Network Security First-Step [NOOK Book]

Overview

Network Security first-step

Second Edition

Tom Thomas and Donald Stoddard

Your first step into the...

See more details below
Network Security First-Step

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac

Want a NOOK? Explore Now

NOOK Book (eBook)
$15.49
BN.com price
(Save 44%)$27.99 List Price

Overview

Network Security first-step

Second Edition

Tom Thomas and Donald Stoddard

Your first step into the world of network security

  • No security experience required
  • Includes clear and easily understood explanations
  • Makes learning easy

Your first step to network security begins here!

  • Learn how hacker attacks work, from start to finish
  • Choose the right security solution for each type of risk
  • Create clear and enforceable security policies, and keep them up to date
  • Establish reliable processes for responding to security advisories
  • Use encryption effectively, and recognize its limitations
  • Secure your network with firewalls, routers, and other devices
  • Prevent attacks aimed at wireless networks

No security experience required!

Computer networks are indispensible, but they also are not secure. With the proliferation of security threats, many people and companies are looking for ways to increase the security of their networks and data. Before you can effectively implement security technologies and techniques, you need to make sense of this complex and quickly evolving world of hackers and malware, as well as the tools to combat them.

Network Security First-Step, Second Edition explains the basics of network security in easy-to-grasp language that all of us can understand. This book takes you on a guided tour of the core technologies that make up and control network security. Whether you are looking to take your first step into a career in network security or simply are interested in gaining knowledge of the technology, this book is for you!

Read More Show Less

Product Details

  • ISBN-13: 9781587204128
  • Publisher: Pearson Education
  • Publication date: 1/5/2012
  • Series: First-Step
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 2
  • Pages: 552
  • Sales rank: 1,220,170
  • File size: 11 MB
  • Note: This product may take a few minutes to download.

Meet the Author

Tom Thomas, CCIE No. 9360, claims he never works because he loves what he does. When you meet him, you will agree!

Throughout his many years in the networking industry, Tom has taught thousands of people how networking works and the secrets of the life of a packet. Tom is the author or coauthor of 18 books on networking, including the acclaimed OSPF Network Design Solutions, published by Cisco Press and now in its second edition. Beyond his many books, Tom also has taught computer and networking skills through his roles as an instructor and training-course developer.

In addition to holding the Cisco Certified Internetwork Expert (CCIE) certification–the pinnacle of networking certifications–Tom holds Cisco CCNP Security, CCDA, and CCNA certifications and is a certified Cisco Systems instructor (CCSI). These certifications support his industry-proven, problem-solving skills through technical leadership with demonstrated persistence and the ability to positively assist businesses in leveraging IT resources in support of their core business. He has also completed his Master of Science degree in network architecture and is looking at a doctorate next.

Tom currently is the CIO of Qoncert, a Cisco Gold Partner in Southern Florida that has an affiliated arm known as CCPrep.com, a Cisco Learning Partner, where he provides strategic direction and a little hands-on for customers of all types.

Donald Stoddard began his career in information technology in 1998, designing networks and implementing security for schools in North Dakota and South Dakota. He then went on to design and implement Geographical Information Systems (GIS) for a firm in Denver, Colorado. While there, he earned his Bachelor of Science degree in computer information systems management from Colorado Christian University. From Colorado, he then moved south, learned the ins-and-outs of Cisco VoIP, and began working through designing and securing VoIP solutions throughout the southeast. Don holds Microsoft MCSA and Linux+ and Security+ certifications and is presently wading through the CISSP material.

Currently, Don works for the Department of the Navy as the Information Assurance Officer for one of the premier Navy research and development labs, where he provides certification and accreditation guidance for the various projects being developed for implementation and deployment.

Read More Show Less

Table of Contents

Introduction xxii

Chapter 1 There Be Hackers Here! 1

Essentials First: Looking for a Target 2

Hacking Motivations 3

Targets of Opportunity 4

Are You a Target of Opportunity? 6

Targets of Choice 7

Are You a Target of Choice? 7

The Process of an Attack 9

Reconnaissance 9

Footprinting (aka Casing the Joint) 11

Scanning 18

Enumeration 23

Enumerating Windows 24

Gaining Access 26

Operating System Attacks 27

Application Attacks 27

Misconfiguration Attacks 28

Scripted Attacks 29

Escalating Privilege 30

Covering Tracks 31

Where Are Attacks Coming From? 32

Common Vulnerabilities, Threats, and Risks 33

Overview of Common Attacks and Exploits 36

Network Security Organizations 39

CERT Coordination Center 40

SANS 40

Center for Internet Security (CIS) 40

SCORE 41

Internet Storm Center 41

National Vulnerability Database 41

Security Focus 42

Learning from the Network Security Organizations 42

Chapter Summary 43

Chapter Review 43

Chapter 2 Security Policies 45

Responsibilities and Expectations 50

A Real-World Example 50

Who Is Responsible? You Are! 50

Legal Precedence 50

Internet Lawyers 51

Evolution of the Legal System 51

Criminal Prosecution 52

Real-World Example 52

Individuals Being Prosecuted 53

International Prosecution 53

Corporate Policies and Trust 53

Relevant Policies 54

User Awareness Education 54

Coming to a Balance 55

Corporate Policies 55

Acceptable Use Policy 57

Policy Overview 57

Purpose 58

Scope 58

General Use and Ownership 58

Security and Proprietary Information 59

Unacceptable Use 60

System and Network Activities 61

Email and Communications Activities 62

Enforcement 63

Conclusion 63

Password Policy 64

Overview 64

Purpose 64

Scope 64

General Policy 65

General Password Construction Guidelines 66

Password Protection Standards 67

Enforcement 68

Conclusion 68

Virtual Private Network (VPN) Security Policy 69

Purpose 69

Scope 69

Policy 70

Conclusion 71

Wireless Communication Policy 71

Scope 72

Policy Statement 72

General Network Access Requirements 72

Lab and Isolated Wireless Device Requirements 72

Home Wireless Device Requirements 73

Enforcement 73

Definitions 73

Revision History 73

Extranet Connection Policy 74

Purpose 74

Scope 74

Security Review 75

Third-Party Connection Agreement 75

Business Case 75

Point of Contact 75

Establishing Connectivity 75

Modifying or Changing Connectivity and Access 76

Terminating Access 76

Conclusion 76

ISO Certification and Security 77

Delivery 77

ISO/IEC 27002 78

Sample Security Policies on the Internet 79

Industry Standards 79

Payment Card Industry Data Security Standard (PCI DSS) 80

Sarbanes-Oxley Act of 2002 (SOX) 80

Health Insurance Portability and Accounting Act (HIPAA) of 1996 81

Massachusetts 201: Standards for the Protection of Personal Information of Residents of the Commonwealth 81

SAS 70 Series 82

Chapter Summary 82

Chapter Review 83

Chapter 3 Processes and Procedures 85

Security Advisories and Alerts: Getting the Intel You Need to Stay Safe 86

Responding to Security Advisories 87

Step 1: Awareness 88

Step 2: Incident Response 90

Step 3: Imposing Your Will 95

Steps 4 and 5: Handling Network Software Updates (Best Practices) 96

Industry Best Practices 98

Use a Change Control Process 98

Read All Related Materials 98

Apply Updates as Needed 99

Testing 99

Uninstall 99

Consistency 99

Backup and Scheduled Downtime 100

Have a Back-Out Plan 100

Forewarn Helpdesk and Key User Groups 100

Don’t Get More Than Two Service Packs Behind 100

Target Noncritical Servers/Users First 100

Service Pack Best Practices 101

Hotfix Best Practices 101

Service Pack Level Consistency 101

Latest Service Pack Versus Multiple Hotfixes 101

Security Update Best Practices 101

Apply Admin Patches to Install Build Areas 102

Apply Only on Exact Match 102

Subscribe to Email Notification 102

Summary 102

Chapter Review and Questions 104

Chapter 4 Network Security Standards and Guidelines 105

Cisco SAFE 2.0 106

Overview 106

Purpose 106

Cisco Validated Design Program 107

Branch/WAN Design Zone Guides 107

Campus Design Zone Guides 107

Data Center Design Zone Guides 108

Security Design Zone Guides 109

Cisco Best Practice Overview and Guidelines 110

Basic Cisco IOS Best Practices 110

Secure Your Passwords 110

Limit Administrative Access 111

Limit Line Access Controls 111

Limit Access to Inbound and Outbound Telnet (aka vty Port) 112

Establish Session Timeouts 113

Make Room Redundancy 113

Protect Yourself from Common Attacks 114

Firewall/ASAs 115

Encrypt Your Privileged User Account 115

Limit Access Control 116

Make Room for Redundant Systems 116

General Best Practices 117

Configuration Guides 117

Intrusion Prevention System (IPS) for IOS 117

NSA Security Configuration Guides 118

Cisco Systems 119

Switches Configuration Guide 119

VoIP/IP Telephony Security Configuration Guides 119

Microsoft Windows 119

Microsoft Windows Applications 120

Microsoft Windows 7/Vista/Server 2008 120

Microsoft Windows XP/Server 2003 121

Apple 121

Microsoft Security 121

Security Policies 121

Microsoft Windows XP Professional 122

Microsoft Windows Server 2003 122

Microsoft Windows 7 122

Windows Server 2008 123

Microsoft Security Compliance Manager 124

Chapter Summary 125

Chapter Link Toolbox Summary 125

Chapter 5 Overview of Security Technologies 127

Security First Design Concepts 128

Packet Filtering via ACLs 131

Grocery List Analogy 132

Limitations of Packet Filtering 136

Stateful Packet Inspection 136

Detailed Packet Flow Using SPI 138

Limitations of Stateful Packet Inspection 139

Network Address Translation (NAT) 140

Increasing Network Security 142

NAT’s Limitations 143

Proxies and Application-Level Protection 144

Limitations of Proxies 146

Content Filters 147

Limitations of Content Filtering 150

Public Key Infrastructure 150

PKI’s Limitations 151

Reputation-Based Security 152

Reactive Filtering Can’t Keep Up 154

Cisco Web Reputation Solution 155

AAA Technologies 156

Authentication 156

Authorization 157

Accounting 157

Remote Authentication Dial-In User Service (RADIUS) 158

Terminal Access Controller Access Control System (TACACS) 159

TACACS+ Versus RADIUS 160

Two-Factor Authentication/Multifactor Authentication 161

IEEE 802.1x: Network Access Control (NAC) 162

Network Admission Control 163

Cisco TrustSec 164

Solution Overview 164

Cisco Identity Services Engine 166

Chapter Summary 168

Chapter Review Questions 168

Chapter 6 Security Protocols 169

Triple DES Encryption 171

Encryption Strength 171

Limitations of 3DES 172

Advanced Encryption Standard (AES) 172

Different Encryption Strengths 173

Limitations of AES 173

Message Digest 5 Algorithm 173

MD5 Hash in Action 175

Secure Hash Algorithm (SHA Hash) 175

Types of SHA 176

SHA-1 176

SHA-2 176

Point-to-Point Tunneling Protocol (PPTP) 177

PPTP Functionality 177

Limitations of PPTP 178

Layer 2 Tunneling Protocol (L2TP) 179

L2TP Versus PPTP 180

Benefits of L2TP 180

L2TP Operation 181

Secure Shell (SSH) 182

SSH Versus Telnet 184

SSH Operation 186

Tunneling and Port Forwarding 187

Limitations of SSH 188

SNMP v3 188

Security Built In 189

Chapter Summary 192

Chapter Review Questions 192

Chapter 7 Firewalls 193

Firewall Frequently Asked Questions 194

Who Needs a Firewall? 195

Why Do I Need a Firewall? 195

Do I Have Anything Worth Protecting? 195

What Does a Firewall Do? 196

Firewalls Are “The Security Policy” 197

We Do Not Have a Security Policy 200

Firewall Operational Overview 200

Firewalls in Action 202

Implementing a Firewall 203

Determine the Inbound Access Policy 205

Determine Outbound Access Policy 206

Essentials First: Life in the DMZ 206

Case Studies 208

Case Study: To DMZ or Not to DMZ? 208

Firewall Limitations 214

Chapter Summary 215

Chapter Review Questions 216

Chapter 8 Router Security 217

Edge Router as a Choke Point 221

Limitations of Choke Routers 223

Routers Running Zone Based Firewall 224

Zone-Based Policy Overview 225

Zone-Based Policy Configuration Model 226

Rules for Applying Zone-Based Policy Firewall 226

Designing Zone-Based Policy Network Security 227

Using IPsec VPN with Zone-Based Policy Firewall 228

Intrusion Detection with Cisco IOS 229

When to Use the FFS IDS 230

FFS IDS Operational Overview 231

FFS Limitations 233

Secure IOS Template 234

Routing Protocol Security 251

OSPF Authentication 251

Benefits of OSPF Neighbor Authentication 252

When to Deploy OSPF Neighbor Authentication 252

How OSPF Authentication Works 253

Chapter Summary 254

Chapter Review Questions 255

Chapter 9 IPsec Virtual Private Networks (VPNs) 257

Analogy: VPNs Securely Connect IsLANds 259

VPN Overview 261

VPN Benefits and Goals 263

VPN Implementation Strategies 264

Split Tunneling 265

Overview of IPsec VPNs 265

Authentication and Data Integrity 268

Tunneling Data 269

VPN Deployment with Layered Security 270

IPsec Encryption Modes 271

IPsec Tunnel Mode 271

Transport Mode 272

IPsec Family of Protocols 272

Security Associations 273

ISAKMP Overview 273

Internet Key Exchange (IKE) Overview 274

IKE Main Mode 274

IKE Aggressive Mode 275

IPsec Security Association (IPsec SA) 275

IPsec Operational Overview 276

IKE Phase 1 277

IKE Phase 2 278

Perfect Forward Secrecy 278

Diffie-Hellman Algorithm 279

Router Configuration as VPN Peer 281

Configuring ISAKMP 281

Preshared Keys 282

Configuring the ISAKMP Protection Suite 282

Configuring the ISAKMP Key 283

Configuring IPsec 284

Step 1: Create the Extended ACL 284

Step 2: Create the IPsec Transforms 284

Step 3: Create the Crypto Map 285

Step 4: Apply the Crypto Map to an Interface 286

Firewall VPN Configuration for Client Access 286

Step 1: Define Interesting Traffic 288

Step 2: IKE Phase 1[udp port 500] 288

Step 3: IKE Phase 2 288

Step 4: Data Transfer 289

Step 5: Tunnel Termination 289

SSL VPN Overview 289

Comparing SSL and IPsec VPNs 290

Which to Deploy: Choosing Between IPsec and SSL VPNs 292

Remote-Access VPN Security Considerations 293

Steps to Securing the Remote-Access VPN 294

Cisco AnyConnect VPN Secure Mobility Solution 295

Chapter Summary 296

Chapter Review Questions 297

Chapter 10 Wireless Security 299

Essentials First: Wireless LANs 301

What Is Wi-Fi? 302

Benefits of Wireless LANs 303

Wireless Equals Radio Frequency 303

Wireless Networking 304

Modes of Operation 305

Coverage 306

Bandwidth Availability 307

WarGames Wirelessly 307

Warchalking 308

Wardriving 309

Warspamming 311

Warspying 312

Wireless Threats 312

Sniffing to Eavesdrop and Intercept Data 313

Denial-of-Service Attacks 315

Rogue/Unauthorized Access Points 316

Misconfiguration and Bad Behavior 317

AP Deployment Guidelines 317

Wireless Security 318

Service Set Identifier (SSID) 318

Device and Access Point Association 319

Wired Equivalent Privacy (WEP) 319

WEP Limitations and Weaknesses 320

MAC Address Filtering 320

Extensible Authentication Protocol (EAP) 321

LEAP 322

EAP-TLS 322

EAP-PSK 323

EAP-TTLS 323

Essential Wireless Security 323

Essentials First: Wireless Hacking Tools 325

NetStumbler 325

Wireless Packet Sniffers 326

Aircrack-ng 327

OmniPeek 327

Wireshark 329

Chapter Summary 329

Chapter Review Questions 330

Chapter 11 Intrusion Detection and Honeypots 331

Essentials First: Intrusion Detection 333

IDS Functional Overview 335

Host Intrusion Detection System 340

Network Intrusion Detection System 341

Wireless IDS 343

Network Behavior Analysis 344

How Are Intrusions Detected? 345

Signature or Pattern Detection 346

Anomaly-Based Detection 346

Stateful Protocol Analysis 347

Combining Methods 347

Intrusion Prevention 347

IDS Products 348

Snort! 348

Limitations of IDS 350

Essentials First: Honeypots 354

Honeypot Overview 354

Honeypot Design Strategies 356

Honeypot Limitations 357

Chapter Summary 357

Chapter Review Questions 357

Chapter 12 Tools of the Trade 359

Essentials First: Vulnerability Analysis 361

Fundamental Attacks 361

IP Spoofing/Session Hijacking 362

Packet Analyzers 363

Denial of Service (DoS) Attacks 363

Other Types of Attacks 366

Back Doors 368

Security Assessments and Penetration Testing 370

Internal Vulnerability and Penetration Assessment 370

Assessment Methodology 371

External Penetration and Vulnerability Assessment 371

Assessment Methodology 372

Physical Security Assessment 373

Assessment Methodology 373

Miscellaneous Assessments 374

Assessment Providers 375

Security Scanners 375

Features and Benefits of Vulnerability Scanners 376

Freeware Security Scanners 376

Metasploit 376

NMAP 376

SAINT 377

Nessus 377

Retina Version 5.11.10 380

CORE IMPACT Pro (a Professional Penetration Testing Product) 382

In Their Own Words 383

Scan and Detection Accuracy 384

Documentation 384

Documentation and Support 386

Vulnerability Updates 386

Chapter Summary 386

Chapter Review Questions 387

Appendix A Answers to Review Questions 389

9781587204104 TOC 11/30/2011

Read More Show Less

Customer Reviews

Average Rating 4
( 10 )
Rating Distribution

5 Star

(6)

4 Star

(2)

3 Star

(0)

2 Star

(1)

1 Star

(1)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 10 Customer Reviews
  • Anonymous

    Posted December 9, 2005

    Wonderful, easy read for Security Newbie as well as the seasoned pro!

    Some recent IT Security headlines include: ¿Dutch trio hacked 1.5m personal computers¿ (October 20, 2005) ¿Hacker accesses 5,300 personal student records¿ (November 16, 2005) ¿NMCI gets hacked¿ (November 11, 2005) In 2002, CERT reported 82,094 security incidents the 2003 number jumped to 134,529 reported security incidents (CERT website) Obviously, threats to network security are growing more pervasive as hackers and crackers become bolder. Any IT professional, whether responsible for network infrastructure, servers, desktops, systems, web design, or database administration needs to be familiar with not only understanding network security, but also the tools and designs to develop a secure IT infrastructure. Network security is everyone¿s responsibility, from end-users, to IT staff, to CIOs and CTOs. Tom Thomas ¿Network Security First-Step¿ (ISBN 1587200996) provides a wonderful, readable introduction to Network Security design and best practices. ¿Network Security First-Step¿ is not only a great primer for those new to network security, but also a great reference for those who already have industry experience. I chose to add this book to my CCIE-Security reading list as my first step toward the written exam and CCIE recert. The book¿s opening chapters discusses the fundamentals of network security design, why a security policy for an organization underpins these fundamentals, and then describes the core security technologies and protocols. Subsequent chapters cover the basics of router security, firewalls, VPNs, Intrusion Detection, and Wireless Security. My personal favorite chapter was the one that discusses hacker and cracker ¿Tools of the Trade¿. The entire book is written in a style that is very fluid and conversational. Unlike many IT books, this one balances technical jargon with real-world examples and explanations. This volume would be a great addition to the bookshelf of both the IT engineer in the trenches as well as the CIO in his penthouse office. I highly recommend! Mark Reyero CCIE 12932

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 30, 2004

    Security Springboard

    I recently read Network Security First-Step (ISBN 1-58720-099-6) as the literal first step in my self-education on network security. I've done a little work with firewalls and ACLs, but due to some major security projects on the horizon, and also on my selfish desire to beef up my resume in that area, I've decided to dedicate some time to furthering my knowledge of network security. The book was written by Tom Thomas, who has authored or co-authored 17 books on networking and has also worked as an instructor. He also has a high level of experience in the industry. This experience shows in the quality of this book, which is advertised as an easy introduction into the world of network security. As such, it seemed like a natural place to start my security studies. Having read the book now, I'd have to say that it definitely lives up to the advertising. It is an introduction for the security novice, with just enough technical material to whet the appetite of even experienced networking guy like myself. When the material does get technical, the author uses real-world examples to explain the concepts and does so to great effect, making the book understandable for network novices. The book itself is 400 pages and consists of 10 chapters which cover a wide variety of topics. Chapter 1 is an introduction into the mind and tools of hackerdom. Chapter 2 covers basic security policies and practices. Chapter 3 is a basic overview of security technologies and their uses and benefits. Chapters 4 through 9 go more in-depth into the various security technologies introduced earlier (protocols, firewalls, router security, VPNs, wireless, and intrusion detection) and how they are used. Chapter 10 discusses tools for hacking and security auditing. I can't say enough about how valuable I found the information provided in this book. The author sprinkles the book with URLs which not only reinforce the topic he's covering, but also allow the reader to continue researching on their own. I now have a folder full of web bookmarks which I'm only beginning to delve into. This book doesn't just spoon feeding information to the reader, but also sets them up for a much deeper understanding on networking, depending upon their desire to go deeper. Another feature I like about the book is how the author laid out the advantages and limitations of each network security technology. He also doesn't try to sell any one technology as the Panacea for network security. Rather, he advocates a much more practical layered approach to network security. In conclusion, I recommend this book for anyone wanting to get started in network security. It stands as a springboard into a whole new area of study for my career. I've already come up with a few projects that must be implemented in our network just from reading this introductory book. In the coming months, I plan to read as many security and hacking titles as I can and use that information to better secure our network. I can tell it's going to be a busy year. On my 5 ping rating scale, I give this book an emphatic 5. !!!!!

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted October 31, 2004

    Good First-Step to MUCH NEEDED Network Security!

    Network Security First-Step (Your first step into the world of network security) Reviewer Name: Steve Owen Scheiderer, Network Administrator Reviewer Certification: MCSE NT 4.0, CCNA ISBN: 1-58720-099-6 If you¿ve ever been victimized by a hacker you¿re left standing there asking ¿How¿d they do this?¿ and ¿What could we have done to prevent it?¿ One of the most valuable insights of Network Security First-Step by Tom Thomas is that you don¿t have to be a rocket scientist to begin fighting hacker attacks. Thomas introduces the reader to the techniques ¿ often strikingly simplistic or scripted via readily available tools ¿ of the hacker with a ¿It takes one to fight one!¿ tactic. Although there is plethora of technical information, there is plenty of non-technical information to consider. There is something for network administrators, security experts, CEOs and average Jane and Joe user at the office (or at home). Even the most non-technical user learns the importance of and the role they play in protecting the network with a ¿loose lips sink ships¿ approach. CEOs and policy-makers learn to lead by example as they submit to best practices and written policies. This may be one of the greatest feature of the book for the more technically savvy network professional who absolutely needs to enlist the cooperation of both CEO and the average user if the network security war is to be won. Thomas builds on years of experience to show how hackers not only are interested in ¿targets of choice¿ but also ¿targets of opportunity¿. The goal is to protect the network on various levels to guard against either type of attack from the extremely sophisticated to those inflicted on sitting ducks (¿targets of opportunity¿). An entire chapter (Two) is dedicated to written security polices and each chapter is full of tools to use in this quest. Thomas¿ expertise simultaneously shines (especially in the ¿Secure IOS Template¿ pp. 216-228) and presents a challenge to the novice in the area of network security. At times terminology is presented prior to its definition (like ¿social engineering¿ on page 4 and definition on page 5; ¿choke point¿ on page 192 and definition on page 193). Patience will be a virtue for the reader when coming upon new terminology throughout the book. So many tools are presented that at times the reader can be left wondering ¿what does this tool do?¿ The ¿Acceptable Use Policy¿ of Granite Systems is offered ¿if you want to reuse this policy¿ (p. 54) but the reader was never told where the text (template) could be downloaded. Finally, at times chapter outlines, figures and flow of the text were hard to follow. Nevertheless, Thomas¿ expertise and insight make these minor challenges worth enduring and certainly this is complex topic which a book such as this can only begin to explore. I would definitely read other titles by this author and his team of technical editors. I give Network Security First-Step a 4.5 rating on a scale of 1 to 5. An on-line errata page would greatly assist the reader in filling in some of gaps, typos, etc. missed by the author and editors.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted September 21, 2004

    A 'must have' for anyone in the field of Network Security

    When it comes to a broad topic such as Network Security, the guidelines become obscured with millions of factoids available everywhere. Organizations coming to you left, right, and center vying for attention and trying to instill fear and uncertainty in your network. Giving you examples of how an insecure network can ruin a company, or worse, ruin several companies with a single attack. Well, that is just fine for those who have been in the field for a while and know what is expected of them, but what about the student who wants to get into this ever-expanding field? Or the professional that has been 'out of the loop' for several years, how is he or she going to be introduced to the Network Security spectrum as it stands today? The answer, my friends, is in this book. The very first chapter is devoted to what we as security professionals are up against... Hackers! After all, you can give a blind man a rifle and tell him to defend himself, but if he doesn't have the knowledge to 'see' the enemy, how can he possibly do that? Tom delves into the mind of a hacker and shows you how he or she can enter your network through vulnerabilities, using tools (which anyone can use) or by using a method called 'social engineering.' The layout of the book is simply brilliant. Each chapter has an outline in the beginning, showing what you are expected to learn. For those that like to just 'skim the pages,' it allows for that as well. Not to mention the review questions at the end of each chapter give you an opportunity to evaluate your current level of knowledge. I know some of you out there are saying, 'What about Wireless Network Security?' Well, Tom goes into that issue too, from giving diagrams showing how to import a physical firewall into your network, to showing you how even that can be exploited. Tom has gone to great lengths to show us the 'bread and butter' of the internet and how it can ruin or enrich our lives through proper network security. Given the fact that this is a 'first-step' book, it just scratches the surface of the issue. Think of this release as a smorgasbord, it gives a wide scope of how the internet and network security works, but it leaves you thirsting for more knowledge on the subject.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted September 5, 2004

    Right step in learning Network Security

    You don't need to work in the Information Technology field to know that Network Security has become a concern and area of focus for many businesses and governments. The media is constantly reporting on the various computer viruses, denial-of-service attacks, digital information theft, or latest vulnerabilities. There seems to be an endless number of people that either 1) like to cause grief for others or, 2) have just a little too much time on their hands. Whatever the case may be, these bad, bad people are creating opportunities for those of us interested in this dynamic and exciting field. As the title suggests, this book is a good 'first-step' toward building at least an awareness of Network Security. Looking for a broad overview of different technologies, concepts, best practices, etc. to start out with, I chose this book. I will mention at this point that before reading this book or doing any studying, I attempted CompTIA's Security+ exam. Let me just say that if you've been working as a Network/SysAdmin for a few years and happen to know what port 443 is used for, you probably won't pass it either. This book has filled in some of the holes (OK, gaping crevices) where I was lacking. It definitely covered many, if not all, of the topics I recall from the exam. The author, Tom Thomas, succeeded in covering a lot of information in an easy to read format along with many references for more in-depth study. I actually bookmarked all the websites mentioned so that I can use them for later reference. I liked the layout of the chapters - starting first with an overview, covering more specific topics, and then discussing the tools that hackers already use and network administrators should use. My recommendation: have a basic understanding of networking and the importance of securing electronic information resources before picking up this book. If you don't have that, you may want to pick up another CiscoPress title (which I have not read): Computer Networking First-Step. While the book intends to be an introduction to security, if you will, it actually went into more detail than I expected; chapter 6, Router Security, is a good example. Here you'll find an entire Cisco IOS template spanning 13 pages with comments on many of the commands and why they should or should not be used. If you've never worked with the Cisco IOS before, this chapter will probably lose you. If you like to write policies and procedures, Chapter 2 provides many examples of different security policies and how you might word them to fit your organization. Another chapter that I liked was Chapter 8 on Wireless Security. It certainly opened my eyes to my own deficiencies in this area (please, don't come 'sniffing' for my access point - at least not yet). Oh, and you can also learn to transform an ordinary Pringles can into a wireless antenna - very interesting if not entertaining! The book is mostly geared toward general vendor-neutral security concepts, but there is a bit of a bias toward Cisco products. What did you expect, though? It is, after all, the networking market leader and this book was printed by CiscroPress, right? Considering this, I was a little surprised to find so many grammatical errors throughout the book. All in all I consider this to be a good read for someone new to IT security; a stepping stone to further reading, areas of discipline or security certifications.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted July 27, 2004

    A good first step into security.

    The author of this first-step book will definitely help you take the first steps into security. I would even say that Tom Thomas takes you even a step further than the basics with the material and configuration examples included. With that said I would be hesitant to recommend this to someone with no networking or IT background. I mention this because a lot of the information, although very informative, is geared for industry professionals who want to gain more information on the security field. As security becomes a greater concern in all aspects of Information Technology, it will become not only necessary but in some instances legally necessary to be up to date with the right information to battle attackers. ¿Network Security first-step¿ will give you a great deal of security information to begin with. I really enjoyed the section on Router Security (Chapter 6). For anyone dealing with day to day networking, you will almost certainly run into the need to secure your edge devices. Another really helpful part of the book in this chapter is the Secure IOS Template. This template will give you the necessary configuration components to secure your edge devices. Each command line in the Secure IOS Template is detailed with notes on what each line will achieve. My favorite theory section was on wireless security (Chapter 8). Mr. Thomas starts by reviewing the basics of wireless. He then delves into the possible threats and how they can be done. We then are treated to the different technologies used to secure wireless transmissions. In the end of the chapter we also get reviews of tools used to monitor for security breaches. One of the nice points on how the book is laid out is how it starts a chapter with what you will learn in the following text. Then in the end of the chapters is a summary of what you have learned and a short chapter test on the material called a Chapter Review. The only criticism is that the answers to the Chapter Reviews are located in an Appendix in the rear of the book. This causes you to have to flip to the back of the book to check your answers. I don¿t find this a terminal problem, but more annoying than anything else. If you want a book that covers a lot of security related topics with a dash of configuration examples to help you implement, then this book is for you.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted August 19, 2004

    Great Book on Network Security!!!

    Cisco has done it again by creating and easy to read and enjoyable book on introducing the world of Network Security. Network Security first-step is by far the best introduction for those who want to know more about the ever growing field of network security. This book is clear, concise, and easily readable. The first chapter takes you through and answers the question ¿What is a network?¿ and by the end of the book you have an understanding on what to look out for those intending to do harm to your network via the Internet and such. Network Security first-step is by far one of the most easily read and understandable books that I have enjoyed on this incredible field. Most books out there tend to get into too much technical jibber-jabber and lose the focus of the reader, but this book keeps your attention and gives very ¿down to earth¿ explanations and scenarios. You really get a feel for what the world of security involves and quickly come to realize that this is a growing market in which the opportunities are endless. The illustrations in the book are extremely helpful while teaching each valuable lesson. This prepares the reader on what to expect if the decide to continue their education with Cisco while pursuing one of their many certification paths. One of the greatest aspects of this book is the way in which it is written. The author talks to you in a very upbeat, down to earth, and conversational way making you feel as if you are right there with him. There is a kind of mentorship occurring by which he uses everyday examples that you can relate to and incorporates them into learning about the subject at hand. The chapter summaries in Network Security first-step are right on target. The author stresses the most fundamental and vital points again to make sure the reader is completely ready to move on and build upon what each chapter has to offer without confusing them along the way. This book is again by far the best I have read concerning this topic of Network Security! This series is incredibly valuable to those just starting out or are just curious and want to know more about this specific area of technology. Cisco has proved again to be the leader in the world of Networking! If you are thinking about getting into the evolving world of Network Security, Network Security first-step is definitely the only book you will need to start your journey of understanding and learning from the world leader of networking, Cisco Systems. Cisco and Tom M. Thomas have created a masterpiece!

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted August 17, 2004

    Great book!

    Network Security: first-step by Tom Thomas is a ¿must have¿ for any network administrator or junior engineer plagued by various internet attacks and hacks who lack a foundational understanding of the many facets to network security. As the title suggests, this is fantastic reference tool that should be read before being faced with a security breach of your critical data. With security threats on the rise it would behoove you to learn potential security holes within your environment before your security is compromised. This book accomplishes just that! More than anything, it makes for a GREAT reference manual broken down into chapters based on technologies. So if one wishes to take the ¿first-step¿ in learning router security ¿ Chapter 6 is not only a great starting point, but additionally offers information on where to go to continue expanding your knowledge of the subject matter. These references include contact information of other various data security organizations as well as URL¿s dedicated to information on network security based around the technology of interest. The book can be read cover to cover or used as reference material but what really makes it valuable is its resourcefulness in pointing you in the right direction. The author does not hide the ball with respect to his sources and offers them up to the reader in order for them to delve into any particular subject matter further to their heart¿s content. On the other hand, however, the area on security policies seemed a little overkill but this is understandable since it is tailored to the security ¿newbie¿. The repetitiveness of ¿You have to have a written policy!¿ for network, e-mail, Internet use, VPN, extranet, etc. seemed verbose and redundant. Tom Thomas is technically accurate every step of the way and the book flows so smoothly that it can be read by both a beginning learner and a seasoned veteran alike without insulting their intelligence. The ever present minor grammatical and spelling errors, which are easily overlooked as evidenced by their presence, do not break the flow of the reading and I am confident that these superficial errors will be fixed during the book¿s second release. (Hopefully!) Overall, I give this book high marks for its ease of readability and its resourcefulness! With Cisco Press¿ launch of its new ¿first-step¿ series it is intending to capture an audience that was ignored. Far too common I saw people wanting to get into this industry only to be overwhelmed by its technical complexities but this series lays it out in an easily digestible format.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 4, 2012

    No text was provided for this review.

  • Anonymous

    Posted July 22, 2010

    No text was provided for this review.

Sort by: Showing all of 10 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)