Network Security Hacks | O'Reilly Media

Network Security Hacks, Second Edition Tips & Tools for Protecting Your Privacy By Andrew Lockhart
October 2006
Pages: 478

| Table of Contents | Index | Sample Chapter

Chapter 1 Unix Host Security
1. Secure Mount Points
2. Scan for SUID and SGID Programs
3. Scan for World- and Group-Writable Directories
4. Create Flexible Permissions Hierarchies with POSIX ACLs
5. Protect Your Logs from Tampering
6. Delegate Administrative Roles
7. Automate Cryptographic Signature Verification
8. Check for Listening Services
9. Prevent Services from Binding to an Interface
10. Restrict Services with Sandboxed Environments
11. Use proftpd with a MySQL Authentication Source
12. Prevent Stack-Smashing Attacks
13. Lock Down Your Kernel with grsecurity
14. Restrict Applications with grsecurity
15. Restrict System Calls with systrace
16. Create systrace Policies Automatically
17. Control Login Access with PAM
18. Restrict Users to SCP and SFTP
19. Use Single-Use Passwords for Authentication
20. Restrict Shell Environments
21. Enforce User and Group Resource Limits
22. Automate System Updates
Chapter 2 Windows Host Security
1. Check Servers for Applied Patches
2. Use Group Policy to Configure Automatic Updates
3. List Open Files and Their Owning Processes
4. List Running Services and Open Ports
5. Enable Auditing
6. Enumerate Automatically Executed Programs
7. Secure Your Event Logs
8. Change Your Maximum Log File Sizes
9. Back Up and Clear the Event Logs
10. Disable Default Shares
11. Encrypt Your Temp Folder
12. Back Up EFS
13. Clear the Paging File at Shutdown
14. Check for Passwords That Never Expire
Chapter 3 Privacy and Anonymity
1. Evade Traffic Analysis
2. Tunnel SSH Through Tor
3. Encrypt Your Files Seamlessly
4. Guard Against Phishing
5. Use the Web with Fewer Passwords
6. Encrypt Your Email with Thunderbird
7. Encrypt Your Email in Mac OS X
Chapter 4 Firewalling
1. Firewall with Netfilter
2. Firewall with OpenBSD’s PacketFilter
3. Protect Your Computer with the Windows Firewall
4. Close Down Open Ports and Block Protocols
5. Replace the Windows Firewall
6. Create an Authenticated Gateway
7. Keep Your Network Self-Contained
8. Test Your Firewall
9. MAC Filter with Netfilter
10. Block Tor
Chapter 5 Encrypting and Securing Services
1. Encrypt IMAP and POP with SSL
2. Use TLS-Enabled SMTP with Sendmail
3. Use TLS-Enabled SMTP with Qmail
4. Install Apache with SSL and suEXEC
5. Secure BIND
6. Set Up a Minimal and Secure DNS Server
7. Secure MySQL
8. Share Files Securely in Unix
Chapter 6 Network Security
1. Detect ARP Spoofing
2. Create a Static ARP Table
3. Protect Against SSH Brute-Force Attacks
4. Fool Remote Operating System Detection Software
5. Keep an Inventory of Your Network
6. Scan Your Network for Vulnerabilities
7. Keep Server Clocks Synchronized
8. Create Your Own Certificate Authority
9. Distribute Your CA to Clients
10. Back Up and Restore a Certificate Authority with Certificate Services
11. Detect Ethernet Sniffers Remotely
12. Help Track Attackers
13. Scan for Viruses on Your Unix Servers
14. Track Vulnerabilities
Chapter 7 Wireless Security
1. Turn Your Commodity Wireless Routers into a Sophisticated Security Platform
2. Use Fine-Grained Authentication for Your Wireless Network
3. Deploy a Captive Portal
Chapter 8 Logging
1. Run a Central Syslog Server
2. Steer Syslog
3. Integrate Windows into Your Syslog Infrastructure
4. Summarize Your Logs Automatically
5. Monitor Your Logs Automatically
6. Aggregate Logs from Remote Sites
7. Log User Activity with Process Accounting
8. Centrally Monitor the Security Posture of Your Servers
Chapter 9 Monitoring and Trending
1. Monitor Availability
2. Graph Trends
3. Get Real-Time Network Stats
4. Collect Statistics with Firewall Rules
5. Sniff the Ether Remotely
Chapter 10 Secure Tunnels
1. Set Up IPsec Under Linux
2. Set Up IPsec Under FreeBSD
3. Set Up IPsec in OpenBSD
4. Encrypt Traffic Automatically with Openswan
5. Forward and Encrypt Traffic with SSH
6. Automate Logins with SSH Client Keys
7. Use a Squid Proxy over SSH
8. Use SSH As a SOCKS Proxy
9. Encrypt and Tunnel Traffic with SSL
10. Tunnel Connections Inside HTTP
11. Tunnel with VTun and SSH
12. Generate VTun Configurations Automatically
13. Create a Cross-Platform VPN
14. Tunnel PPP
Chapter 11 Network Intrusion Detection
1. Detect Intrusions with Snort
2. Keep Track of Alerts
3. Monitor Your IDS in Real Time
4. Manage a Sensor Network
5. Write Your Own Snort Rules
6. Prevent and Contain Intrusions with Snort_inline
7. Automatically Firewall Attackers with SnortSam
8. Detect Anomalous Behavior
9. Automatically Update Snort’s Rules
10. Create a Distributed Stealth Sensor Network
11. Use Snort in High-Performance Environments with Barnyard
12. Detect and Prevent Web Application Intrusions
13. Scan Network Traffic for Viruses
14. Simulate a Network of Vulnerable Hosts
15. Record Honeypot Activity
Chapter 12 Recovery and Response
1. Image Mounted Filesystems
2. Verify File Integrity and Find Compromised Files
3. Find Compromised Packages
4. Scan for Rootkits
5. Find the Owner of a Network

Colophon

Return to Network Security Hacks

Table of Contents

Chapter 1 Unix Host Security

Secure Mount Points

Scan for SUID and SGID Programs

Scan for World- and Group-Writable Directories

Create Flexible Permissions Hierarchies with POSIX ACLs

Protect Your Logs from Tampering

Delegate Administrative Roles

Automate Cryptographic Signature Verification

Check for Listening Services

Prevent Services from Binding to an Interface

Restrict Services with Sandboxed Environments

Use proftpd with a MySQL Authentication Source

Prevent Stack-Smashing Attacks

Lock Down Your Kernel with grsecurity

Restrict Applications with grsecurity

Restrict System Calls with systrace

Create systrace Policies Automatically

Control Login Access with PAM

Restrict Users to SCP and SFTP

Use Single-Use Passwords for Authentication

Restrict Shell Environments

Enforce User and Group Resource Limits

Automate System Updates

Chapter 2 Windows Host Security

Check Servers for Applied Patches

Use Group Policy to Configure Automatic Updates

List Open Files and Their Owning Processes

List Running Services and Open Ports

Enable Auditing

Enumerate Automatically Executed Programs

Secure Your Event Logs

Change Your Maximum Log File Sizes

Back Up and Clear the Event Logs

Disable Default Shares

Encrypt Your Temp Folder

Back Up EFS

Clear the Paging File at Shutdown

Check for Passwords That Never Expire

Chapter 3 Privacy and Anonymity

Evade Traffic Analysis

Tunnel SSH Through Tor

Encrypt Your Files Seamlessly

Guard Against Phishing

Use the Web with Fewer Passwords

Encrypt Your Email with Thunderbird

Encrypt Your Email in Mac OS X

Chapter 4 Firewalling

Firewall with Netfilter

Firewall with OpenBSD’s PacketFilter

Protect Your Computer with the Windows Firewall

Close Down Open Ports and Block Protocols

Replace the Windows Firewall

Create an Authenticated Gateway

Keep Your Network Self-Contained

Test Your Firewall

MAC Filter with Netfilter

Block Tor

Chapter 5 Encrypting and Securing Services

Encrypt IMAP and POP with SSL

Use TLS-Enabled SMTP with Sendmail

Use TLS-Enabled SMTP with Qmail

Install Apache with SSL and suEXEC

Secure BIND

Set Up a Minimal and Secure DNS Server

Secure MySQL

Share Files Securely in Unix

Chapter 6 Network Security

Detect ARP Spoofing

Create a Static ARP Table

Protect Against SSH Brute-Force Attacks

Fool Remote Operating System Detection Software

Keep an Inventory of Your Network

Scan Your Network for Vulnerabilities

Keep Server Clocks Synchronized

Create Your Own Certificate Authority

Distribute Your CA to Clients

Back Up and Restore a Certificate Authority with Certificate Services

Detect Ethernet Sniffers Remotely

Help Track Attackers