Secure Your Network for Free

Paperback (Print)
Buy New
Buy New from BN.com
$33.56
Used and New from Other Sellers
Used and New from Other Sellers
from $7.05
Usually ships in 1-2 business days
(Save 84%)
Other sellers (Paperback)
  • All (13) from $7.05   
  • New (5) from $41.29   
  • Used (8) from $7.05   

Overview

This is the only book to clearly demonstrate how to get big dollar security for your network using freely available tools. This is a must have book for any company or person with a limited budget.

Network security is in a constant struggle for budget to get things done. Upper management wants thing to be secure but doesn’t want to pay for it. With this book as a guide, everyone can get what they want. The examples and information will be of immense value to every small business. It will explain security principles and then demonstrate how to achieve them using only freely available software.

* Teachers you how to implement best of breed security using tools for free
* Ideal for anyone recomending and implementing new technologies within the company
* Companion Web site contains dozens of working scripts and tools

Seagren shows readers how to secure their network from top to bottom without spending a penny on security software using best of breed open source software including Snort, Nessus, and Ethereal.

Read More Show Less

Product Details

  • ISBN-13: 9781597491235
  • Publisher: Elsevier Science
  • Publication date: 2/15/2007
  • Pages: 512
  • Product dimensions: 7.00 (w) x 10.00 (h) x 1.03 (d)

Meet the Author

Eric Seagren, CISSP, CISA, ISSAP, JPMorganChase has 10 years experience in IT Security and has spent the last 7 years at, one of the largest financial institutions in the world. Eric has contributed to several computer security books including: Hacking Exposed: Cisco Networks (McGraw-Hill, ISBN: 0072259175), Configuring Checkpoint NGX (Syngress, ISBN: 1597490318), and Hardening Network Security (McGraw-Hill, ISBN: 00725557032).
Read More Show Less

Table of Contents


Presenting the Business Case for Free Solutions     1
Introduction     2
The Costs of Using Free Security Solutions     2
Training Costs     3
Hardware Costs     3
Consulting Costs     4
Hidden Costs     5
The Savings of Using Free Security Solutions     6
Purchase Costs     6
Maintenance Costs     7
Customization Costs     7
Comparing Free Solutions with Commercial Solutions     8
Strengths of Free Solutions     9
Weaknesses of Free Solutions     10
Evaluating Individual Solutions     12
"Selling" a Free Solution     16
Selling by Doing     17
Presenting a Proposal     17
Summary     19
Solutions Fast Track     19
Frequently Asked Questions     21
Protecting Your Perimeter     23
Introduction     24
Firewall Types     24
Firewall Architectures     27
Screened Subnet     27
One-Legged     28
True DMZ     30
Implementing Firewalls     31
Hardware versus Software Firewalls     32
Configuring netfilter     32
Choosing a Linux Version     32
Choosing Installation Media     33
Linux Firewall Operation     36
Configuration Examples     42
GUIs     55
Smoothwall     76
Configuring Windows Firewall     85
Providing Secure Remote Access     86
Providing VPN Access     87
Using Windows as a VPN Concentrator     89
iPig     93
OpenSSL VPN     98
Providing a Remote Desktop     108
Windows Terminal Services     109
VNC     113
Using the X Window System     119
Providing a Remote Shell     125
Using Secure Shell     126
Using a Secure Shell GUI Client     128
Summary     130
Solutions Fast Track     131
Frequently Asked Questions     132
Protecting Network Resources     133
Introduction     134
Performing Basic Hardening     134
Defining Policy     135
Access Controls     137
Authentication     137
Authorization     138
Auditing      138
Hardening Windows Systems     139
General Hardening Steps     139
Users and Groups     142
File-Level Access Controls     147
Additional Steps     152
Using Microsoft Group Policy Objects     153
Account Lockout Policy     159
Audit Policy     160
User Rights Assignment     160
Hardening Linux Systems     164
General Hardening Steps     164
Users and Groups     165
File-Level Access Controls     168
Using the Bastille Hardening Script     172
Using SELinux     173
Hardening Infrastructure Devices     175
Patching Systems     176
Patching Windows Systems     177
Patching Linux Systems     179
Personal Firewalls     180
Windows Firewall     180
Netfilter Firewall     187
Configuring TCP Wrappers     187
Providing Antivirus and Antispyware Protection     188
Antivirus Software     189
Clam AntiVirus     189
Using Online Virus Scanners     196
Antispyware Software     196
Microsoft Windows Defender      197
Microsoft Malicious Software Removal Tool     200
Encrypting Sensitive Data     201
EFS     202
Summary     209
Solutions Fast Track     209
Frequently Asked Questions     212
Configuring an Intrusion Detection System     215
Introduction     216
Intrusion Detection Systems     216
Configuring an Intrusion Detection System     217
Hardware Requirements     218
Placing Your NIDS     218
Configuring Snort on a Windows System     221
Installing Snort     222
Configuring Snort Options     225
Using a Snort GUI Front End     231
Configuring IDS Policy Manager     232
Configuring Snort on a Linux System     240
Configuring Snort Options     240
Using a GUI Front End for Snort     246
Basic Analysis and Security Engine     246
Other Snort Add-Ons     254
Using Oinkmaster     254
Additional Research     256
Demonstrating Effectiveness     257
Summary     258
Solutions Fast Track     259
Frequently Asked Questions      261
Managing Event Logs     263
Introduction     264
Generating Windows Event Logs     264
Using Group Policy to Generate Windows Events Logs     267
Generating Custom Windows Event Log Entries     274
Collecting Windows Event Logs     275
Analyzing Windows Event Logs     277
Generating Syslog Event Logs     279
Windows Syslog     282
Generating Syslog Events     282
Receiving Syslog Events     295
Linux Syslog     297
Generating Syslog Events     297
Encrypting Syslog Traffic     298
Receiving Syslog Events on a Linux Host     311
Analyzing Syslog Logs on Windows and Linux     312
Windows Log Analysis     313
Linux Log Analysis     321
Securing Your Event Logs     327
Ensuring Chain of Custody     328
Ensuring Log Integrity     329
Applying Your Knowledge     331
Summary     333
Solutions Fast Track     333
Frequently Asked Questions     335
Testing and Auditing Your Systems     337
Introduction     338
Taking Inventory      338
Locating and Identifying Systems     339
Nmap     341
Super Scanner     347
Angry IP Scanner     351
Scanline     352
Special-Purpose Enumerators     355
Locating Wireless Systems     357
Network Stumbler     358
Documentation     361
Network Topology Maps     362
Access Request Forms     364
Business Continuity and Disaster Recovery Plans     365
IT Security Policies/Standards/Procedures     365
Vulnerability Scanning     366
Nessus     367
Running Nessus on Windows     368
Running Nessus on Linux     371
X-Scan     375
Microsoft Baseline Security Analyzer     379
OSSTMM     382
Summary     386
Solutions Fast Track     386
Frequently Asked Questions     387
Network Reporting and Troubleshooting     389
Introduction     390
Reporting on Bandwidth Usage and Other Metrics     390
Collecting Data for Analysis     392
Understanding SNMP     394
Configuring Multi Router Traffic Grapher      397
Configuring MZL & Novatech TrafficStatistic     400
Configuring PRTG Traffic Grapher     403
Configuring ntop     412
Enabling SNMP on Windows Hosts     418
Enabling SNMP on Linux Hosts     421
Troubleshooting Network Problems     424
Using a GUI Sniffer     425
Using a Command-Line Sniffer     433
Additional Troubleshooting Tools     438
Netcat     439
Tracetcp     439
Netstat     440
Summary     442
Solutions Fast Track     442
Frequently Asked Questions     444
Security as an Ongoing Process     447
Introduction     448
Patch Management     448
Network Infrastructure Devices     452
Operating System Patches     453
Application Patches     453
Change Management     454
Change Causes Disruption     454
Inadequate Documentation Can Exacerbate Problems     455
Change Management Strategy     455
Antivirus     459
Antispyware     459
Intrusion Detection Systems     460
Vulnerability Scanning      460
Vulnerability Management Cycle     461
Roles and Responsibilities     463
Penetration Testing     463
Obtaining the Support of Senior Management     464
Clarify What You Are Buying     464
Policy Review     465
Physical Security     466
Cert Team     468
Summary     470
Solutions Fast Track     470
Frequently Asked Questions     472
Index     475
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)