Hardening Network Security


Take a proactive approach to network security by implementing preventive measures against attacks--before they occur. Written by a team of security experts, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security ...

See more details below
BN.com price
(Save 9%)$43.95 List Price
Other sellers (Paperback)
  • All (21) from $1.99   
  • New (9) from $7.94   
  • Used (12) from $1.99   
Sending request ...


Take a proactive approach to network security by implementing preventive measures against attacks--before they occur. Written by a team of security experts, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan.

Features a four-part hardening methodology:

  • Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
  • Take It From The Top--Systematic approach to hardening your enterprise from the top down
  • Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
  • How to Succeed--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program
Read More Show Less

Product Details

  • ISBN-13: 9780072257038
  • Publisher: McGraw-Hill Companies, The
  • Publication date: 1/11/2005
  • Pages: 628
  • Product dimensions: 1.31 (w) x 7.50 (h) x 9.25 (d)

Meet the Author

John Mallery is a Managing Consultant at BKD, LLP, and a veteran security specialist. Previously, he was CTO of Clarence M. Kelley and Associates, Inc, a private investigation and security consulting company founded by the former director of the FBI. John is a nationally recognized public speaker and trainer in the area of computer forensics and computer security. He has developed continuing legal education programs for the legal community and POST accredited programs for law enforcement. His presentations always receive excellent evaluations at national conferences.John draws upon his unique experiences as an investigator, network security consultant, and comedian to provide presentations that are both informative and entertaining. John is a member of the Information Technology Security Council for ASIS International, a member of the High Technology Crime Investigation Association, Infragard, and a contributing editor for Security Technology and Design magazine.

Jason Zann, CISSP, is currently an Information Security Consultant for DST Systems, Inc. With over nine years as an information security professional, he has been responsible for management, operational, and technical developments for information security products, systems, networks, and processes on a global scale. He has worked for corporate, product, and consulting organizations delivering a range of information security concepts and solutions.

Patrick W. Kelly, CISSP, CCSE, MCSE, MCP+I, currently serves as Information Assurance Engineer for ComGlobal Systems, Inc. Patrick has more than 15 years of combined application development and network security experience. In his current position he is responsible for EnterpriseSecurity Awareness Programs, Vulnerability and Risk Assessment, and Security Component Design and Build. Throughout his career, Patrick has been responsible for implementation and development of network security programs. Some of these projects include: Intrusion Detection and Reaction Systems, Firewall Technology Design and Implementation

Wesley J. Noonan (Houston, TX), MCSE, CCNA, CCDA, NNCSS, Security +, has been working in the computer industry for more than 11 years, specializing in Windows-based networks and network infrastructure design and implementation. He is a Senior Network Consultant for Collective Technologies, LLC (http://www.colltech.com), a company that specializes in storage, server and network design, architecture, implementation, and security. Wes got his start in the United States Marine Corps working on its Banyan VINES network, and has since worked on building and designing secure networks ranging in size from 25 to 25,000 users. Wes prreviously worked in R&D for BMC Software, Inc., on their PATROL management solutions, architecting and testing their network and application management products. Wes is also an active trainer, developing and teaching his own custom, Cisco-based routing and switching curriculum. He has spoken at a number of technical conferences and user groups and is a member of the Ask the Experts panel at http://searchwindowssecutiry.techtarget.com. Wes is also the author of Hardening Network Infrastructure (McGraw-Hill/Osbourne, 2004).

Eric S. Seagren,(Missouri City, TX), CISSP, ISSAP, SCNP, CCNA, CNE, MCP+I, MCSE, has nine years of experience in the computer industry, with the last eight years spent in the financial services industry working for a fortune 100 company. Eric started his computer career working on Novell servers and performing general network troubleshooting for a small Houston-based company. While working in the financial services industry, his duties have included server administration, disaster recovery responsibilities, business continuity coordinator, and Y2K remediation responsibilities. He has spent the last four years as an IT architect, designing secure, scalable, and redundant networks. His design experience includes the implementation of intrusion detection systems, and the security evaluation of network designs and network device configurations.

Paul Love, CISSP, CISA, CISM, Security +, is a Security Manager for a large financial institution and has been in the IT field for 15 years. Paul holds a master of science degree in network security and a bachelor’s degree in information systems. He is a coauthor of the book Hardening Linux (McGraw-Hill/Osborne, 2004) and has been the technical editor for over ten best-selling Linux and Unix books. Paul ran a successful Linux portal site during the dot com era.

Rob Kraft is the director of software development for KCX, Inc. Rob spent two years as a Microsoft Certified Trainer teaching classes on SQL Server and Visual Basic. He is also certified by IBM to teach DB2 and WebSphere. In addition to teaching, Rob spent 15 years developing applications on a range of platforms, development languages, and database management systems. Rob coauthored books on Microsoft SQL Server and has presented SQL Server, Internet Security, and Visual Basic at conferences and seminars. In his spare time, Rob assists local nonprofits with IT and other needs. You may contact Rob at http://www.RobKraft.org.

Mark O’Neill is the principal author of Web Services Security (McGraw-Hill/Osborne, 2003). Mark has written on the topic of XML and web services security in magazines such as Web Services Journal, XML Journal, Java Pro, Enterprise Architect, Infoconomy, and Technology for Finance. As Chief Technical Officer at Vordel, a pioneering vendor of XML security products, Mark has met many early adopters of XML, gathering and synthesizing their security requirements. Mark regularly presents training courses on web services security in London, California, and on the U.S. East Coast. For the past four years, he has been chosen as a speaker on the topic of XML security at the RSA Conference, the infosec industry’s largest annual conference. Mark lives in an old house in Boston’s up-and-coming Roslindale neighborhood, with Kristen and their two-year-old son Ben.

Read More Show Less

Table of Contents

1 Do these seven things before you do anything else! 3
2 Break the network into common areas of functionality for security 35
3 Hardening with identity management systems 59
4 Hardening cross-platform authentication 87
5 Hardening Web services 113
6 Hardening mobile environments 141
7 Beyond access controls : protecting stored data 161
8 Hardening database access from the Web 199
9 Hardening cross-platform access controls 229
10 Hardening data transport using encryption 257
11 Hardening remote clients 293
12 Hardening wireless 323
13 Hardening a mixed Unix network 343
14 Intrusion detection and response 365
15 Managing malicious code 387
16 Hardening wetware 409
17 Auditing and testing the security of a mixed network 437
18 Change management 467
19 Security patching 487
20 Security review 515
21 Politics of security management 541
22 Security apathy 561
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)