Computer and Information Security Handbook (Google eBook)

Front Cover
Morgan Kaufmann, May 4, 2009 - Computers - 928 pages
4 Reviews
Presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. Also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, including Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems as well as application standards and technologies required to build secure VPNs, configure client software and server operating systems, IPsec-enabled routers, firewalls and SSL clients. This comprehensive book will provide essential knowledge and skills needed to select, design and deploy a public key infrastructure (PKI) to secure existing and future applications.

* Chapters contributed by leaders in the field cover theory and practice of computer security technology, allowing the reader to develop a new level of technical expertise
* Comprehensive and up-to-date coverage of security issues facilitates learning and allows the reader to remain current and fully informed from multiple viewpoints
* Presents methods of analysis and problem-solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions
  

What people are saying - Write a review

User Review - Flag as inappropriate

I work with one of the chapter authors. He is a nice guy but doesnít really know what he is doing. He recently submitted a change request to add a firewall rule between two servers on the same subnet. The two servers donít even communicate thought the firewall! He does not understand the fundamentals of network communication. I would be very skeptical of the information in a book that hires him to write a chapter on security. Just my opinion. 

Review: Computer and Information Security Handbook

User Review  - Mei Hua - Goodreads

This is the most complete security book I have ever read. A book that describes every components really well, from malicious softwares, security to cryptography. It is also highly recommended to anybody learning network security. Read full review

Contents

9 DEFENSE IN DEPTH STRATEGY
388
GFI LANguard
389
11 SCANNER PERFORMANCE
390
15 VULNERABILITY DISCLOSURE DATE
391
16 PROACTIVE SECURITY VERSUS REACTIVE SECURITY
392
18 DIY VULNERABILITY ASSESSMENT
393
Data Encryption
397
1 NEED FOR CRYPTOGRAPHY
398

F Identify and Utilize BuiltIn Security Features of the Operating System and Applications
14
G Monitor Systems
16
H Hire a Third Party to Audit Security
17
I Dont Forget the Basics
19
J Patch Patch Patch
20
A Cryptography Primer
23
How Is Cryptography Done?
24
3 CIPHERS
25
The Shift Cipher
26
The Polyalphabetic Cipher
29
The KasiskiKerckhoff Method
30
4 MODERN CRYPTOGRAPHY
31
The OneTime Pad
32
Cracking Ciphers
33
The XOR Cipher and Logical Operands
34
Block Ciphers
35
5 THE COMPUTER AGE
36
Theory of Operation
37
Implementation
38
Preventing System Intrusions
39
2 SOBERING NUMBERS
40
4 MOTIVES
41
6 BOTS
42
7 SYMPTOMS OF INTRUSIONS
43
Know Todays Network Needs
44
Network Security Best Practices
45
10 RISK ANALYSIS
46
Audits
47
Application Firewalls
48
Unified Threat Management
49
What the User Has
50
Accounting
51
Guarding Against Network Intrusions
53
2 MALICIOUS SOFTWARE
56
Lures and Pull Attacks
57
3 DEFENSE IN DEPTH
58
4 PREVENTIVE MEASURES
59
Closing Ports
60
Antivirus and Antispyware Tools
61
Spam Filtering
62
Network Access Control
63
HostBased Monitoring
64
Behavior Anomalies
65
Traceback
66
Unix and Linux Security
67
2 BASIC UNIX SECURITY
68
Standard File and Device Access Semantics
69
4 PROTECTING USER ACCOUNTS AND STRENGTHENING AUTHENTICATION
71
Noninteractive Access
72
Other Network Authentication Mechanisms
73
5 REDUCING EXPOSURE TO THREATS BY LIMITING SUPERUSER PRIVILEGES
74
6 SAFEGUARDING VITAL DATA BY SECURING LOCAL AND NETWORK FILE SYSTEMS
76
Eliminating the Security Weakness of Linux and UNIX Operating Systems
79
What Is Linux?
80
System Architecture
82
2 HARDENING LINUX AND UNIX
84
Host Hardening
88
Systems Management Security
90
Incident Response Preparation
91
Organizational Considerations
92
Internet Security
93
Communications Architecture Basics
94
Getting More Specific
95
2 AN INTERNET THREAT MODEL
100
The DolevYao Adversary Model
101
3 DEFENDING AGAINST ATTACKS ON THE INTERNET
105
Layer Session Defenses
106
Session Startup Defenses
113
4 Conclusion
117
The Botnet Problem
119
2 BOTNET OVERVIEW
120
3 TYPICAL BOT LIFE CYCLE
122
4 THE BOTNET BUSINESS MODEL
123
5 BOTNET DEFENSE
124
Detecting CC Traffic
125
Attacking Encrypted CC Channels
126
Locating and Identifying the Botmaster
128
Traceback Challenges
129
Traceback Beyond the Internet
130
7 SUMMARY
132
Intranet Security
133
NAC AND ACCESS CONTROL
136
AUDITS
137
AUTHENTICATION AND ENCRYPTION
138
4 WIRELESS NETWORK SECURITY
139
NETWORK PROTECTION
141
USER TRAINING
142
DISASTER RECOVERY
143
PHYSICAL AND ENVIRONMENTAL PROTECTION
145
PERSONNEL SECURITY
146
12 SECURITY ASSESSMENTS
147
13 RISK ASSESSMENTS
148
Local Area Network Security
149
1 IDENTIFY NETWORK THREATS
150
3 RISK ASSESSMENT
151
7 THE INCIDENTHANDLING PROCESS
152
9 IDS DEFINED
153
SCOPE AND LIMITATIONS
154
TCP SYN HalfOpen Scanning
155
Some NotSoRobust Features of NIDS
156
12 FIREWALLS
158
Firewall Security Policy
159
Configuration Script for sf Router
160
15 ACCESS LIST DETAILS
162
PROXY SERVERS
163
Analysis Levels
164
Stateful Pattern Matching
165
HeuristicBased Analysis
166
Wireless Network Security
169
Cellular Telephone Networks
170
2 WIRELESS AD HOC NETWORKS
171
3 SECURITY PROTOCOLS
172
WPA and WPA2
173
4 SECURE ROUTING
175
Ariadne
176
SLSP
177
Key Management
178
REFERENCES
181
Cellular Network Security
183
2 OVERVIEW OF CELLULAR NETWORKS
184
Core Network Organization
185
3 THE STATE OF THE ART OF CELLULAR NETWORK SECURITY
186
Security in Core Network
187
Security Implications of Internet Connectivity
188
4 CELLULAR NETWORK ATTACK TAXONOMY
189
ThreeDimensional Attack Taxonomy
192
5 CELLULAR NETWORK VULNERABILITY ANALYSIS
193
Cellular Network Vulnerability Assessment Toolkit CAT
195
Advanced Cellular Network Vulnerability Assessment Toolkit aCAT
198
Cellular Network Vulnerability Assessment Toolkit for evaluation eCAT
199
6 DISCUSSION
201
REFERENCES
202
RFID Security
205
RFID Standards
207
RFID Applications
208
2 RFID CHALLENGES
209
Denial of Service
210
Comparison of All Challenges
212
RFID System Using SymmetricKey Cryptography
215
RFID System Using Publickey Cryptography
217
REFERENCES
219
Information Security Essentials for IT Managers Protecting MissionCritical Systems
225
What is a Threat?
227
Common Attacks
228
Impact of Security Breaches
231
Defense in Depth
233
3 INFORMATION SECURITY FROM THE GROUND UP
236
Data Security
237
Systems and Network Security
239
Business Communications Security
241
Wireless Security
242
Web and Application Security
246
Security Policies and Procedures
247
Security Employee Training and Awareness
248
4 SECURITY MONITORING AND EFFECTIVENESS
249
Security Monitoring Mechanisms
250
Incidence Response and Forensic Investigations
251
REFERENCES
252
Security Management Systems
255
2 TRAINING REQUIREMENTS
256
6 SECURITY CONTROLS
257
9 INCIDENT RESPONSE
258
Information Technology Security Management
259
International Standards Organization
260
Security Policies and Procedures
261
IT Security Processes
263
3 CONCLUSION
267
Identity Management
269
Digital Identity Definition
270
Privacy Requirement
272
Usability Requirement
273
3 THE REQUIREMENTS FULFILLED BY CURRENT IDENTITY MANAGEMENT TECHNOLOGIES
274
Identity 20
278
4 IDENTITY 20 FOR MOBILE USERS
286
Mobility
287
The Future of Mobile UserCentric Identity Management in an Ambient Intelligence World
290
Research Directions
292
Intrusion Prevention and Detection Systems
293
2 UNAUTHORIZED ACCESS BY AN OUTSIDER
294
4 THE ROLE OF THE 0DAY
295
5 THE ROGUES GALLERY ATTACKERS AND MOTIVES
296
6 A BRIEF INTRODUCTION TO TCPIP
297
7 THE TCPIP DATA ARCHITECTURE AND DATA ENCAPSULATION
298
8 SURVEY OF INTRUSION DETECTION AND PREVENTION TECHNOLOGIES
300
9 ANTIMALWARE SOFTWARE
301
10 NETWORKBASED INTRUSION DETECTION SYSTEMS
302
11 NETWORKBASED INTRUSION PREVENTION SYSTEMS
303
12 HOSTBASED INTRUSION PREVENTION SYSTEMS
304
15 DIGITAL FORENSICS
305
16 SYSTEM INTEGRITY VALIDATION
306
Computer Forensics
307
2 ANALYSIS OF DATA
308
Computer Forensics and Ethics Green Home Plate Gallery View
309
Database Reconstruction
310
4 UNDERSTANDING INTERNET HISTORY
312
Divorce
313
Live Capture of Relevant Files
314
NTFS
315
Password Recovery
317
File Carving
318
How Time stamps Work
320
Experimental Evidence
321
Email Headers and Time stamps Email Receipts and Bounced Messages
322
Steganography Covered Writing
324
5 FIRST PRINCIPLES
325
Password Reset Disk
326
Recovering Lost and Deleted Files
327
7 NETWORK ANALYSIS
328
8 COMPUTER FORENSICS APPLIED
329
Job Description Management
330
Programming and Experience
331
9 TESTIFYING AS AN EXPERT
332
Certainty without Doubt
334
Pretrial Motions
335
Putting Your Head in the Sand
336
Network Forensics
339
2 THE PRINCIPLES OF NETWORK FORENSICS
340
3 ATTACK TRACEBACK AND ATTRIBUTION
341
SteppingStone Attack Attribution
344
4 CRITICAL NEEDS ANALYSIS
346
Online Fraudster Detection and Attribution
347
Firewalls
349
2 FIREWALL SECURITY POLICIES
350
RuleMatch Policies
351
4 FIRSTMATCH FIREWALL POLICY ANOMALIES
352
Combining Rules
353
Packet Filter
354
7 HOST AND NETWORK FIREWALLS
355
10 FIREWALL PLACEMENT AND NETWORK TOPOLOGY
356
Demilitarized Zones
357
DualHomed Host
358
12 SUPPORTING OUTGOING SERVICES THROUGH FIREWALL CONFIGURATION
359
Payload Inspection
360
Packet Filtering H323
361
Internet Control Message Protocol
362
Dynamic Host Configuration Protocol
363
17 FIREWALL REMOTE ACCESS CONFIGURATION
364
18 LOAD BALANCING AND FIREWALL ARRAYS
365
Advantages and Disadvantages of Load Balancing
366
20 Firewall Management
367
Penetration Testing
369
2 HOW DOES PENETRATION TESTING DIFFER FROM AN ACTUAL HACK?
370
3 TYPES OF PENETRATION TESTING
371
4 PHASES OF PENETRATION TESTING
373
5 DEFINING WHATS EXPECTED
374
6 THE NEED FOR METHODOLOGY
375
8 METHODOLOGY IN ACTION
376
9 PENETRATION TESTING RISKS
378
11 LEGAL CONSEQUENCES
379
14 REQUIRED SKILL SETS
380
17 WHY SHOULD A COMPANY HIRE YOU?
381
18 ALLS WELL THAT ENDS WELL
382
What Is Vulnerability Assessment?
383
3 WHY VULNERABILITY ASSESSMENT?
384
5 VULNERABILITY ASSESSMENT GOAL
385
7 SELECTING THE RIGHT SCANNERS
386
8 CENTRAL SCANS VERSUS LOCAL SCANS
387
3 CLASSICAL CRYPTOGRAPHY
399
Congruence
400
Congruence Relation Defined
401
Transposition Cipher
402
SBox
403
Product Ciphers
404
Subgroup
405
Modular Polynomial Arithmetic Over GF2
406
GF23 Is a Finite Field
407
Mathematical Preliminaries
408
7 USE OF MODERN BLOCK CIPHERS
412
9 CRYPTANALYSIS OF RSA
416
10 DIFFIEHELLMAN ALGORITHM
417
An Example
418
EC Security
419
Message Authentication
420
13 SUMMARY
421
Satellite Encryption
423
2 SATELLITE ENCRYPTION POLICY
425
3 IMPLEMENTING SATELLITE ENCRYPTION
426
Uplink Encryption
428
Downlink Encryption
429
4 The Future of Satellite Encryption
430
Public Key Infrastructure
433
Public Key Encryption
434
2 OVERVIEW OF PKI
435
3 THE X509 MODEL
436
4 X509 IMPLEMENTATION ARCHITECTURES
437
5 X509 CERTIFICATE VALIDATION
439
Consult Revocation Authorities
440
Online Certificate Status Protocol
441
7 SERVERBASED CERTIFICATE VALIDITY PROTOCOL
442
8 X509 BRIDGE CERTIFICATION SYSTEMS
443
9 X509 CERTIFICATE FORMAT
444
X509 V1 and V2 Format
445
Policy Extensions
446
10 PKI POLICY DESCRIPTION
447
11 PKI STANDARDS ORGANIZATIONS
448
12 PGP CERTIFICATE FORMATS
449
15 ALTERNATIVE PKI ARCHITECTURES
450
InstantMessaging Security
453
3 THE EVOLUTION OF NETWORKING TECHNOLOGIES
454
4 GAME THEORY AND INSTANT MESSAGING
455
Generational Gaps
456
Transactions
457
Malicious Threat
458
Vulnerabilities
459
Data and Traffic Analysis
460
Regulatory Concerns
461
InstantMessaging Aggregators
462
8 INSTANTMESSAGING SECURITY MATURITY AND SOLUTIONS
463
Compliance
464
10 CONCLUSION
465
Example Answers to Key Factors
466
NET Privacy
469
Privacy Threats
471
2 THE ECONOMICS OF PRIVACY
474
Privacy and Business
475
3 PRIVACYENHANCING TECHNOLOGIES
476
Data Privacy Protection
478
Privacy for Mobile Environments
480
4 NETWORK ANONYMITY
482
Onion Routing
483
Anonymity Services
484
5 CONCLUSION
485
Personal Privacy Policies1
487
2 CONTENT OF PERSONAL PRIVACY POLICIES
488
Privacy Policy Specification
490
An Example
492
Retrieval from a Community of Peers
493
4 SPECIFYING WELLFORMED PERSONAL PRIVACY POLICIES
494
5 PREVENTING UNEXPECTED NEGATIVE OUTCOMES
496
Approach for Obtaining Near WellFormed Privacy Policies
497
Personal Privacy Policy Negotiation
499
Personal Privacy Policy Compliance
502
8 CONCLUSIONS AND FUTURE WORK
505
Virtual Private Networks
507
1 HISTORY
508
2 WHO IS IN CHARGE
511
3 VPN TYPES
512
L2TPv3
513
MPLS
514
4 AUTHENTICATION METHODS
515
5 SYMMETRIC ENCRYPTION
516
9 HACKERS AND CRACKERS
517
Identity Theft
519
1 EXPERIMENTAL DESIGN
520
Plain versus Fancy Layout
522
Plain Versus Fancy Layout
525
Weak Phishing Message
527
Authentic Message
528
Strong and Weak Content Alignment
529
Authentic and Bogus But Plausible URLs
532
Bad URL with and without SSL and Endorsement Logo
535
3 IMPLICATIONS FOR CRIMEWARE
546
Vulnerability of WebBased Update Mechanisms
547
The Strong Narrative Attack
548
VoIP Security
551
2 OVERVIEW OF THREATS
553
Denial of Service
554
Loss of Privacy
555
Exploits
557
3 SECURITY IN VoIP
558
Reactive
559
4 FUTURE TRENDS
560
Security in PeertoPeer SIP
561
EndtoEnd Identity with SBCs
563
5 CONCLUSION
564
SAN Security
567
AAA
568
Restricting Access to Storage
569
2 ACCESS CONTROL LISTS ACL AND POLICIES
570
3 PHYSICAL ACCESS
571
9 SECURITY MANAGEMENT
572
SEPARATION OF FUNCTIONS
573
S_ID Checking
574
Potential Vulnerabilities and Threats
575
World Wide Name Spoofing
576
DenialofService Attacks
577
Encryption Algorithms
578
Key Management
579
Configuration Management
580
Use Cases for Protecting Data at Rest
581
Use Considerations
582
17 CONCLUSION
588
REFERENCES
589
Storage Area Networking Security Devices
591
3 THE CRITICAL REASONS FOR SAN SECURITY
592
4 SAN ARCHITECTURE AND COMPONETS
593
5 SAN GENERAL THREATS AND ISSURES
594
Logical Level Threats Vulnerabilities and Risk Mitigation
596
6 CONCLUSION
603
Risk Management
605
1 THE CONCEPT OF RISK
606
3 THE RISK MANAGEMENT METHODOLOGY
609
Risk Assessment
610
Risk Treatment
612
Risk Communication
614
Critique of Risk Management as a Methodology
615
Risk Management Methods
616
4 RISK MANAGEMENT LAWS AND REGULATIONS
620
5 RISK MANAGEMENT STANDARDS
623
6 SUMMARY
625
Physical Security Essentials
629
2 PHYSICAL SECURITY THREATS
630
Environmental Threats
631
Technical Threats
633
HumanCaused Physical Threats
634
Technical Threats
635
4 RECOVERY FROM PHYSICAL SECURITY BREACHES
636
Planning and Implementation
637
7 INTEGRATION OF PHYSICAL AND LOGICAL SECURITY
639
REFERENCES
643
Biometrics
645
1 RELEVANT STANDARDS
646
2 BIOMETRIC SYSTEM ARCHITECTURE
647
Data Capture
648
Matching
649
Adaptation
652
Authentication
653
Identification
654
4 SECURITY CONSIDERATIONS
655
Doddingtons Zoo
656
Comparing Technologies
657
Storage of Templates
658
5 CONCLUSION
659
Homeland Security
661
The Aviation and Transportation Security Act of 2001 PL 10771
663
Public Health Security Bioterrorism Preparedness Response Act of 2002 PL 107188
664
Homeland Security Act of 2002 PL 107296
665
EGovernment Act of 2002 PL 107347
666
2 HOMELAND SECURITY PRESIDENTIAL DIRECTIVES
667
3 ORGANIZATIONAL ACTIONS
669
The Governors Office of Homeland Security
670
4 CONCLUSION
674
Information Warfare
677
2 INFORMATION WARFARE DEFINED
678
MAKING IW POSSIBLE
680
5 PREVENTATIVE STRATEGIES
685
6 LEGAL ASPECTS OF IW
686
Remedies Under International Law
687
Developing Countries Response
689
8 CONCLUSION
690
Security Through Diversity
693
2 EXAMPLE ATTACKS AGAINST UNIFORMITY
694
4 THE THREAT OF WORMS
695
5 AUTOMATED NETWORK DEFENSE
697
6 DIVERSITY AND THE BROWSER
698
8 DNS EXAMPLE OF DIVERSITY THROUGH SECURITY
699
10 CONCLUSION
700
Reputation Management
701
1 THE HUMAN NOTION OF REPUTATION
702
2 REPUTATION APPLIED TO THE COMPUTING WORLD
704
3 STATE OF THE ART OF ATTACKRESISTANT REPUTATION COMPUTATION
708
4 OVERVIEW OF CURRENT ONLINE REPUTATION SERVICE
711
Opinity
713
Rapleaf
714
Venyo
715
TrustPlus XING ZoomInfo SageFire
716
Naymz Trufina
717
The GORB
719
ReputationDefender
720
Content Filtering
723
2 USER CATEGORIES MOTIVATIONS AND JUSTIFICATIONS
724
Schools
725
Parents
726
Bayesian Filters
727
4 TECHNOLOGY AND TECHNIQUES FOR CONTENTFILTERING CONTROL
728
5 CATEGORIES
732
6 LEGAL ISSUES
735
The National Security Letter
736
7 ISSUES AND PROBLEMS WITH CONTENT FILTERING
737
Open Proxies
739
Overblocking and Underblocking
740
Language Support
741
Performance Issues
742
9 RELATED PRODUCTS
743
Data Loss Protection
745
1 PRECURSORS OF DLP
747
2 WHAT IS DLP?
748
3 WHERETO BEGIN?
753
4 DATA IS LIKE WATER
754
5 YOU DONT KNOW WHAT YOU DONT KNOW
755
Precision versus Recall
756
7 EAT YOUR VEGETABLES
757
Data at Rest
758
8 ITS A FAMILY AFFAIR NOT JUST IT SECURITYS PROBLEM
760
9 VENDORS VENDORS EVERYWHERE WHO DO YOU BELIEVE?
762
Configuring Authentication Service on Microsoft Windows Vista
765
Requirements
766
ECC Cipher Suites
767
Schannel CNG Provider Model
768
Default Cipher Suite Preference
769
ReadOnly Domain Controller and Kerberos Authentication
770
Additional Changes to Common Smart Card Logon Scenarios
771
6 PREVIOUS LOGON INFORMATION
773
Configuration
774
Security Management and Resiliency
775
List of Top Security Implementation and Deployment Companies
777
List of SAN Implementation and Deployment Companies
778
List of Security Products
781
List of Security Standards
783
List of Miscellaneous Security Resources
785
Directories
786
News and Media
787
Products and Tools
788
Research
790
Content Filtering Links
791
Ensuring Builtin Frequency Hopping Spread Spectrum Wireless Network Security
793
Configuring Wireless Internet Security Remote Access
795
Configuring the Wireless Access Points
796
Additional Settings to Secure Wireless Access Points
797
Replicating RADIUS Client Configuration to Other IAS Servers
798
I Frequently Asked Questions
799
Glossary
801
Index
817
Copyright

Common terms and phrases

About the author (2009)

John Vacca is an information technology consultant, professional writer, editor, reviewer and internationally-known, best-selling author based in Pomeroy, Ohio. Since 1982, John has authored 72 books, including:

Identity Theft (Cybersafety) (Publisher: Chelsea House Pub (April 1, 2012 ); System Forensics, Investigation, And Response (Publisher: Jones & Bartlett Learning (September 24, 2010); Managing Information Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010)); Network and Systems Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010)); Computer and Information Security Handbook (Publisher: Morgan Kaufmann (an imprint of Elsevier Inc.) (June 2, 2009)); Biometric Technologies and Verification Systems (Publisher: Elsevier Science & Technology Books (March 16, 2007)); Practical Internet Security (Hardcover): (Publisher: Springer (October 18, 2006)); Optical Networking Best Practices Handbook (Hardcover): (Publisher: Wiley-Interscience (November 28, 2006)); Computer Forensics: Computer Crime Scene Investigation (With CD-ROM), 2nd Edition (Publisher: Charles River Media (May 26, 2005)

John Vacca has also written more than 600 articles in the areas of advanced storage, computer security and aerospace technology (copies of articles and books are available upon request). John was also a configuration management specialist, computer specialist, and the computer security official (CSO) for NASA's space station program (Freedom) and the International Space Station Program, from 1988 until his retirement from NASA in 1995. In addition, John is also an independent online book reviewer. Finally, John was one of the security consultants for the MGM movie titled: "AntiTrust," which was released on January 12, 2001.

Bibliographic information