Preface; 1. Threat Modeling and Risk Management Components of Risk Simple Risk Analysis: ALEs An Alternative: Attack Trees Defenses Conclusion Resources; 2. Designing Perimeter Networks Some Terminology Types of Firewall and DMZ Architectures Deciding What Should Reside on the DMZ Allocating Resources in the DMZ The Firewall; 3. Hardening Linux OS Hardening Principles Automated Hardening with Bastille Linux; 4. Secure Remote Administration Why It's Time to Retire Clear-Text Admin Tools Secure Shell Background and Basic Use ...
Read More
Preface; 1. Threat Modeling and Risk Management Components of Risk Simple Risk Analysis: ALEs An Alternative: Attack Trees Defenses Conclusion Resources; 2. Designing Perimeter Networks Some Terminology Types of Firewall and DMZ Architectures Deciding What Should Reside on the DMZ Allocating Resources in the DMZ The Firewall; 3. Hardening Linux OS Hardening Principles Automated Hardening with Bastille Linux; 4. Secure Remote Administration Why It's Time to Retire Clear-Text Admin Tools Secure Shell Background and Basic Use Intermediate and Advanced SSH Other Handy Tools; 5. Tunneling Stunnel and OpenSSL: Concepts; 6. Securing Domain Name Services (DNS) DNS Basics DNS Security Principles Selecting a DNS Software Package Securing BIND djbdns Resources; 7. Securing Internet Email Background: MTA and SMTP Security Using SMTP Commands to Troubleshoot and Test SMTP Servers Securing Your MTA Sendmail Postfix Resources; 8. Securing Web Services Web Server Security Build Time: Installing Apache Setup Time: Configuring Apache Runtime: Securing CGI Scripts Special Topics Other Servers and Web Security; 9. Securing File Services FTP Security Other File-Sharing Methods Resources; 10. System Log Management and Monitoring syslog Syslog-ng Testing System Logging with logger Managing System-Log Files Using Swatch for Automated Log Monitoring Resources; 11. Simple Intrusion Detection Techniques Principles of Intrusion Detection Systems Using Tripwire Other Integrity Checkers Snort Resources; Appendix: Two Complete Iptables Startup Scripts Index
Read Less