140 likes | 291 Views
Guide To TCP/IP, Second Edition. Chapter 9 Securing TCP/IP Environments. Understanding the Basics of Proxy Servers. Between both outgoing and incoming service requests Prevent external users from direct access to internal resources Operate at the Application layer Caching.
E N D
Guide To TCP/IP, Second Edition Chapter 9 Securing TCP/IP Environments Guide to TCP/IP, Second Edition
Understanding the Basics of Proxy Servers • Between both outgoing and incoming service requests • Prevent external users from direct access to internal resources • Operate at the Application layer • Caching Guide to TCP/IP, Second Edition
Implementing Firewalls and Proxy Servers • Planning and implementing, step by step • Security policies operate somewhere between the two extremes of “anything goes” (totally optimistic) and “no connection” (totally pessimistic) • 1) Plan • 2) Establish equipment • 3) Install • 4) Configure Guide to TCP/IP, Second Edition
Implementing Firewalls and Proxy Servers (cont.) • Planning and implementing, step by step (cont.) • 5) Test • 6) Attack • 7) Tune • Repeat the test-attack-tune cycle (Steps 5-7) • 8) Implement • 9) Monitor and Maintain Guide to TCP/IP, Second Edition
Implementing Firewalls and Proxy Servers (cont.) • Don’t ever work straight out of the box with a firewall or proxy server without checking for additional changes, updates, patches, fixes, and workarounds Guide to TCP/IP, Second Edition
Understanding the Test-Attack-Tune Cycle • Harden the firewall or proxy server • Document the configuration • Do not disabled functionality that applications and services use to work properly • Battery of attack tools to test the network at • Network Associates • GNU NetTools • A port mapper such as AnalogX PortMapper or nmap • Internet Security System’s various security scanners Guide to TCP/IP, Second Edition
Understanding the Role of IDS in IP Security • Automate recognizing and responding to potential attacks and other suspicious forms of network traffic • Recognize intrusion attempts in real time Guide to TCP/IP, Second Edition
Updating Anti-Virus Engines and Virus Lists • Update anti-virus engine software and virus definitions on a regular basis • Automatic update facilities • Transparently and automatically check • E-mail attachments • Inbound file transfers • Floppy disks and other media • Other potential sources of infection Guide to TCP/IP, Second Edition
The Security Update Process • Security update process involves four steps • Evaluate the vulnerability • Retrieve the update • Test the update • Deploy the update Guide to TCP/IP, Second Edition
Understanding Security Policies And Recovery Plans • A security policy is a document that • Reflects an organization’s understanding of what information assets and other resources need protection • How they are to be protected • How they must be maintained under normal operating circumstances • Restored in the face of compromise or loss Guide to TCP/IP, Second Edition
Understanding Security Policies And Recovery Plans (cont.) • Components of a good security policy • An access policy document • An accountability policy document • A privacy policy document • A violations reporting policy document • An authentication policy document • An information technology system and network maintenance policy document Guide to TCP/IP, Second Edition
Understanding Security Policies And Recovery Plans (cont.) • Additional information about security policies and related documents • System and Administration, Networking, and Security (SANS) Institute • Department of Defense funds the Software Engineering Institute (SEI) at Carnegie-Mellon University • Murdoch University’s Office of Information Technology Services Guide to TCP/IP, Second Edition
Windows XP And 2003: Another Generation Of Network Security • Numerous security enhancements and improvements • Kerberos version5 • Public Key Infrastructure (PKI) • Directory Service Account Management • CryptoAPI • Encrypting File System (EFS) • Secure Channel Security protocols (SSL 3.0/PCT) • Transport Layer Security (TLS) protocol Guide to TCP/IP, Second Edition
Windows XP And 2003: Another Generation Of Network Security (cont.) • Numerous security enhancements and improvements (cont.) • Internet Security Framework • Network Access Control • Blank Password Restriction • Internet Connection Firewall • Internet Connection Sharing • Default Lock-Down Guide to TCP/IP, Second Edition