing Protocols Protocols for Booting and Boot-Time Configuration Packet filtering characteristics of ping Proxying characteristics of ping Network address translation and ping Packet filtering characteristics of traceroute Proxying characteristics of traceroute Network address translation and traceroute Packet filtering characteristics of ICMP Proxying Characteristics of NTP Summary of Recommendations for NTP File Synchronization Packet filtering characteristics of rsync Proxying characteristics of rsync Network address translation characteristics of rsync Windows NT Directory Replication Summary of Recommendations for File Synchronization Mostly Harmless Protocols Proxying Characteristics of Mostly Harmless Protocols Summary Recommendations for Mostly Harmless Protocols Databases and Games Databases Locating Database Servers Putting both the web server and the database on the perimeter network Putting both the web server and the database on the internal network Using a custom protocol to connect to a perimeter web server Sybase Packet filtering characteristics of Sybase Proxying characteristics of Sybase Network address translation characteristics of Sybase Summary of recommendations for Sybase Microsoft SQL Server Games Quake Summary of Recommendations for Games Two Sample Firewalls Screened Subnet Architecture Service Configuration SMTP Telnet SSH FTP NNTP DNS Packet Filtering Rules Interior router Exterior router Other Configuration Work Analysis Least privilege Defense in depth Choke point Weakest link Fail-safe stance Universal participation Diversity of defense Simplicity Conclusions Conclusions IV.
Keeping Your Site Secure Security Policies Your Security Policy What Should a Security Policy Contain? Explanations Regular language Enforcement authority Provision for exceptions Provision for reviews Discussion of specific security issues Technical details Putting Together a Security Policy What Is Your Security Policy? Getting Strategic and Policy Decisions Made Enlist Allies Avoid Surprises Condense to Important Decisions, with Implications Maintaining Firewalls Housekeeping Backing Up Your Firewall Managing Your Accounts Managing Your Disk Space Monitoring Your System Special-Purpose Monitoring Devices Intrusion Detection Systems What Should You Watch For?
The Good, the Bad, and the Ugly Responding to Probes Responding to Attacks Keeping up to Date Keeping Yourself up to Date Mailing lists Newsgroups Web sites Professional forums Keeping Your Systems up to Date How Long Does It Take?
When Should You Start Over? Responding to Security Incidents Responding to an Incident Evaluate the Situation Start Documenting Disconnect or Shut Down, as Appropriate Analyze and Respond Your own organization Vendors and service providers Other sites Snapshot the System Restore and Recover Document the Incident What to Do After an Incident Pursuing and Capturing the Intruder Planning Your Response Planning for Detection Planning for Evaluation of the Incident Planning for Disconnecting or Shutting Down Machines Planning for Snapshots Planning for Restoration and Recovery Planning for Documentation Periodic Review of Plans Being Prepared Backing Up Your Filesystems Labeling and Diagramming Your System Keeping Secured Checksums Keeping Activity Logs Keeping a Cache of Tools and Supplies Testing the Reload of the Operating System Doing Drills V.
Appendixes A. Resources A. Web Pages A. Telstra A. The Linux Documentation Project A. The Linux Router Project A. FTP Sites A. Mailing Lists A. Firewalls A. Firewall Wizards A. BugTraq A. NTBugTraq A. Newsgroups A. Response Teams A.
Other Organizations A. Conferences A. Papers A. Books B. Tools B. Authentication Tools B. Kerberos B. Analysis Tools B. COPS B. Tiger B. Tripwire B. Packet Filtering Tools B. Proxy Systems Tools B. Daemons B. GateD B. Zebra B. Postfix B. Samba B. BO2K B. Utilities B. TCP Wrapper B. MRTG B. NetCat B. NetSaint B. PGP B.
AntiSniff B. Cryptography C. What Are You Protecting and Why? Key Components of Cryptographic Systems C. Encryption C. Conceptually valid with some transcendent security principles, but practically obsolete due to how rapid technology changes.
Baca sikit jer, banyak sangat. Mar 29, Michael Brady rated it liked it. From the days when at least the concepts were still accessible to the non-technical professional. I was pleased to know the authors back in the SGI days. Brad rated it really liked it May 22, Paul rated it it was amazing Sep 30, Sue Chant rated it really liked it May 28, Mark Fletcher rated it really liked it Jun 23, Netways rated it really liked it Nov 10, Aaron rated it it was ok Sep 10, Chris rated it it was amazing Jan 12, Justin Scott rated it liked it Jan 11, Worthy rated it really liked it Nov 23, Steve Urciuoli rated it it was amazing Sep 05, Ian rated it it was amazing May 15, Jeremy rated it liked it Mar 22, Samuel Penn rated it really liked it Apr 29, Vasiliy -- rated it really liked it Aug 12, Brian Smith rated it really liked it Dec 23, Scrybe rated it it was amazing Jul 29, Darian Sparks rated it really liked it Apr 02, Steven Maestas rated it it was amazing Jun 06, Sachin rated it really liked it Dec 04, Mark Gibson rated it liked it Mar 25, Tim rated it liked it Jul 14, Peter Baker rated it did not like it Nov 01, Bjstaab rated it liked it May 27, Posthums rated it really liked it Feb 27, There are no discussion topics on this book yet.
Be the first to start one ». The firewall is the traffic cop for these services. The firewall will keep potentially dangerous services strictly inside the firewall. Another site might decide that only one internal system can communicate with the outside world. Still another site might decide to allow access from all systems of a certain type, or belonging to a certain group.
The variations in site security policies are endless. A firewall may be called upon to help enforce more complicated policies. For example, perhaps only certain systems within the firewall are allowed to transfer files to and from the Internet; by using other mechanisms to control which users have access to those systems, you can control which users have these capabilities.
Depending on the technologies you choose to implement your firewall, a firewall may have a greater or lesser ability to enforce such policies. Because all traffic passes through the firewall, the firewall provides a good place to collect information about system and network use — and misuse. As a single point of access, the firewall can record what occurs between the protected network and the external network.
By doing this, you keep problems that impact one section from spreading through the entire network. Whatever the reason, the existence of the firewall limits the damage that a network security problem can do to the overall network.
Certain threats are outside the control of the firewall. You need to figure out other ways to protect against these threats by incorporating physical security, host security, and user education into your overall security plan.
Some of the weaknesses of firewalls are discussed in the sections that follow. A firewall might keep a system user from being able to send proprietary information out of an organization over a network connection; so would simply not having a network connection. But that same user could copy the data onto disk, tape, or paper and carry it out of the building in his or her briefcase.
If the attacker is already inside the firewall — if the fox is inside the henhouse — a firewall can do virtually nothing for you. Inside users can steal data, damage hardware and software, and subtly modify programs without ever coming near the firewall. Insider threats require internal security measures, such as host security and user education. Such topics are beyond the scope of this book. For example, what if the site allows dial-in access to internal systems behind the firewall?
The firewall has absolutely no way of preventing an intruder from getting in through such a modem. The firewall can do nothing about this. A firewall is designed to protect against known threats. A well-designed one may also protect against some new threats. For example, by denying any but a few trusted services, a firewall will prevent people from setting up new and insecure services. However, no firewall can automatically defend against every new threat that arises. See Chapter 26 for advice on keeping your firewall up to date.
Detecting a virus in a random packet of data passing through a firewall is very difficult; it requires:. Even the first of these is a challenge. Most firewalls are protecting machines of multiple types with different executable formats.
A program may be a compiled executable or a script e. Furthermore, most programs are packaged for transport and are often compressed as well. For all of these reasons, users may end up bringing viruses behind the firewall, no matter how secure that firewall is.
Whatever you do to address those threats will also address the problem of software transferred through the firewall. The most practical way to address the virus problem is through host-based virus protection software, and user education concerning the dangers of viruses and precautions to take against them. Virus filtering on the firewall may be a useful adjunct to this sort of precaution, but it will never completely solve the problem.
Every firewall needs some amount of configuration. Correct configuration is absolutely essential. A misconfigured firewall may be providing only the illusion of security. But you know better than to use it on network security, where the warning stickers and the flashing red light are going to be invisible. A firewall is not a magical protective device that will fix your network security problems no matter what you do with it, and treating it as if it is such a device will merely increase your risk.
Firewalls interfere with the way the Internet is supposed to work, introducing all sorts of problems, annoying users, and slowing down the introduction of new Internet services. Firewalls interrupt that end-to-end communication in a variety of ways.
Most of the problems that are introduced are the same sorts of problems that are introduced by any security measure. For instance, broadcasting audio and video over the Internet is much easier if you can use multiple simultaneous connections, and if you can get quite precise information about the capabilities of the destination host and the links between you and it.
However, firewalls have difficulty managing the connections, they intentionally conceal some information about the destination host, and they unintentionally destroy other information. The need for security is unavoidable in our world, and it limits what we can do, in annoying ways.
The development of the Internet has not changed human nature. At sites with really good firewalls, these things occur by avoiding the firewalls. Protecting individual hosts works for some sites and will help the firewall almost anywhere; detecting and dealing with attacks via network monitoring, once again, will work for some problems and will help a firewall almost anywhere.
Firewalls are no exception to this rule. Initially, if a site wanted a firewall, they had little choice but to design and build it themselves perhaps with their own staff, or perhaps by hiring a consultant or contractor. Over the years, however, more and more commercial firewall offerings have reached the market. These products continue to grow in number and functionality at an astounding rate, and many sites may find that one of these products suits their needs.
Most sites find that commercial products are at least a valuable component of their firewall solution. In deciding whether or not a particular commercial firewall product will meet your needs, you have to understand what your needs are.
Many sites spend as much or more effort evaluating commercial firewall products as they would building their own firewall. Sites with money to spend but little staff time or expertise available often find buying an attractive solution, while sites with expertise and time but little money often find building more attractive.
Just what expertise do you need to design and build your own firewall? To install most of the tools described in this book, you need basic Internet skills to obtain the tools, and basic system administration skills to configure, compile, and install them. We feel that the advantages outweigh the disadvantages. In practice, vendors come and go, but the community endures.
The packages we discuss in this book are widely used; many of the largest sites on the Internet base their firewalls on them. These packages reflect years of real-life experience with the Internet and its risks. A number of terms are used for various kinds of software that you may or may not be able to use without paying money to anybody:. In practice, you cannot be sure that it means anything at all, although it strongly implies that you will be able to use the software without paying for it but not necessarily resell it in any form.
Although this term is often carelessly used, it has a specific legal meaning and refers to software that is free of copyright restrictions and may be used in any way whatsoever without the permission of the author. Software is public domain only if it is clearly marked as such; software that contains a copyright notice or use restrictions is not public domain. You may copy public domain software without paying for it, but because there are no use restrictions, nothing keeps people from charging you money for it anyway.
Open source software is software that you can get the source code for without a fee. In most cases, you may also use it, at least for some purposes, without paying, although licensing restrictions will usually prevent you from selling it to anybody else.
While there are real advantages to having code available, auditing code is difficult, and few people can do an adequate job on a package of any significant size. Commercial software has its own advantages; when you buy software you have a legal contract with somebody, which may give you some recourse if things go wrong. Frequently, people argue that open source software is more risky than commercial software because attackers have access to the source code.
In practice, the attackers have access to all the source code they need, including commercial source code. Truly excellent products with great support appear in both categories, as do poorly thought out products with no support. Building a firewall requires at least one Internet-aware server and often more than one. Until relatively recently, the only popular platform that provided the necessary services was Unix. These days, Windows NT also has the necessary characteristics; it provides a security-aware and network-aware multi-user operating system and is widely used.
Many people argue violently about which is better, Unix or Windows NT, in every domain. These arguments are particularly vociferous when it comes to firewalls, where Unix people tend to say that Windows NT machines are simply unsuited to building firewalls, and Windows NT people say that this is pure prejudice.
The truth, as always, is somewhere between the two camps. A properly configured Windows NT machine is a reasonable machine for building a firewall. On the other hand, Windows NT machines are genuinely more difficult to configure properly for firewalls, for two reasons. In these designs, the router can offer some protection to Windows NT machines. The second difficulty in securing Windows NT is more fundamental.
Windows NT is designed to be opaque; things are supposed to just work without administrators knowing how they work. This simplifies the process of setting up a machine, as long as you want to set it up to do something expected. Your average Windows NT machine looks less complex than your average Unix machine but actually supports many more protocols.
Go to your local bookstore and look at the shelves of books for Windows NT compared to the shelves of books for Unix. Some of the difference is in popularity; some of the difference has to do with the economics of certification; but a lot of the difference is that Windows NT is just more complicated than Unix, and in security, complexity is bad.
Windows NT really is extremely complicated and difficult to understand, and in a security context, you do need to understand it. Trusting vendors to provide a secure solution is not going to be satisfactory for a site of any significant size.
A firewall is not a good place to learn a new operating system. Even commercial firewalls require some basic competency with the operating system they run on, in order to secure the base operating system and manage the software.
You can survive the experience and come out of it with your security intact, and you might as well do it with as much grace as possible. Expect it to be difficult and confusing, and keep an open mind. Skip to main content.
Zwicky, Simon Cooper, D. Brent Chapman. Start your free trial. Chapter 1. Why Internet Firewalls? What Are You Trying to Protect? Your data: the information you keep on the computers Your resources: the computers themselves Your reputation. Your Data. Secrecy You might not want other people to know it. Availability You almost certainly want to be able to use it yourself. Your Resources. Your Reputation. Types of Attacks. Denial of service.
Information theft. Types of Attackers. Spies industrial and otherwise. Stupidity and Accidents. Theoretical Attacks. Who Do You Trust? No Security. Security Through Obscurity. Host Security. Network Security. What Is an Internet Firewall? It restricts people to entering at a carefully controlled point.
It prevents attackers from getting close to your other defenses. It restricts people to leaving at a carefully controlled point. Figure 1.
0コメント