Harrington says in the preface that this book is not a hacker manual, but a book for a competent technologist who is new to the security area. There are hundreds of books on network security, written from different points of view, and it is hard for a reader to select the one that is most suitable. Harrington’s book combines specialized technical material with a casual style and immediate hands-on information about the application of the techniques and technologies described. This is what sets the book apart from many similar volumes.
The book is comprised of 12 chapters and three appendices. Chapter 1 defines the problem of network security, describes internal and external threats to networks, and outlines defensive techniques. Here, the reader will also find the basics on formulating security policies and conducting security audits. The chapter touches upon some security-related regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), and provides comprehensive job descriptions for security personnel. Do you need to know which skills a network security analyst needs to have, or how to write guidelines for your security policies? You will find the answers in chapter 1.
In chapter 2, security architectures are explained. From elementary information on network topology to comprehensive sections on firewalls, the chapter sets the foundation for forming a comprehensive security picture. Are you interested in access control for files? Hands-on sections in chapter 2 provide information on setting file and folder permissions in various operating systems. Data protection is important, but physical security comes first. The basics of physical security are described in chapter 3. You will learn how to protect computer assets from theft and vandalism, and how to set up system consoles to be more secure. This chapter also discusses types of backup, outlines necessary precautions for setting up a continuous power supply, and explains how to conduct physical monitoring and disaster recovery training. But even with perfect physical security, hackers can collect information that will make your network vulnerable. Chapter 4 covers various types of social engineering, explains how published information can lead to serious break-ins, and mentions other information gathering techniques, such as port scanning and network mapping. The hands-on section in this chapter teaches the reader to close ports, limit information available on systems, and set up proxy servers. But even if an intruder can penetrate the system, not much can be done unless he or she can gain full administrative rights. Chapter 5 is about gaining and keeping root access. There, the reader will find information about root kits and brute force and buffer overflow attacks and how to deal with them. This chapter also discusses log information and analysis, intrusion detection systems, and intrusion prevention software. The hands-on section contains a lesson about configuring logs and patch management for Windows systems.
Chapter 6 focuses on spoofing, describing both Internet protocol (IP) and domain name system (DNS) spoofing and the associated risks for various operating systems, and providing information on email and Web spoofing. The hands-on lesson explains how to detect email and Web spoofing, a skill that any computer practitioner will appreciate. Denial of service (DoS) attacks were made famous by numerous successes, interrupting operations of the most popular portals, including Yahoo! and Amazon. In chapter 7, the reader will learn about many types of DoS attacks and become familiar with the most common defense strategies. There are many other ways to affect operations of applications and Internet sites aside from DoS attacks. Chapter 8 focuses on malware. It classifies malware into several categories based on the methods of propagation, with many examples. The hands-on section in this chapter focuses on setting up various types of virus scanners and provides excellent advice on dealing with removable media.
Chapter 9 discusses user and password security, one of the trickiest and most important parts of building a coherent security infrastructure. The chapter details very useful information about password policies, ways to create stronger passwords, and the specifics of password management in different operating systems. It also touches upon password audits and strong authentication. The hands-on section is about password management tools and the specifics of their interaction with different operating systems. Remote access has become essential in supporting the increasingly mobile workforce. Chapter 10 addresses this topic. The reader will learn about specific vulnerabilities of remote access paradigms, ways to mitigate these vulnerabilities, different types of virtual private networks (VPNs), and methods for remote user authentication. In the hands-on section, the reader will become familiar with setting up VPN connections on different types of workstations. Wireless networks, which were an emerging technology just a few years ago, have now become mainstream. The focus of chapter 11 is on security issues associated with wireless networks. It covers wireless standards and the specific vulnerabilities of wireless networks. Do you need to learn what Bluetooth security entails? A short but useful section in this chapter will enlighten you. The hands-on section discusses securing an 802.11x network, a bit of knowledge that any information technology (IT) professional will welcome in 2005.
The last chapter addresses some of the problems associated with encryption. It starts with the basics on formulating encryption policies and creating information classification schemas; moves on to define symmetric and asymmetric cryptography; outlines encryption key management issues, and ways to ensure message authentication and integrity (a pervasive problem in the current regulatory environment); and ends with a brief description of the public key infrastructure (PKI). At the end of the chapter, the reader is introduced to certificate authorities and some types of encryption software. The book concludes with appendices, focusing on relevant network protocols and useful sites related to network security, and a glossary.
Security is a topic that isn’t easy to simplify. I have read a lot of security primers, and the majority of them omit essential information in an effort to be nontechnical and easy to understand. This book is different: the author’s excellent command of the subject enables her to describe security issues in simple terms, while providing the depth necessary to put security information to practical use. I highly recommend this book.
