Contents -- Introduction -- Chapter 1 Internet Overview -- What Is the Internet? -- The History of the Internet -- Basic Internet Primer -- Understanding the OSI Model -- Understanding TCP/IP -- TCP/IP Layered Architecture -- TCP/IP Protocols -- Internet Addressing -- How the Internet Works -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 2 Network Security Overview -- Fundamental Elements of Security -- Drafting a Security Model -- Risk Analysis -- Ensuring the Success of a Security Model -- The Evolution of a Security Model -- Basic Security Concepts -- Cryptography -- Authentication -- Authorization -- Audits -- Public Key Infrastructure -- Digital Certificates -- Common Security Threats -- Footprinting -- Scanning -- Enumeration -- Social Engineering -- Application and Operating System Attacks -- Network Attacks -- Denial of Service Attacks -- Malicious Software -- Assessing Vulnerability -- Evaluating the Threats -- Analyzing Threats -- Threat Modeling -- Security Strategies -- Least Privilege -- Defense In-Depth -- Choke Point -- Weakest Link -- Fail-Safe Stance -- Universal Participation -- Diversity of Defense -- Simplicity -- Security through Obscurity -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 3 Firewalls for Network Security -- The Origin and Need for Firewalls -- The History of Firewalls -- The Functions of Firewalls -- The Role of Firewalls in Network Security -- Types of Firewalls -- Network-Layer Firewalls -- Application-Layer Firewalls -- Constraints and Future Trends of Firewalls -- Limitations of Firewalls -- Future Developments in Firewalls -- Summary -- Check Your Understanding -- Multiple Choice Questions.

Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 4 Firewall Technologies -- Introduction -- TCP/IP Networking -- Encapsulation -- Demultiplexing -- IP Routing -- Packet Filtering -- The Filtering Process -- Advantages of Packet Filtering -- Disadvantages of Packet Filtering -- Proxy Servers -- Features of a Proxy Server -- Requirements of a Proxy Service -- SOCKS -- Advantages of Proxy Services -- Disadvantages of Proxy Services -- User Authentication -- Kerberos -- Network Address Translation -- How NAT Works -- Advantages of NAT -- Disadvantages of NAT -- Virtual Private Networks -- VPN Requirements -- Tunneling -- Point-to-Point Protocol -- Point-to-Point Tunneling Protocol -- Layer 2 Tunneling Protocol -- Internet Protocol Security (IPSec) Tunnel Mode -- Advantages of Virtual Private Networks -- Disadvantages of Virtual Private Networks -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 5 Firewall Architectures -- Dial-Up Architecture -- Single Router Architecture -- Dual Router Architecture -- Dual-Homed Host Architecture -- Screened Host Architecture -- Screened Subnet Architecture -- Variations to the Screened Subnet Architecture -- Multiple Bastion Hosts -- One Router Acting as the Interior and Exterior Router -- A Bastion Host Acting as the Exterior Router -- Multiple Exterior Routers -- Multiple Perimeter Networks -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 6 Firewall Design -- Firewall Design Overview -- Firewall Security Policy -- Need for a Security Policy -- Guidelines for Designing a Policy -- Policy Design Checklist -- Finalizing a Security Policy -- Firewall Products -- Router-Based Firewalls.

Workstation-Based Firewalls -- Evaluating Firewalls -- Parameters for Evaluation -- Additional Criteria for Selecting Firewalls -- Firewall Configuration -- Split-Screened Subnet Architecture -- Configuring a Packet-Filtering Architecture -- Service Configuration -- Packet-Filtering Rules -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 7 Bastion Hosts -- Introduction to Bastion Hosts -- System Requirements -- Hardware -- Operating System -- Services -- Location -- Hardening -- Hardware Setup -- Operating System Setup -- Configuring Services -- Security Measures -- Connecting and Running -- Windows Bastion Host -- Installing the Services -- Services to Enable -- Services to Disable -- UNIX Bastion Host -- Installing the Services -- Services to Enable -- Services to Disable -- Bastion Host Design -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 8 Internet Services and Firewalls -- World Wide Web -- Web Servers -- Securing Web Clients -- HTTP Filtering Rules -- Electronic Mail -- Mail System Components -- E-Mail Attachments -- Securing E-Mail Messages -- Filtering Rules for SMTP and POP -- File Transfer Protocol -- Accessing FTP Servers -- Securing an FTP Server -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 9 Preventive Measures -- Remedial Measures -- Legal Measures -- Summary -- Check Your Understanding -- Short Questions -- Answers -- Short Answers -- Chapter 10 Implementing Windows- and Linux-Based Firewalls -- Implementing Firewalls Using Microsoft ISA Server 2000 -- Features of ISA Server -- ISA Installation Considerations.

Configuring Security on ISA Server -- Implementing Firewalls in Linux -- Types of Firewalls in Linux -- IPchains -- IPtables -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Chapter 11 Implementing Router-Based Firewalls -- An Introduction to Routers -- Using Routers as Firewalls -- Rejecting Protocols -- IP Filtering -- Using IP Packet Filtering to Prevent IP Spoofing -- Using Cisco Routers as Firewalls -- Context-Based Access Control -- CBAC Functions -- Advantages of CBAC -- Limitations of CBAC -- How CBAC Works -- Configuring CBAC -- Summary -- Check Your Understanding -- Multiple Choice Questions -- Short Questions -- Answers -- Multiple Choice Answers -- Short Answers -- Appendix A: Best Practices, Tips, and Tricks -- Best Practices -- Tips and Tricks -- Appendix B: Frequently Asked Questions -- Appendix C: In the Wings -- Index -- A -- B -- C -- D -- E -- F -- G -- H -- I -- J -- K -- L -- M -- N -- O -- P -- Q -- R -- S -- T -- U -- V -- W -- X -- Z.