Poised Solutions Tech Library

Network Security Hacks

Network Security Hacks Author: Andrew Lockhart Publisher: O'Reilly Published: 2004 Pages: 298

Network Security Hacks

Network Security Hacks Chapters

Network Security Hacks Chapters

1. Unix Host Security
   • Secure Mount Points
   • Scan for SUID and SGID Programs
   • Scan fro World and Group-Writable Directories
   • Create Flexible Permissions Hierarchies with POSIX ACLs
   • Protect Your Logs from Tampering
   • Delegate Administrative Roles
   • Automate Cryptographic Signature Verification
   • Check for Listening Services
   • Prevent Services from Binding to an Interface
   • Restrict Services with Sandboxed Environments
   • Use proftp with a MySQL Authentication Source
   • Prevent Stack-Smashing Attacks
   • Lock Down Your Kernel with grsecuritty
   • Restrict Application with grsecurity
   • Restrict System Calls with Systrace
   • Automated Systrace Policy Creation
   • Control Login Access with PAM
   • Restricted Shell Environments
   • Enforce User and Group Resource Limits
   • Automate System Updates
2. Windows Host Security
   • Check Servers for Applied Patches
   • Get a List of Open files and Their Owning Processes
   • List Running Services and Open Ports
   • Enable Auditing
   • Secure Your Event Logs
   • Change Your Maximum Log Files Sizes
   • Disable Default Shares
   • Encrypt Your Temp folder
   • Clear the Paging File at Shutdown
   • Restrict Applications Available to Users
3. Network Security
   • Detect ARP Spoofing
   • Create a Static ARP table
   • Firewall with Netfilter
   • Firewall with OpenBSD's PacketFilter
   • Create an Authenticated Gateway
   • Firewall with Windows
   • Keep Your Network Self-Contained
   • Test Your Firewall
   • MAC Filtering with Netfilter
   • Block OS Fingerprinting
   • Fool Remote Operating System Detection Software
   • Keep an Inventory of Your Network
   • Scan Your Network for Vulnerabilities
   • Keep Server Clocks Synchronized
   • Create Your own Certificate Authority
   • Distribute Your CS to Clients
   • encrypt IMAP and POP with SSL
   • Set Up TLS-Enabled SMTP
   • Detect Ethernet Sniffers Remotely
   • Installing Apache with SSL and suEXEC
   • Secure BIND
   • Secure MySQL
   • Shares Files Securely in Unix
4. Logging
   • run a Central Syslog Server
   • Steer Syslog
   • integrate Windows into Your Syslog Infrastructure
   • Automatically Summarize Your Logs
   • Monitor Your Logs Automatically
   • Aggregate Logs from Remote Sites
   • Log User Activity with Process Accounting
5. Monitoring and Trending
   • Monitor Availability
   • Graph Trends
   • Run ntop for Real-Time Network Stats
   • Audit Network Traffic
   • Collect Statistics with Firewall Rules
   • Sniff the Ether Remotely
6. Secure Tunnels
   • Set Up IPSec Under Linux
   • Set Up IPsec Under FreeBSD
   • Set Up IPSec in OpenBSD
   • PPTP Tunneling
   • Opportunistic Encryption with FreeS/WAN
   • Forward and Encrypt Traffic with SSH
   • Quick Logins with SSH Client Keys
   • Squid Proxy over SSH
   • Use SSH as a SOCKS Proxy
   • encrypt and Tunnel Traffic with SSL
   • Tunnel Connection Inside HTTP
   • Tunnel with VTun and SSH
   • Automatic vtund.conf Generator
   • Create a Cross-Platofrm VPN
   • Tunnel PPP
7. Network Intrusion Detection
   • Detect Intrusions with Snort
   • Keep Track of Alerts
   • Real-Time Monitoring
   • Manage a Sensor Network
   • Write Your Own Snort Rules
   • Prevent and Contain Intrusions with Snort_inline
   • Automated Dynamic Firewalling with SnortSam
   • Detect Anomalous Behaviour
   • Automatically Update Snort's Rules
   • Create a Distributed Stealth Sensor Network
   • Use Snort in High Performance Environments with Barnyard
   • Detect and Prevent Web Application Intrusions
   • Simulate a Network of Vulnerable Hosts
   • Record Honeypot Activity
8. Recovery and Response
   • Image Mounted Filesystems
   • Verify File Integrity and Find Compromised Files
   • Find Compromised Packages with RPM
   • Scan for Root Kits
   • Find the Owner of a Network

Network Security Hacks Appendices

1. Index