Book description
In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks.
What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines.
Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.
Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:
- Firewall technologies: packet filtering, proxying, network address translation, virtual private networks
- Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls
- Issues involved in a variety of new Internet services and protocols through a firewall
- Email and News
- Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)
- File transfer and sharing services such as NFS, Samba
- Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000
- Real-time conferencing services such as ICQ and talk
- Naming and directory services (e.g., DNS, NetBT, the Windows Browser)
- Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);
- Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)
- Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)
- Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)
The book's complete list of resources includes the location of many publicly available firewall construction tools.
Publisher resources
Table of contents
- Preface
-
I. Network Security
-
1. Why Internet Firewalls?
- 1.1. What Are You Trying to Protect?
- 1.2. What Are You Trying to Protect Against?
- 1.3. Who Do You Trust?
- 1.4. How Can You Protect Your Site?
-
1.5. What Is an Internet Firewall?
- 1.5.1. What Can a Firewall Do?
-
1.5.2. What Can’t a Firewall Do?
- 1.5.2.1. A firewall can’t protect you against malicious insiders
- 1.5.2.2. A firewall can’t protect you against connections that don’t go through it
- 1.5.2.3. A firewall can’t protect against completely new threats
- 1.5.2.4. A firewall can’t fully protect against viruses
- 1.5.2.5. A firewall can’t set itself up correctly
- 1.5.3. What’s Wrong with Firewalls?
- 1.6. Religious Arguments
-
2. Internet Services
- 2.1. Secure Services and Safe Services
- 2.2. The World Wide Web
- 2.3. Electronic Mail and News
- 2.4. File Transfer, File Sharing, and Printing
- 2.5. Remote Access
- 2.6. Real-Time Conferencing Services
- 2.7. Naming and Directory Services
- 2.8. Authentication and Auditing Services
- 2.9. Administrative Services
- 2.10. Databases
- 2.11. Games
- 3. Security Strategies
-
1. Why Internet Firewalls?
-
II. Building Firewalls
- 4. Packets and Protocols
-
5. Firewall Technologies
- 5.1. Some Firewall Definitions
- 5.2. Packet Filtering
- 5.3. Proxy Services
-
5.4. Network Address Translation
- 5.4.1. Advantages of Network Address Translation
-
5.4.2. Disadvantages of Network Address Translation
- 5.4.2.1. Dynamic allocation requires state information that is not always available
- 5.4.2.2. Embedded IP addresses are a problem for network address translation
- 5.4.2.3. Network address translation interferes with some encryption and authentication systems
- 5.4.2.4. Dynamic allocation of addresses interferes with logging
- 5.4.2.5. Dynamic allocation of ports may interfere with packet filtering
- 5.5. Virtual Private Networks
-
6. Firewall Architectures
- 6.1. Single-Box Architectures
- 6.2. Screened Host Architectures
- 6.3. Screened Subnet Architectures
- 6.4. Architectures with Multiple Screened Subnets
-
6.5. Variations on Firewall Architectures
- 6.5.1. It’s OK to Use Multiple Bastion Hosts
- 6.5.2. It’s OK to Merge the Interior Router and the Exterior Router
- 6.5.3. It’s OK to Merge the Bastion Host and the Exterior Router
- 6.5.4. It’s Dangerous to Merge the Bastion Host and the Interior Router
- 6.5.5. It’s Dangerous to Use Multiple Interior Routers
- 6.5.6. It’s OK to Use Multiple Exterior Routers
- 6.5.7. It’s Dangerous to Use Both Screened Subnets and Screened Hosts
- 6.6. Terminal Servers and Modem Pools
- 6.7. Internal Firewalls
- 7. Firewall Design
-
8. Packet Filtering
- 8.1. What Can You Do with Packet Filtering?
- 8.2. Configuring a Packet Filtering Router
- 8.3. What Does the Router Do with Packets?
- 8.4. Packet Filtering Tips and Tricks
- 8.5. Conventions for Packet Filtering Rules
- 8.6. Filtering by Address
- 8.7. Filtering by Service
-
8.8. Choosing a Packet Filtering Router
- 8.8.1. It Should Have Good Enough Packet Filtering Performance for Your Needs
- 8.8.2. It Can Be a Single-Purpose Router or a General-Purpose Computer
- 8.8.3. It Should Allow Simple Specification of Rules
- 8.8.4. It Should Allow Rules Based on Any Header or Meta-Packet Criteria
- 8.8.5. It Should Apply Rules in the Order Specified
- 8.8.6. It Should Apply Rules Separately to Incoming and Outgoing Packets, on a Per-Interface Basis
- 8.8.7. It Should Be Able to Log Accepted and Dropped Packets
- 8.8.8. It Should Have Good Testing and Validation Capabilities
- 8.9. Packet Filtering Implementations for General-Purpose Computers
- 8.10. Where to Do Packet Filtering
- 8.11. What Rules Should You Use?
- 8.12. Putting It All Together
- 9. Proxy Systems
-
10. Bastion Hosts
- 10.1. General Principles
- 10.2. Special Kinds of Bastion Hosts
- 10.3. Choosing a Machine
- 10.4. Choosing a Physical Location
- 10.5. Locating Bastion Hosts on the Network
- 10.6. Selecting Services Provided by a Bastion Host
- 10.7. Disabling User Accounts on Bastion Hosts
- 10.8. Building a Bastion Host
- 10.9. Securing the Machine
- 10.10. Disabling Nonrequired Services
- 10.11. Operating the Bastion Host
- 10.12. Protecting the Machine and Backups
-
11. Unix and Linux Bastion Hosts
- 11.1. Which Version of Unix?
- 11.2. Securing Unix
- 11.3. Disabling Nonrequired Services
- 11.4. Installing and Modifying Services
- 11.5. Reconfiguring for Production
- 11.6. Running a Security Audit
-
12. Windows NT and Windows 2000 Bastion Hosts
- 12.1. Approaches to Building Windows NT Bastion Hosts
- 12.2. Which Version of Windows NT?
- 12.3. Securing Windows NT
- 12.4. Disabling Nonrequired Services
- 12.5. Installing and Modifying Services
-
III. Internet Services
-
13. Internet Services and Firewalls
- 13.1. Attacks Against Internet Services
- 13.2. Evaluating the Risks of a Service
- 13.3. Analyzing Other Protocols
- 13.4. What Makes a Good Firewalled Service?
-
13.5. Choosing Security-Critical Programs
-
13.5.1. My Product Is Secure Because . . .
- 13.5.1.1. It contains no publicly available code, so it’s secret
- 13.5.1.2. It contains publicly available code, so it’s been well reviewed
- 13.5.1.3. It is built entirely from scratch, so it didn’t inherit any bugs from any other products
- 13.5.1.4. It is built on an old, well-tested code base
- 13.5.1.5. It doesn’t run as root/Administrator/LocalSystem
- 13.5.1.6. It doesn’t run under Unix, or it doesn’t run on a Microsoft operating system
- 13.5.1.7. There are no known attacks against it
- 13.5.1.8. It uses public key cryptography (or some other secure-sounding technology)
- 13.5.2. Their Product Is Insecure Because . . .
-
13.5.3. Real Indicators of Security
- 13.5.3.1. Security was one of the design criteria
- 13.5.3.2. The supplier can discuss how major security problems were avoided
- 13.5.3.3. It is possible for you to review the code
- 13.5.3.4. Somebody you know and trust actually has reviewed the code
- 13.5.3.5. There is a security notification and update procedure
- 13.5.3.6. The server implements a recent (but accepted) version of the protocol
- 13.5.3.7. The program uses standard error-logging mechanisms
- 13.5.3.8. There is a secure software distribution mechanism
-
13.5.1. My Product Is Secure Because . . .
- 13.6. Controlling Unsafe Configurations
-
14. Intermediary Protocols
- 14.1. Remote Procedure Call (RPC)
- 14.2. Distributed Component Object Model (DCOM)
- 14.3. NetBIOS over TCP/IP (NetBT)
- 14.4. Common Internet File System (CIFS) and Server Message Block (SMB)
- 14.5. Common Object Request Broker Architecture (CORBA) and Internet Inter-Orb Protocol (IIOP)
- 14.6. ToolTalk
-
14.7. Transport Layer Security (TLS) and Secure Socket Layer
(SSL)
- 14.7.1. The TLS and SSL Protocols
- 14.7.2. Cryptography in TLS and SSL
- 14.7.3. Use of TLS and SSL by Other Protocols
- 14.7.4. Packet Filtering Characteristics of TLS and SSL
- 14.7.5. Proxying Characteristics of TLS and SSL
- 14.7.6. Network Address Translation Characteristics of TLS and SSL
- 14.7.7. Summary of Recommendations for TLS and SSL
- 14.8. The Generic Security Services API (GSSAPI)
- 14.9. IPsec
- 14.10. Remote Access Service (RAS)
- 14.11. Point-to-Point Tunneling Protocol (PPTP)
- 14.12. Layer 2 Transport Protocol (L2TP)
-
15. The World Wide Web
- 15.1. HTTP Server Security
- 15.2. HTTP Client Security
- 15.3. HTTP
- 15.4. Mobile Code and Web-Related Languages
- 15.5. Cache Communication Protocols
- 15.6. Push Technologies
-
15.7. RealAudio and RealVideo
- 15.7.1. Risks of RealServer
- 15.7.2. Risks of RealAudio and RealVideo Clients
- 15.7.3. Packet Filtering Characteristics of RealAudio and RealVideo
- 15.7.4. Proxying Characteristics of RealAudio and RealVideo
- 15.7.5. Network Address Translation Characteristics of RealAudio and RealVideo
- 15.7.6. Summary Recommendations for RealAudio and RealVideo
- 15.8. Gopher and WAIS
-
16. Electronic Mail and News
- 16.1. Electronic Mail
-
16.2. Simple Mail Transfer Protocol (SMTP)
- 16.2.1. Extended SMTP (ESMTP)
- 16.2.2. TLS/SSL, SSMTP, and STARTTLS
- 16.2.3. Packet Filtering Characteristics of SMTP
- 16.2.4. Proxying Characteristics of SMTP
- 16.2.5. Network Address Translation Characteristics of SMTP
- 16.2.6. Configuring SMTP to Work with a Firewall
- 16.2.7. Sendmail
- 16.2.8. Other Freely Available SMTP Servers for Unix
- 16.2.9. Commercial SMTP Servers for Unix
- 16.2.10. Improving SMTP Security with smap and smapd
- 16.2.11. biff
- 16.2.12. SMTP Support in Non-SMTP Mail Systems
- 16.2.13. SMTP Servers for Windows NT
- 16.2.14. Summary of Recommendations for SMTP
- 16.3. Other Mail Transfer Protocols
- 16.4. Microsoft Exchange
- 16.5. Lotus Notes and Domino
- 16.6. Post Office Protocol (POP)
- 16.7. Internet Message Access Protocol (IMAP)
- 16.8. Microsoft Messaging API (MAPI)
- 16.9. Network News Transfer Protocol (NNTP)
-
17. File Transfer, File Sharing, and Printing
-
17.1. File Transfer Protocol (FTP)
- 17.1.1. Packet Filtering Characteristics of FTP
- 17.1.2. Proxying Characteristics of FTP
- 17.1.3. Network Address Translation Characteristics of FTP
- 17.1.4. Providing Anonymous FTP Service
- 17.1.5. Summary of Recommendations for FTP
- 17.2. Trivial File Transfer Protocol (TFTP)
- 17.3. Network File System (NFS)
- 17.4. File Sharing for Microsoft Networks
- 17.5. Summary of Recommendations for File Sharing
- 17.6. Printing Protocols
- 17.7. Related Protocols
-
17.1. File Transfer Protocol (FTP)
-
18. Remote Access to Hosts
- 18.1. Terminal Access (Telnet)
-
18.2. Remote Command Execution
-
18.2.1. BSD “r” Commands
- 18.2.1.1. BSD “r” commands under Windows NT
- 18.2.1.2. Packet filtering characteristics of the BSD “r” commands
- 18.2.1.3. Proxying characteristics of the BSD “r” commands
- 18.2.1.4. Network address translation characteristics of the BSD “r"commands
- 18.2.1.5. Summary of recommendations for the BSD “r” command
- 18.2.2. rexec
- 18.2.3. rex
- 18.2.4. Windows NT Remote Commands
-
18.2.5. Secure Shell (SSH)
- 18.2.5.1. What makes SSH secure?
- 18.2.5.2. SSH server authentication
- 18.2.5.3. SSH client authentication
- 18.2.5.4. Additional SSH options for client control
- 18.2.5.5. SSH session hijacking protection
- 18.2.5.6. Port forwarding
- 18.2.5.7. Remote X11 Window System support
- 18.2.5.8. Packet filtering characteristics of SSH
- 18.2.5.9. Proxying characteristics of SSH
- 18.2.5.10. Network address translation characteristics of SSH
- 18.2.5.11. Summary of recommendations for SSH
-
18.2.1. BSD “r” Commands
- 18.3. Remote Graphical Interfaces
-
19. Real-Time Conferencing Services
- 19.1. Internet Relay Chat (IRC)
- 19.2. ICQ
- 19.3. talk
-
19.4. Multimedia Protocols
-
19.4.1. T.120 and H.323
- 19.4.1.1. Packet filtering characteristics of T.120
- 19.4.1.2. Proxying characteristics of T.120
- 19.4.1.3. Network address translation characteristics of T.120
- 19.4.1.4. Packet filtering characteristics of H.323
- 19.4.1.5. Proxying characteristics of H.323
- 19.4.1.6. Network address translation characteristics of H.323
- 19.4.1.7. Summary of recommendations for T.120 and H.323
- 19.4.2. The Real-Time Transport Protocol (RTP) and the RTP Control Protocol (RTCP)
-
19.4.1. T.120 and H.323
- 19.5. NetMeeting
- 19.6. Multicast and the Multicast Backbone (MBONE)
-
20. Naming and Directory Services
-
20.1. Domain Name System (DNS)
- 20.1.1. Packet Filtering Characteristics of DNS
- 20.1.2. Proxying Characteristics of DNS
- 20.1.3. DNS Data
- 20.1.4. DNS Security Problems
-
20.1.5. Setting Up DNS to Hide Information, Without
Subdomains
- 20.1.5.1. Set up a “fake” DNS server on the bastion host for the outside world to use
- 20.1.5.2. Set up a real DNS server on an internal system for internal hosts to use
- 20.1.5.3. Internal DNS clients query the internal server
- 20.1.5.4. Bastion DNS clients also query the internal server
- 20.1.5.5. What your packet filtering system needs to allow
- 20.1.6. Setting Up DNS to Hide Information, with Subdomains
- 20.1.7. Setting Up DNS Without Hiding Information
- 20.1.8. Windows 2000 and DNS
- 20.1.9. Network Address Translation Characteristics of DNS
- 20.1.10. Summary of Recommendations for DNS
- 20.2. Network Information Service (NIS)
-
20.3. NetBIOS for TCP/IP Name Service and Windows Internet Name
Service
- 20.3.1. Name Resolution Under Windows
- 20.3.2. NetBIOS Names
- 20.3.3. NetBT Name Service Operations
- 20.3.4. WINS Server-Server Communication
- 20.3.5. The WINS Manager
- 20.3.6. Security Implications of NetBT Name Service and WINS
- 20.3.7. Packet Filtering Characteristics of NetBT Name Service
- 20.3.8. Proxying Characteristics of NetBT Name Service and WINS
- 20.3.9. Network Address Translation Characteristics of NetBT Name Service and WINS
- 20.3.10. Summary of Recommendations for NetBT Name Service and WINS
-
20.4. The Windows Browser
- 20.4.1. Domains and Workgroups
- 20.4.2. Windows Browser Roles
- 20.4.3. Browser Elections
- 20.4.4. Security Implications of the Windows Browser
- 20.4.5. Packet Filtering Characteristics of the Windows Browser
- 20.4.6. Proxying Characteristics of the Windows Browser
- 20.4.7. Network Address Translation Characteristics of the Windows Browser
- 20.4.8. Summary of Recommendations for the Windows Browser
- 20.5. Lightweight Directory Access Protocol (LDAP)
- 20.6. Active Directory
- 20.7. Information Lookup Services
-
20.1. Domain Name System (DNS)
-
21. Authentication and Auditing Services
- 21.1. What Is Authentication?
- 21.2. Passwords
- 21.3. Authentication Mechanisms
- 21.4. Modular Authentication for Unix
- 21.5. Kerberos
-
21.6. NTLM Domains
- 21.6.1. Finding a Domain Controller
- 21.6.2. The Logon Process
- 21.6.3. Secure Channel Setup
- 21.6.4. SMB Authentication
- 21.6.5. Accessing Other Computers
- 21.6.6. Alternate Authentication Methods
- 21.6.7. Controller-to-Controller Communication
- 21.6.8. The User Manager
- 21.6.9. Packet Filtering, Proxying, and Network Address Translation Characteristics of NTLM Domain Authentication
- 21.6.10. Summary of Recommendations for NTLM Domain Authentication
- 21.7. Remote Authentication Dial-in User Service (RADIUS)
- 21.8. TACACS and Friends
- 21.9. Auth and identd
-
22. Administrative Services
- 22.1. System Management Protocols
-
22.2. Routing Protocols
- 22.2.1. Routing Information Protocol (RIP)
- 22.2.2. Open Shortest Path First (OSPF)
- 22.2.3. Internet Group Management Protocol (IGMP)
- 22.2.4. Router Discovery/ICMP Router Discovery Protocol (IRDP)
- 22.2.5. Proxying Characteristics of Routing Protocols
- 22.2.6. Network Address Translation Characteristics of Routing Protocols
- 22.2.7. Summary of Recommendations for Routing Protocols
-
22.3. Protocols for Booting and Boot-Time Configuration
- 22.3.1. bootp
- 22.3.2. Dynamic Host Configuration Protocol (DHCP)
- 22.3.3. Packet Filtering Characteristics of DHCP and bootp
- 22.3.4. Proxying Characteristics of bootp and DHCP
- 22.3.5. Network Address Translation Characteristics of Booting and Boot-Time Configuration
- 22.3.6. Summary of Recommendations for Booting and Boot-Time Configuration
- 22.4. ICMP and Network Diagnostics
- 22.5. Network Time Protocol (NTP)
- 22.6. File Synchronization
- 22.7. Mostly Harmless Protocols
-
23. Databases and Games
-
23.1. Databases
-
23.1.1. Locating Database Servers
- 23.1.1.1. Putting both the web server and the database on the perimeter network
- 23.1.1.2. Putting both the web server and the database on the internal network
- 23.1.1.3. Using the database’s protocols to connect to a perimeter web server
- 23.1.1.4. Using a custom protocol to connect to a perimeter web server
- 23.1.2. Open Database Connectivity (ODBC) and Java Database Connectivity ( JDBC)
-
23.1.3. Oracle SQL*Net and Net8
- 23.1.3.1. Security implications of SQL*Net and Net8
- 23.1.3.2. Packet filtering characteristics of SQL*Net and Net8
- 23.1.3.3. Proxying characteristics of SQL*Net and Net8
- 23.1.3.4. Network address translation characteristics of SQL*Net and Net8
- 23.1.3.5. Summary of recommendations for SQL*Net and Net8
- 23.1.4. Tabular Data Stream (TDS)
- 23.1.5. Sybase
- 23.1.6. Microsoft SQL Server
-
23.1.1. Locating Database Servers
- 23.2. Games
-
23.1. Databases
-
24. Two Sample Firewalls
- 24.1. Screened Subnet Architecture
- 24.2. Merged Routers and Bastion Host Using General-Purpose Hardware
-
13. Internet Services and Firewalls
-
IV. Keeping Your Site Secure
-
25. Security Policies
- 25.1. Your Security Policy
- 25.2. Putting Together a Security Policy
-
25.3. Getting Strategic and Policy Decisions Made
- 25.3.1. Enlist Allies
- 25.3.2. Involve Everybody Who’s Affected
- 25.3.3. Accept “Wrong” Decisions
- 25.3.4. Present Risks and Benefits in Different Ways for Different People
- 25.3.5. Avoid Surprises
- 25.3.6. Condense to Important Decisions, with Implications
- 25.3.7. Justify Everything Else in Terms of Those Decisions
- 25.3.8. Emphasize that Many Issues Are Management and Personnel Issues, not Technical Issues
- 25.3.9. Don’t Assume That Anything Is Obvious
- 25.4. What If You Can’t Get a Security Policy?
- 26. Maintaining Firewalls
-
27. Responding to Security Incidents
- 27.1. Responding to an Incident
- 27.2. What to Do After an Incident
- 27.3. Pursuing and Capturing the Intruder
-
27.4. Planning Your Response
- 27.4.1. Planning for Detection
- 27.4.2. Planning for Evaluation of the Incident
- 27.4.3. Planning for Disconnecting or Shutting Down Machines
- 27.4.4. Planning for Notification of People Who Need to Know
- 27.4.5. Planning for Snapshots
- 27.4.6. Planning for Restoration and Recovery
- 27.4.7. Planning for Documentation
- 27.4.8. Periodic Review of Plans
- 27.5. Being Prepared
-
25. Security Policies
-
V. Appendixes
-
A. Resources
- A.1. Web Pages
- A.2. FTP Sites
- A.3. Mailing Lists
- A.4. Newsgroups
- A.5. Response Teams
- A.6. Other Organizations
- A.7. Conferences
- A.8. Papers
- A.9. Books
- B. Tools
- C. Cryptography
-
A. Resources
- Index
- About the Authors
- Colophon
- Copyright
Product information
- Title: Building Internet Firewalls, 2nd Edition
- Author(s):
- Release date: June 2000
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781565928718
You might also like
book
Linux Firewalls, Third Edition
An Internet-connected Linux machine is in a high-risk situation. Linux Firewalls, Third Edition details security steps …
book
Hacking Exposed Wireless, Third Edition, 3rd Edition
Exploit and defend against the latest wireless network attacks Learn to exploit weaknesses in wireless network …
book
Designing Network Security Second Edition
A practical guide to creating a secure network infrastructure Understand basic cryptography and security technologies Identify …
book
Cisco Router Firewall Security
Harden perimeter routers with Cisco firewall functionality and features to ensure network security Detect and prevent …