Protect Your Windows Network: From Perimeter to Data (Paperback) (保護你的Windows網路:從邊界到數據)
Jesper M. Johansson, Steve Riley
- 出版商: Addison Wesley
- 出版日期: 2005-05-30
- 定價: $2,150
- 售價: 6.0 折 $1,290
- 語言: 英文
- 頁數: 608
- 裝訂: Paperback
- ISBN: 0321336437
- ISBN-13: 9780321336439
立即出貨(限量) (庫存=3)
買這商品的人也買了...
-
$480$408 -
$720$569 -
$2,010$1,910 -
$550$435 -
$550$435 -
$680$537 -
$490$382 -
$540$427 -
$650$507 -
$450$383 -
$250$213 -
$680$578 -
$460$391 -
$620$527 -
$480$408 -
$880$748 -
$780$616 -
$580$493 -
$620$490 -
$1,235$1,170 -
$980$980 -
$820$697 -
$550$523 -
$880$695 -
$650$507
相關主題
商品描述
Description:
Acknowledgments.
About the Authors.
Preface.
I. INTRODUCTION AND FUNDAMENTALS.
1. Introduction to Network Protection.
Why Would Someone Attack Me?
Nobody Will Ever Call You to Tell You How Well the Network Is Working
Introduction to the Defense-in-Depth Model
The Defender's Dilemma
Summary
What You Should Do Today
2. Anatomy of a Hack-The Rise and Fall of Your Network.
What a Penetration Test Will Not Tell You
Why You Need To Understand Hacking
Target Network
Network Footprinting
Initial Compromise
Elevating Privileges
Hacking Other Machines
Taking Over the Domain
Post-mortem
How to Get an Attacker Out of Your Network
Summary
What You Should Do Today
3. Rule Number 1: Patch Your Systems.
Patches Are a Fact of Life
Exercise Good Judgment
What Is a Patch?
Patch Management Is Risk Management
Tools to Manage Security Updates
Advanced Tips and Tricks
Slipstreaming
Summary
What You Should Do Today
II. POLICIES, PROCEDURES, AND USER AWARENESS.
4. Developing Security Policies.
Who Owns Developing Security Policy
What a Security Policy Looks Like
Why a Security Policy Is Necessary
Why So Many Security Policies Fail
Analyzing Your Security Needs to Develop _Appropriate Policies
How to Make Users Aware of Security Policies
Procedures to Enforce Policies
Dealing with Breaches of Policy
More Information
Summary
What You Should Do Today
5. Educating Those Pesky Users.
System Administration ? Security Administration
Securing People
The Problem
Protecting People
Plausibility + Dread + Novelty = Compromise
Things You Should Do Today
III. PHYSICAL AND PERIMETER SECURITY: THE FIRST LINE OF DEFENSE.
6. If You Do Not Have Physical Security, You Do Not Have Security.
But First, a Story
It's a Fundamental Law of Computer Security
The Importance of Physical Access Controls
Protecting Client PCs
The Case of the Stolen Laptop
The Family PC
No Security, Physical or Otherwise, Is Completely Foolproof
Things You Should Do Today
7. Protecting Your Perimeter.
The Objectives of Information Security
The Role of the Network
Start with (What's Left of) Your Border
Next, Use the Right Firewall
Then, Consider Your Remote Access Needs
Finally, Start Thinking About "Deperimeterization"
Things You Should Do Today
IV. PROTECTING YOUR NETWORK INSIDE THE PERIMETER.
8. Security Dependencies.
Introduction to Security Dependencies
Administrative Security Dependencies
Service Account Dependencies
Mitigating Service and Administrative Dependencies
Other Security Dependencies
Summary
What You Should Do Today
9. Network Threat Modeling.
Network Threat Modeling Process
Document Your Network
Segment Your Network
Restrict Access to Your Network
Summary
What You Should Do Today
10. Preventing Rogue Access Inside the Network.
The Myth of Network Sniffing
Network Protection at Layers 2 and 3
Using 802.1X for Network Protection
Using IPsec for Network Protection
Network Quarantine Systems
Summary
What You Should Do Today
11. Passwords and Other Authentication Mechanisms-The Last Line of Defense.
Introduction
Password Basics
Password History
What Administrators Need to Know About Passwords
Password Best Practices
Recommended Password Policy
Better Than Best Practices-Multifactor Authentication
Summary
What You Should Do Today
V. PROTECTING HOSTS.
12. Server and Client Hardening.
Security Configuration Myths
On to the Tweaks
Top 10 (or so) Server Security Tweaks
Top 10 (or so) Client Security Tweaks
The Caution List-Changes You Should Not Make
Security Configuration Tools
Summary
What You Should Do Today
VI. PROTECTING APPLICATIONS.
13. Protecting User Applications.
Patch Them!
Make Them Run As a Nonadmin
Turn Off Functionality
Restrict Browser Functionality
Attachment Manager
Spyware
Security Between Chair and Keyboard (SeBCAK)
Summary
What You Should Do Today
14. Protecting Services and Server Applications.
You Need a Healthy Disrespect for Your Computer
Rule 1: All Samples Are Evil
Three Steps to Lowering the Attack Surface
What About Service Accounts?
Privileges Your Services Do Not Need
Hardening SQL Server 2000
Hardening IIS 5.0 and 6.0
Summary
What You Should Do Today
15. Security for Small Businesses.
Protect Your Desktops and Laptops
Protect Your Servers
Protect Your Network
Keep Your Data Safe
Use the Internet Safely
Small Business Security Is No Different, Really
What You Should Do Today
16. Evaluating Application Security.
Caution: More Software May Be Hazardous to Your Network Health
Baseline the System
Things to Watch Out For
Summary
What You Should Do Today
VII. PROTECTING DATA.
17. Data-Protection Mechanisms.
Security Group Review
Access Control Lists
Layers of Access Control
Access Control Best Practices
Rights Management Systems
Incorporating Data Protection into Your Applications
Protected Data: Our Real Goal
What You Should Do Today
Appendix A: How to Get Your Network Hacked in 10 Easy Steps.
Appendix B: Script To Revoke SQL Server PUBLIC Permissions.
Appendix C. HOSTS file to Block Spyware.
Appendix D. Password Generator Tool.
-g (Generate Password Based on Known Input)
-r (Generate Random Password)
-s (Set a Password on an Account and/or Service)
Security Information
Usage Scenarios
Appendix E: 10 Immutable Laws of Security.
Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: -If you allow a bad guy to upload programs to your Web site, it's not your Web site any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy. Law #7: Encrypted data is only as secure as the decryption key.
Law #8: An out-of-date virus scanner is only marginally better than no virus scanner at all.
Law #9: Absolute anonymity isn't practical, in real life or on the Web. Law #10: Technology is not a panacea.
Index.
商品描述(中文翻譯)
描述:
致謝。
關於作者。
前言。
I.
簡介和基礎知識。
1. 網絡保護概述。
為什麼有人會攻擊我?
沒有人會打電話告訴你網絡運作得有多好
防禦深度模型介紹
防守者的困境
總結
今天你應該做什麼
2. 黑客解剖-你的網絡的興衰。
測試渗透不會告訴你的事情
為什麼你需要了解黑客攻擊
目標網絡
網絡足跡
初始入侵
提升權限
黑客攻擊其他機器
掌控域名
事後分析
如何將攻擊者從你的網絡中驅逐出去
總結
今天你應該做什麼
3. 第一原則:修補系統。
修補是生活的一部分
做出明智的判斷
什麼是修補程式?
修補管理是風險管理
管理安全更新的工具
高級技巧和技巧
Slipstreaming
總結