firewalls for dummies, 2nd ed.

433 1.1K 0
firewalls for dummies, 2nd ed.

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

Thông tin tài liệu

[...]... firewall serves and the basics of configuring a firewall 2 Firewalls For Dummies, 2nd Edition About This Book We try to provide you with a book that can act as a reference guide for firewalls We don’t expect you to read the book from cover to cover but to look at specific topics that meet your needs Twenty chapters and an appendix cover all topics of firewalls and their implementation Just turn to the chapter... out about firewalls Sidebars and extra information included in the book provide additional information that can help you, but you don’t need to read them to use firewalls This additional information is marked with the Technical Stuff icon However, if you want that extra technical information, you now know where to find it! Foolish Assumptions When we sat down to come up with the outline for this book,... process of determining what protocols to allow in and out of your network If you don’t have guidelines for securing your network, coming up with a configuration for your firewall is almost impossible! 3 4 Firewalls For Dummies, 2nd Edition Part III: Designing Network Configurations Put on your helmets for a trip to the world of Demilitarized Zones (the computer kind, not the combat kind) Part III puts... Policy 118 Setting a Security policy 118 Chapter 7: Establishing Rules for Simple Protocols 121 For Starters, Some Default Rules .123 Allowing Web Access 123 Configuring inbound firewall rules 125 Configuring outbound firewall rules .126 xi xii Firewalls For Dummies, 2nd Edition Finding Internet Resources 126 Providing name resolution to Internet-based... Sharing: NAT for Dummies 218 Windows NT 4.0 221 Packet filtering 222 PPTP server 223 Windows 2000 224 Packet filtering 224 Network Address Translation (NAT) .227 L2TP and IPSec 229 Windows XP 230 Internet Connection Firewall (ICF) 231 Windows Server 2003 232 xiii xiv Firewalls For Dummies, 2nd Edition... of Contents, find a topic that interests you, and go to that chapter If you’re looking for configuration details for specific firewalls, jump to Part IV where we provide detailed steps on how to install and configure popular firewall products used today If you’re just looking for tips on how to configure a firewall for specific protocols, Parts II and III look at simple and advanced protocol rules in... memorize a topic related to firewalls Tips provide you with inside information on how to quickly configure a rule or get past a common hurdle when designing firewalls Where to Go from Here You have the book in your hand, and you’re ready to get started Feel free to turn to any topic in the book that interests you! Look in the Table of Contents for the topic that drew your interest to firewalls If you’re not... to firewalls If you’re not curious about any specific topic but just want an overview, turn the page and start with Part I Either way, enjoy yourself and let us help you learn about firewalls! 5 6 Firewalls For Dummies, 2nd Edition Part I Introducing Firewall Basics F In this part irewalls — who needs ’em? Well it turns out, most of us do If you or your company is connected to the Internet, you may... nowhere to be found; for them the problem had been solved — the virus was gone For everyone else the problem had just started ߜ Hijacked computer: Imagine that someone broke into your computer and used it for his own purposes If your computer is not used much anyway, this may not seem like a big deal However, now imagine that the intruder uses your computer for illegitimate purposes For example, a hacker... computer to another using TCP/IP includes information on what IP address the data comes from and what IP address it is being sent to TCP/IP defines the methods that computers connected to the Internet use to transmit information This includes dividing this information in small manageable chunks called packets Each packet contains header information and data Most firewalls examine the packet header to determine

Ngày đăng: 25/03/2014, 11:15

Từ khóa liên quan

Mục lục

  • Firewalls FOR DUMmIES

    • Firewalls FOR DUMmIES

      • Copyright

      • About the Authors

      • Dedication

      • Author¡¯s Acknowledgments

      • Contents at a Glance

      • Table of Contents

    • Introduction

      • About This Book

      • How to Use This Book

      • What You Don¡¯t Need to Read

      • Foolish Assumptions

      • How This Book Is Organized

        • Part I: Introducing Firewall Basics

        • Part II: Establishing Rules

        • Part III: Designing Network Configurations

        • Part IV: Deploying Solutions Using Firewall Products

        • Part V: The Part of Tens

      • Icons Used in This Book

      • Where to Go from Here

    • Part I: Introducing Firewall Basics

      • Chapter 1: Why Do You Need a Firewall?

        • Defining a Firewall

        • The Value of Your Network

        • Get Yourself Connected

          • Modem dial- up connections

          • ISDN connections

          • DSL connections

          • Cable modems

          • T1 and T3

          • Address types

          • The need for speed and security

        • TCP/ IP Basics

        • What Firewalls Do

        • What Firewalls Look Like

          • A firewall that fits

          • Network router

          • Appliance

          • Software- only firewalls

          • All- in- one tools

        • Rules, Rules, Everywhere Rules

      • Chapter 2: IP Addressing and Other TCP/IP Basics

        • How Suite It Is: The TCP/IP Suite of Protocols

          • Sizing up the competition

          • Networking for the Cold War:A very short history of TCP/ IP

        • Peeling Away the Protocol Layers

        • The Numbers Game: Address Basics

        • URLs: How to Reference Resources

        • Understanding IP Addresses

          • 1 and 1 is 10

          • What IP addresses mean

        • Private IP Addresses

        • Dissecting Network Traffic: The Anatomy of an IP Packet

          • Source address

          • Destination address

          • Transport layer protocol

          • Other stuff

          • The other Internet layer protocol: ICMP

        • Transport Layer Protocols

          • Staying connected: UDP and TCP

          • Ports are not only for sailors

          • Some ports are well known

        • Application Layer Protocols

          • HTTP

          • SMTP

          • POP3

          • DNS

          • Telnet

          • Complex protocols

          • FTP

          • Future protocols

        • The Keeper of the Protocols

        • Putting It All Together: How a Request Is Processed

      • Chapter 3: Understanding Firewall Basics

        • What Firewalls Do ( And Where’s the Fire, Anyway?)

          • Basic functions of a firewall

          • What a firewall can¡¯t do

        • General Strategy: Allow- All or Deny- All

        • Packet Filtering

          • Filtering IP data

          • Stateful packet filtering

        • Network Address Translation ( NAT)

          • Security aspects of NAT

          • Consequences of NAT

        • Application Proxy

        • Monitoring and Logging

      • Chapter 4: Understanding Firewall Not-So-Basics

        • Making Internal Servers Available:Static Address Mapping

          • Static IP address assignment

          • Static inbound translation

        • Filtering Content and More

        • Detecting Intrusion

          • Detecting an intrusion in progress

          • Responding to an intrusion

          • Reacting to a security incident

        • Improving Performance by Caching and Load Balancing

          • Caching Web results

          • United we stand, dividing the load

        • Using Encryption to Prevent Modification or Inspection

          • Encryption and firewalls

          • Who are you: Authentication protocols

          • The S in HTTPS

          • IP and security: IPSec

          • Virtual Private Networks ( VPNs)

      • Chapter 5: “The Key Is under the Mat” and Other Common Attacks

        • Intrusion Attacks: A Stranger in the House

        • Denial- of- service Attacks

          • When everyone is out to get you:Distributed DoS attacks

        • How Hackers Get In

          • The key is under the mat: Insecure passwords

          • Default configurations

          • Bugs

          • Back doors

          • It’s a zoo: Viruses, worms, and Trojan horses

          • Who are you? Man- in- the- middle attacks

          • Impersonation

          • Eavesdropping

          • Inside jobs

          • Other techniques

        • Can a Firewall Really Protect Me?

        • Are You Scared Yet?

    • Part II: Establishing Rules

      • Chapter 6: Developing Policies

        • Defining an Internet Acceptable Use Policy

        • Defining a Security Policy

          • Setting a Security policy

      • Chapter 7: Establishing Rules for Simple Protocols

        • For Starters, Some Default Rules

        • Allowing Web Access

          • Configuring inbound firewall rules

          • Configuring outbound firewall rules

        • Finding Internet Resources

          • Providing name resolution to Internet- based clients

          • Providing Internet name resolution to internal clients

        • File Transfer Protocol ( FTP)

        • Messaging and Conferencing

          • America Online ( AOL) Messaging

          • MSN Messenger and Windows Messenger

          • NetMeeting

        • Thin Client Solutions

          • Citrix Metaframe

          • Windows Terminal Services

        • Internet Control Message Protocol( ICMP)

      • Chapter 8: Designing Advanced Protocol Rules

        • Rain, Sleet, Snow, and Firewalls:Getting the E- Mail Through

          • Answering the right questions

          • Allowing access to external mail services

          • Allowing access to internal mail services

        • Knock, Knock: Who Goes There?

          • RADIUS functionality

          • Configuring inbound RADIUS firewall rules

        • IPSec Encryption

          • When does IPSec fail?

          • What will the future bring?

          • Configuring a firewall to pass IPSec data

        • Let Me In: Tunneling through the Internet

          • Selecting a tunneling protocol

          • Using PPTP firewall rules

          • Using L2TP/ IPSec firewall rules

      • Chapter 9: Configuring “Employees Only” and Other Specific Rules

        • Limiting Access by Users:Not All Are Chosen

        • Filtering Types of Content

        • Filtering Other Content

          • Preventing access to known ¡° bad¡± sites

          • Implementing Content Rating

        • Setting the Clock: Filtering on Date/ Time

    • Part III: Designing Network Configurations

      • Chapter 10: Setting Up Firewalls for SOHO or Personal Use

        • No- Box Solution: ISP Firewall Service

        • Single- Box Solution: Dual- Homed Firewall

        • Screened Host

          • Bypassing the screened host

        • Deployment Scenario

          • Allowing internal network users to access the Internet

      • Chapter 11: Creating Demilitarized Zones with a Single Firewall

        • Looking at the Demilitarized Zone:No- Man’s Land

        • Examining Typical DMZ Configurations

        • Designing Three- Pronged Firewalls

          • Pros and cons

          • Addressing decisions

        • Deploying a Three- Pronged Firewall

          • Deploying a tunnel solution using PPTP

          • Deploying a tunnel solution using L2TP

          • Deploying a Web server with a SQL back end

        • Building a Case for Multi- Pronged Firewalls

      • Chapter 12: Designing Demilitarized Zones with Multiple Firewalls

        • When Two Firewalls Are Better than One

        • DMZs with Two Firewalls

          • Deploying a tunnel solution using PPTP

          • Deploying a tunnel solution using L2TP

          • Deploying a Web server with a SQL back end

          • Allowing private network users to access the Internet

    • Part IV: Deploying Solutions Using Firewall Products

      • Chapter 13: Using Windows as a Firewall

        • Firewall Functions in Windows

        • Windows 98 and Windows Me

          • File and printer sharing

          • PPTP client

          • Internet Connection Sharing:NAT for Dummies

        • Windows NT 4.0

          • Packet filtering

          • PPTP server

        • Windows 2000

          • Packet filtering

          • Network Address Translation ( NAT)

          • L2TP and IPSec

        • Windows XP

          • Internet Connection Firewall ( ICF)

        • Windows Server 2003

      • Chapter 14: Configuring Linux as a Firewall

        • Making Installation Choices

        • Introducing iptables

        • Using iptables Commands

          • iptables commands

          • iptables targets

          • Order matters

          • iptables options and conditions

          • Putting it all together: Building a simple Linux firewall

          • Masquerading and NAT

        • Simplifying Things: Firewall GUIs

        • Adding Proxy Functionality

          • Put your SOCKS on

          • Squid anyone?

      • Chapter 15: Configuring Personal Firewalls: ZoneAlarm, BlackICE, and Norton Personal Firewall

        • Home Computers at Risk

          • Home computers have changed

          • Hackers have changed

          • You have changed

        • Features of Personal Firewalls

          • Enterprise firewalls versus personal firewalls

        • How to Be Safe on the Internet

        • Personal Firewall: ZoneAlarm

          • ZoneAlarm features

          • ZoneAlarm user interface

          • ZoneAlarm installation

          • ZoneAlarm configuration tasks

        • Personal Firewall: BlackICE

          • BlackICE features

          • BlackICE user interface

          • BlackICE installation

          • BlackICE configuration tasks

        • Norton Personal Firewall

          • Norton Personal Firewall features

          • Norton Personal Firewall interface

          • Norton Personal Firewall installation

          • Norton Personal Firewall configuration tasks

      • Chapter 16: Microsoft’s Firewall: Internet Security and Acceleration Server

        • Making Internet Access Faster and More Secure

        • Looking under the Hood: How ISA Works

        • Choosing between the Two Editions

        • Preparing for Installation

        • Installing ISA Server

          • Gathering information

          • Connecting by telephone

        • Examining the Three Clients

          • SecureNAT client

          • Firewall Client

          • Web proxy client

          • The best client for you

        • Following the Rules: The Two Types

          • Putting the two types together

          • Creating a protocol rule

        • Letting the Good Guys In

          • Publishing a Web server

          • Publishing a non- Web server

        • Creating Packet Filters

        • Designing Your Network with ISA Server

          • A simple network

          • A network with a three- pronged DMZ

          • A network with a back- to- back DMZ

        • Taking the Next Step

      • Chapter 17: The Champ: Check Point FireWall-1 Next Generation

        • FireWall- 1 Features

          • Access control

          • Tracking access: advanced logging,reporting, and alerting

          • Protection against commonly used attacks

          • Content security

          • Intrusion detection

          • Network Address Translation ( NAT)

          • VPN- 1

          • Performance

        • FireWall- 1 Components

          • Standalone deployments

          • Client/ Server deployment

        • FireWall- 1 Next Generation Installation

          • Installing and Configuring FireWall- 1 NG

        • FireWall- 1 NG Configuration Tasks

          • Starting the SmartDashboard client

          • Defining a computer object

          • Defining a firewall object

          • Defining a network segment

          • Creating a user account

          • Creating a group account

          • Defining a rule base

          • Installing the Security policy

      • Chapter 18: Choosing a Firewall That Meets Your Needs

        • How Do You Decide?

        • What to Compare?

        • What Are Some of the Choices?

    • Part V: The Part of Tens

      • Chapter 19: Ten Tools You Can’t Do Without

        • Sam Spade

        • Nmap

        • Netstat

        • TCPView

        • TDIMon

        • FPort

        • Snort

        • Internet Scanner

        • Nessus

        • Network Monitor

        • Ethereal

        • NetCat

      • Chapter 20: Ten Web Sites to Visit

        • www. sans. org

        • www. cert. org

        • www. infosyssec. org

        • www. microsoft. com/ security

        • www. icsalabs. com

        • www. securityfocus. com

        • www. gocsi. com

        • www. isaserver. org

        • www. interhack. net/ pubs/ fwfaq

        • Firewall Lists

    • Appendix: Protocol Listings and More

      • IP Protocol Numbers

      • ICMP Type Numbers

      • TCP and UDP Port Listing

    • Index

Tài liệu cùng người dùng

  • Đang cập nhật ...

Tài liệu liên quan