Building Internet Firewalls

D. Brent Chapman, O'Reilly

ISBN:1565921240, Edition: 1, 1995-09

Price: $34.95

Table of Contents

Foreword

Preface

Part I: Network Security

Chapter 1: Why Internet Firewalls?
What Are You Trying to Protect?
What Are You Trying To Protect Against?
How Can You Protect Your Site?
What Is an Internet Firewall?

Chapter 2: Internet Services
Electronic Mail
File Transfer
Remote Terminal Access and Command Execution
Usenet News
The World Wide Web
Other Information Services
Information About People
Real-Time Conferencing Services
Name Service
Network Management Services
Time Service
Network File Systems
Window Systems
Printing Systems

Chapter 3: Security Strategies
Least Privilege
Defense in Depth
Choke Point
Weakest Link
Fail-Safe Stance
Universal Participation
Diversity of Defense
Simplicity

Part II: Building Firewalls

Chapter 4: Firewall Design
Some Firewall Definitions
Firewall Architectures
Variations on Firewall Architectures
Internal Firewalls
What the Future Holds

Chapter 5: Bastion Hosts
General Principles
Special Kinds of Bastion Hosts
Choosing a Machine
Choosing a Physical Location
Locating the Bastion Host on the Network
Selecting Services Provided by the Bastion Host
Don't Allow User Accounts on the Bastion Host
Building a Bastion Host
Operating the Bastion Host
Protecting the Machine and Backups

Chapter 6: Packet Filtering
Why Packet Filtering?
Configuring a Packet Filtering Router
What Does a Packet Look Like?
What Does the Router Do with Packets?
Conventions for Packet Filtering Rules
Filtering by Address
Filtering by Service
Choosing a Packet Filtering Router
Where to Do Packet Filtering
Putting It All Together

Chapter 7: Proxy Systems
Why Proxying?
How Proxying Works
Proxy Server Terminology
Using Proxying with Internet Services
Proxying Without a Proxy Server
Using SOCKS for Proxying
Using the TIS Internet Firewall Toolkit for Proxying
What If You Can't Proxy?

Chapter 8: Configuring Internet Services
Electronic Mail
File Transfer
Terminal Access (Telnet)
Remote Command Execution
Network News Transfer Protocol (NNTP)
World Wide Web (WWW) and HTTP
Other Information Services
Information Lookup Services
Real-Time Conferencing Services
Domain Name System (DNS)
syslog
Network Management Services
Network Time Protocol (NTP)
Network File System (NFS)
Network Information Service/Yellow Pages (NIS/YP)
X11 Window System
Printing Protocols (lpr and lp)
Analyzing Other Protocols

Chapter 9: Two Sample Firewalls
Screened Subnet Architecture
Screened Host Architecture

Chapter 10: Authentication and Inbound Services
Risks of Using Inbound Services
What Is Authentication?
Authentication Mechanisms
Complete Authentication Systems
Network-Level Encryption
Terminal Servers and Modem Pools

Part III: Keeping Your Site Secure

Chapter 11: Security Policies
Your Security Policy
Putting Together a Security Policy
Getting Strategic and Policy Decisions Made
What If You Can't Get a Security Policy?

Chapter 12: Maintaining Firewalls
Housekeeping
Monitoring Your System
Keeping Up to Date
How Long Does It Take?
When Should You Start Over?

Chapter 13: Responding to Security Incidents
Responding to an Incident
What To Do After an Incident
Pursuing and Capturing the Intruder
Planning Your Response
Being Prepared

Part IV: Apendixes

Appendix A: Resources
WWW Pages
FTP Sites
Mailing Lists
Newsgroups
Response Teams and Other Organizations
Conferences
Papers
Books

Appendix B: Tools
Authentication Tools
Analysis Tools
Packet Filtering Tools
Proxy Systems Tools
Daemons
Utilities

Appendix C: TCP/IP Fundamentals
Introduction to TCP/IP
A Data Communications Model
TCP/IP Protocol Architecture
Network Access Layer
Internet Layer
Transport Layer
Application Layer
Addressing, Routing, and Multiplexing
The IP Address
Internet Routing Architecture
The Routing Table
Protocols, Ports, and Sockets