|
 |
|
 |
 |
Hardening Network Security
|
by John Mallery, Jason Zann, Patrick Kelly, and Wesley Noonan
Sales Rank: 581935
|
$2.21
At Amazon
|
|
Paperback: 608 pages
Publisher: McGraw-Hill Osborne Media; 1 edition January 11, 2005
Language: English
ISBN-10: 0072257032
ISBN-13: 978-0072257038
Product Dimensions:
8.9 x 7.4 x 4.7 inches
Shipping Weight: 2.2 pounds
Book Description
Take a proactive approach to network security by implementing preventive measures against attacks--before they occur. Written by a team of security experts, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan.
Features a four-part hardening methodology: - Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
- Take It From The Top--Systematic approach to hardening your enterprise from the top down
- Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
- How to Succeed--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program
Back Cover Copy
Take a proactive approach to enterprise network security by implementing preventive measures against attacks before they occur. Written by a team of IT security specialists, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Whether you’re working on a Windows, UNIX, wireless, or mixed network, you’ll get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan. With coverage of all major platforms and applications, this book is an essential security tool for on-the-job IT professionals. Features a four-part hardening methodology:
- Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
- Take It From The Top--Systematic approach to hardening your enterprise from the top down, focusing on network, data, and software access, storage, and communications
- Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
- How to Succeed at Hardening Network Security--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program
John Mallery is a Managing Consultant at BKD, LLP, and a veteran security specialist.
Jason Zann, CISSP, is an Information Security Consultant for DST Systems.
Patrick Kelly, CISSP, CCSE, MCSE, MCP+I, is an Information Assurance Engineer for ComGlobal Systems, Inc.
Paul Love, MS Network Security, CISSP, CISM, CISA, is a Security Manager with a large financial institution.
Wesley Noonan, MCSE, CCNA, CCDA, NNCSS, Security+, is a Senior Network Consultant for Collective Technologies, LLC.
Eric S. Seagren, CISSP, ISSAP, SCNP, CCNA, CNE, MCP+I, MCSE, is an IT architect, designing secure, scalable, and redundant networks.
Rob Kraft is the director of software development for KCX, Inc. Mark O’Neil is the CTO of Vordel and principal author of Web Services Security.
Series Editor and author Roberta Bragg, CISSP, MCSE: Security, Security+, writes a column for Redmond Magazine and writes the weekly Security Watch newsletter. She is the author of Hardening Windows Systems and several other information security books.
Customer Reviews & Comments
As a security consultant I am sometimes asked for reference books for new security managers. These individuals need help bringing their enterprise under control. Hardening Network Security is a good book for this sort of problem, although it is important to recognize a few technical errors outlined below. My favorite part of the book is Ch 1 ("Do these seven things before you do anything else"). The seven are (1) change default account settings; (2) use administrator accounts for administrator tasks only; (3) identify unused or unnecessary ports; (4) disable/shut down/remove unused and unnecessary services and daemons; (5) remove rogue connections; (6) set up filters for malicious content; and (7) test backup and restore procedures. Ch 1 was the most helpful section, in my opinion. The author should have mentioned Windows tools from SysInternals, however, and warned that rootkits obscure processes, files, and other information reported by compromised operating systems. Part II gives hardening recommendations for the enterprise. Segmentation, identity management, authentication, Web services, mobile devices, stored data, databases, OS access control, encrypting transport, remote access, wireless, UNIX, IDS and incident response, malware, and "wetware" appear in Part II. Part III discusses operational issues like assessments, change management, patching, and security reviews. Part IV finishes with management politics and "security apathy." A great deal of the material is helpful. Most of the book takes a high-level approach to enterprise security. Some sections (like the Web services chapter) are far too complex for managers; their eyes will cross while reviewing SOAP headers. Some sections have a dated feel, like the mention of standard and extended Cisco ACLs (Ch 2) without discussion of reflexive or other modern ACLs. The same chapter says routers filter at layer 3, ignoring the fact that the extended ACLs just mentioned operate at layer 4 (where TCP and UDP ports appear). Page 54 in Ch 2 says "circuit-level firewalls work at Layer 6, the presentation layer...[and] verify the handshaking process of each connection (SYN,ACK,SYN-ACK)." Ouch, that is wrong on multiple levels. One note on a typo -- in Figure 11.3, Zone 1 and Zone 3 should be interchanged. Ch 6 mentions Bluetooth, but says Bluetooth attacks are "relatively close proximity" problems where "attacks on these types of devices [are] limited to 10 meters." We know this is not true. Ch 14 covers intrusion detection and response, which I reviewed closely. Page 369 makes the following odd statement: "Spanning and mirroring have inherent weaknesses, as they will not forward 100 percent of the traffic to the NIDS port. In addition, the mirrored switch can produce collisions, and the operation of the switch begins to approach the same functionality of a hub." That is a really bizarre claim, especially because the author's "solution" to this problem is worse than a SPAN port. He advocates using taps (on each "resource to monitor", which is expensive), and shows in Figure 14-1 connecting the tap outputs to a hub, where the IDS also listens. That configuration is guaranteed to drop traffic due to collisions; please see my blog for details. There is a lot of good material in Hardening Network Security, so I didn't want to lower my rating for the several serious technical shortcomings I previously identified. Rather, buy the book, cross out the incorrect material listed, and enjoy the rest.
Comment | Permalink |
(Report this)
|
Hardening Network Security
Available from Amazon
Price: $2.21
| |
|
|
|
|
