1Preface
2088.7 References
2Part I - Securing Local Networks
2099 How to Hide the Private Network?
31 Dealing with Local Network Security in the Real World
2109.1 Introduction
41.1 Introduction
2119.2 History of Private Networks
51.2 Security Challenges
2129.2.1 Enterprise Private Network (EPN)
61.2.1 Hijacking and Espionage of Computer Networks
2139.2.2 Virtual Private Network (VPN)
71.2.2 Monster DDOS Attacks
2149.3 Evolution of IP Address that Private Networks Use
81.2.3 IT Consumerization and the Loss of Visibility
2159.3.1 IPv4
91.2.4 Issue of Password Fault
2169.3.2 IPv6
101.3 References
2179.4 Network Address Translation (NAT)
112 Networking Basics in Detail
2189.4.1 IP Masquerading
122.1 Basics of Networking
2199.4.2 Advantages of NAT
132.2 Network Nodes
2209.4.3 Disadvantages of NAT
142.2.1 Switches
2219.4.4 Types of NAT
152.2.2 Network Interfaces
2229.4.5 Network Address Translation in IPv6
162.2.3 Repeaters and Hubs
2239.4.6 Problems and Limitations
172.2.4 Bridges
2249.5 Port Address Translation (PAT): 9.5.1 Difference between NAT and PAT
182.2.5 Routers
2259.6 Port Forwarding or Mapping
192.2.6 Modems
2269.6.1 Applications of Port Forwarding or Mapping
202.2.7 Firewalls
2279.6.2 Types of Port Forwarding or Mapping
212.2.8 Access Points
2289.7 Network Segmentation
222.3 Campus Area Networks or Corporate Area Networks (CANs)
2299.7.1 Improving Security
232.4 Metropolitan Area Network(MAN)
2309.7.2 Importance of Network Segmentation
242.5 Wireless Local Area Network (WLANs)
2319.7.3 Demerits of Network Segmentation
252.6 Storage Area Network (SANs)
2329.8 Software Defined Networking (SDN)
262.7 The OSI Model in Detail
2339.8.1 SDN Control Plane
272.7.1 Hardware Layers
2349.8.2 Applications of SDN
282.7.2 Software Layers
2359.8.3 Disadvantage of SDN
292.8 Data Transmission Packets
2369.9 References
302.8.1 Ethernet Packet Format and Routing
23710 Everything You Should Know About Securing the Perimeter
312.8.2 Addressing of Devices
23810.1 Understanding the Perimeter
322.9 Packet Switched Network
23910.1.1 Physical Defense at the Perimeter
332.10 Network Topologies
24010.1.2 Perimeter Security for Data Centres
342.10.1 Bus Topology
24110.2 Detailed Overview of Firewalls
352.10.2 Ring Topology
24210.2.1 History of Firewalls
362.10.3 Star Topology
24310.2.2 Categories of Firewall
372.10.4 Mesh Topology
24410.2.3 Limitations of Firewalls
382.10.5 Logical Topology
24510.2.4 Firewall Software & Tools
392.11 References
24610.2.5 Steps of Installing Firewalls
403 Detailed Overview of Network Protocols
24710.3 Firewall Considerations
413.1 Introduction
24810.4 Extranets
423.2 Fundamentals of Network Protocols
24910.4.1 How does it Work?
433.2.1 Internet Protocols (IP)
25010.4.2 Difference Between Extranet and Intranet
443.2.2 Wireless Network Protocols
25110.4.3 Advantages of Extranet
453.2.3 Network Routing Protocols
25210.4.4 Disadvantages of Extranet
463.3 How to implement Network Protocols?
25310.4.5 History of Extranet
473.4 MAC Addresses
25410.4.6 How to Use it?
483.4.1 The Open System Interconnection Model
25510.5 Network Appliances
493.4.2 Address Details
25610.5.1 Advantages of Network Appliances
503.4.3 Usage in Hosts
25710.5.2 Components of Network Perimeter
513.5 TCP/IP
25810.6 Network Perimeter Requirements : 10.6.1 Network Perimeter Guidelines
523.5.1 Network Access Layer
25910.7 Proxy Server
533.5.2 Internet Layer
26010.7.1 Uses of Proxy Servers
543.5.3 Transport Layer
26110.7.2 Benefits of Proxy Server
553.5.4 Application Layer
26210.7.3 How does it Work?
563.6 Detailed Overview of Ethernet
26310.7.4 Types of Proxy Servers
573.6.1 Ethernet
26410.7.5 Proxy Hacking
583.6.2 Fast Ethernet
26510.7.6 Proxy Server Security
593.6.3 Gigabit Ethernet
26610.8 Demilitarized Zones (DMZs)
603.6.4 10 Gigabit Ethernet
26710.8.1 Purpose of DMZ
613.6.5 Asynchronous Transfer Mode (ATM)
26810.8.2 Importance of DMZ
623.6.6 Power over Ethernet (PoE)
26910.8.3 Services Provided By DMZ
633.6.7 Token Ring
27010.8.4 Demilitarized Zone Designs
643.7 Network Control Strategies
27110.8.5 DMZ Placement and Function
653.7.1 About Network Infrastructure Devices
27210.8.6 Benefits of Demilitarized Zone
663.7.2 Threats to Network Infrastructure Devices
27310.8.7 Weakness of DMZ
673.7.3 How to Improve Security in Network Infrastructure Devices
27410.9 Single Firewall DMZ
683.7.4 Separate and Segment Networks along with the Functions
27510.10 Dual Firewall DMZ
693.7.5 Separating the Sensitive Information Physically
27610.11 Honeypots
703.7.6 Separating Sensitive Information Virtually
27710.11.1 Mechanism of Honeypots
713.7.7 Restrict Lateral Communications which are not Necessary
27810.11.2 Benefits and Drawbacks of Honeypots
723.7.8 Harden Network Devices
27910.11.3 Types of Honeypots
733.7.9 Provide Secured Access to Infrastructure Devices
28010.12 References
743.7.10 Perform Out-of-Band Management
28111 How to Protect Moving Data on Internet?
753.7.11 Validate Authenticity of both Software and Hardware
28211.1 Secure the Moving Data
763.8 References
28311.2 Confine Cloud Sharing or Elective Exchange Techniques
774 Detailed Overview of Network Servers
28411.3 Distinguish Basic Resources and Vulnerabilities
784.1 Introduction
28511.3.1 Execute Security Structure for Information
794.2 Basics of Network Server
28611.3.2 Data in Transit and Data in Motion
804.3 Key Components of a Server
28711.4 Authentication
814.3.1 Processor
28811.5 Cryptography
824.3.2 RAM
28911.6 Digital Certificates
834.3.3 Power Supply
29011.6.1 Who can Issue a Computerized Declaration?
844.3.4 Hard Disk
29111.6.2 Contrast between Computerized Endorsement and Advanced Mark
854.4 Server Security
29211.7 Hash Tables
864.4.1 SSH Keys
29311.7.1 Basics of Hash Table
874.4.2 Brief About Firewalls
29411.7.2 Hash Work
884.4.3 Private Networking and VPNs
29511.8 Cookies
894.4.4 Using PKI (Public Key Infrastructure) as well as SSL/TLS Encryption
29611.8.1 What do Web Cookies Do?
904.4.5 Service Auditing
29711.8.2 Data Obtained by Cookies
914.4.6 File Auditing and IDS
29811.9 Captcha
924.4.7 Isolated Execution Environments
29911.9.1 Know the Importance of Captcha
934.5 Network Administrator
30011.9.2 Instructions to Create CAPTCHA
944.6 User Accounts
30111.9.3 Why CAPTCHA is Important?
954.7 Network Authentication Options
30211.10 Virtual Private Networks (VPN)
964.7.1 Biometrics
30311.10.1 Remote Access VPN
974.7.2 Token Authentication
30411.10.2 Site-to-site VPN
984.7.3 Transaction Authentication
30511.10.3 Portable VPN
994.7.4 Multi-factor Authentication
30611.10.4 Equipment VPN
1004.7.5 Out of band Authentication
30711.10.5 VPN Apparatus
1014.8 Establishing Resource Controls
30811.10.6 How can it Help?
1024.9 Vulnerability Scanning
30911.11 References
1034.9.1 Authenticated Scans
31012 Utilities and Tools for Securing the Perimeter
1044.9.2 Unauthenticated Scans
31112.1 Introduction
1054.10 References
31212.2 Using Basic Tools
1065 Detailed Overview of Network Connectivity Devices
31312.3 Ifconfig/Ipconfig
1075.1 Overview
31412.3.1 Ifconfig
1085.1.1 The Network Interface Card (NIC)
31512.3.2 Ipconfig
1095.1.2 Hub
31612.4 Whois
1105.1.3 Switch
31712.5 Nslookup
1115.1.4 Bridge
31812.6 PING
1125.1.5 Gateways
31912.7 Traceroute
1135.1.6 Router
32012.8 Telnet
1145.1.7 Other Devices
32112.9 Secure Shell
1155.2 Network Switches
32212.10 Monitoring Tools and Software
1165.2.1 Classification
32312.10.1 How is Network Threat Visibility Important?
1175.2.2 Configuration of Switches
32412.10.2 Network Security Monitoring Tools into Action
1185.2.3 Roles and Functions
32512.10.3 New Technologies in the Market
1195.3 Routers
32612.10.4 The Best Network Security Monitoring Tools Available
1205.3.1 Types of Message Deliver
32712.11 Introducing Nagios
1215.3.2 Routing Concepts
32812.11.1 Nagios Core and Nagios XI
1225.3.3 Adaptive and Non-adaptive Routing
32912.11.2 Working of Nagios
1235.3.4 Routing Protocols
33012.11.3 Features
1245.4 Gateway: 5.4.1 Types of Gateways
33112.12 Solarwinds
1255.5 Network Bridges: 5.5.1 Types of Bridging
33212.12.1 What are the Problems that Solarwinds Help to Resolve?
1265.6 Wireless Network Connectivity: 5.6.1 Types of Wireless Networks
33312.12.2 How Templates Help to Simplify Monitoring?
1275.7 Vulnerabilities of Network Connectivity Device
33412.12.3 Solarwinds Monitoring on Orion Platform
1285.7.1 Vulnerability
33512.12.4 Solar Winds Licensing
1295.7.2 Vulnerability Assessment
33612.13 Wireshark
1305.7.3 Penetration Testing
33712.13.1 Purpose
1315.8 Network Connectivity Device Attacks
33812.13.2 Features
1325.8.1 Attacks on Switches
33912.13.3 Do not get Confused Wireshark with
1335.8.2 Attacks on Routers
34012.14 SNORT
1345.8.3 Attacks on Wireless Network
34112.14.1 Uses of Snort
1355.9 Network Connectivity Defense
34212.14.2 Third Party Tools interfacing with Snort
1365.10 Network Hardening
34312.14.3 Business Benefits of Snort
1375.10.1 Resetting Default Account Settings
34412.15 NMap
1385.10.2 Password Phrasing
34512.16 Nikto : 12.16.1 How does the Scan on Nikto Work?
1395.10.3 Shut Unnecessary Ports
34612.17 OpenVAS
1405.10.4 Remove Rogue Connections
34712.18 Mestaspolit
1415.10.5 Debloating
34812.18.1 Metasploit Framework Edition
1425.10.6 Implementing Security Patches
34912.18.2 Metasploit Community Edition
1435.10.7 Installing an IDS
35012.18.3 Metasploit Express
1445.10.8 Setting Up Intrusion Prevention System
35112.18.4 Metasploit Pro
1455.10.9 Backup and Restoration of Data
35212.18.5 Armitage
1465.10.10 Disabling Cookies
35312.18.6 Cobalt Strike
1475.10.11 Using Virtual Machines
35412.19 The Browser Exploitation Framework (BeEF)
1485.10.12 Using Anti-malware
35512.19.1 User Interface
1495.10.13 Installing Firewalls
35612.19.2 A Communication Server
1505.11 References
35712.20 Other Products
1516 Network Transmission Media Security
35812.20.1 Cacti
1526.1 Overview
35912.20.2 Zabbix
1536.2 Essentials of Network Transmission Media
36012.20.3 Ntop
1546.3 Types of Transmission Media
36112.20.4 Icinga
1556.4 Media Selection
36212.20.5 Spiceworks
1566.4.1 Copper Media
36312.20.6 Observium
1576.4.2 Wireless Media
36412.21 References
1586.5 Guided Media or Bound or Wired Transmission Media
36513 Identify Vulnerabilities and How to Defend them
1596.5.1 Twisted Pair Cable
36613.1 Introduction
1606.5.2 Coaxial Cable
36713.2 Malware Attacks
1616.5.3 Optical Fiber Cable
36813.2.1 Proactive Solutions
1626.6 Unguided Media or Unbound or Wireless Transmission Media
36913.2.2 How Proactive Malware Defense should be?
1636.6.1 Radio Waves
37013.3 Botnets, Malware, & Known vs Unknown Vulnerabilities
1646.6.2 Microwaves
37113.4 Zero-day Vulnerability
1656.6.3 Infrared
37213.4.1 Example of a Zero-day Attack
1666.7 Bandwidth
37313.4.2 Few Facts about Zero-day Vulnerabilities
1676.8 Light Waves
37413.5 Software Exploit
1686.9 Wireless Communication Technologies
37513.5.1 Where do Exploits come from?
1696.9.1 Radio Frequency Transmission
37613.5.2 How do you Recognize Exploits?
1706.9.2 Infrared Transmission
37713.5.3 How do you Fix Exploits?
1716.9.3 Microwave Transmission
37813.5.4 How to Prevent Hackers from using Exploits?
1726.9.4 Light Wave Transmission
37913.5.5 Easily Protect yourself from Exploits
1736.10 Wireless Signals
38013.6 SQL Injection
1746.10.1 What are Wireless Signals?
38113.6.1 How and Why is an SQL Injection Attack Performed
1756.10.2 Types of Wireless Signals
38213.6.2 How to Prevent an SQL Injection?
1766.11 Transmission Media Vulnerabilities
38313.7 Java Vulnerabilities
1776.11.1 Vulnerabilities (Computing)
38413.7.1 Java-specific Vulnerabilities
1786.11.2 Causes of Vulnerabilities and Prevention
38513.7.2 Top Java Vulnerabilities
1796.12 Security for Various Types of Transmission Media
38613.8 Social Engineering Exploits
1806.12.1 Securing Wireless Network
38713.8.1 A breif about Social Engineering
1816.12.2 Working of a Wireless Network
38813.8.2 Lifecycle of Social Engineering Attack
1826.12.3 Types of Attacks Generally Wireless Network Posses
38913.8.3 Social Engineering Prevention
1836.12.4 Ways to Improve Wireless Security
39013.9 Phishing Attacks
1846.13 Technology as a Saving Mode
39113.9.1 Phishing Attack Examples
1856.14 References
39213.9.2 Phishing Techniques
186Part II - Securing the Perimeter
39313.9.3 Phishing Protection
1877 Real World Perimeter Security Threats and How to Deal With Them
39413.10 Network Threats
1887.1 What is Perimeter Security?
39513.11 Broadcast Storm: 13.11.1 What does Broadcast Storm mean?
1897.2 Perimeter Security Fundamentals
39613.12 Dictionary Attacks: 13.12.1 Two Counter-measures against Dictionary Attacks
1907.3 The Perimeter
39713.13 Freak Exploits
1917.4 Security Challenges
39813.14 Logjam Exploits
1927.5 Security Scenario 1
39913.15 Spams
1937.6 Security Scenario 2
40013.16 Session Hijacking Attack: 13.16.1 Examples
1947.7 References
40113.17 Tarpitting
1958 Understanding the Environment
40213.17.1 The Tarpit Idea
1968.1 Essentials of Internet Security
40313.17.2 SMTP Tarpit
1978.2 Understanding the Environment
40413.18 Denial of Service
1988.3 Basic Internet Concepts
40513.19 Transport Layer Security Vulnerability
1998.4 How do Hackers Hack your Passwords?
40613.19.1 Poodle
2008.4.1 How to Enhance your Safety by an Excellent Passcode
40713.19.2 Prevention
2018.4.2 Understanding Identity Theft
40813.20 References
2028.4.3 What do Identity thieves do?
409Appendix A: Figures
2038.4.4 How to Prevent It?
410Appendix B: Tables & Graphs
2048.5 Internet Services: 8.5.1 Types of Internet Services
411Tables
2058.6 Standards & RFCs
412Graphs
2068.6.1 Standardization Process
413Appendix C: Glossary
2078.6.2 Proposed Standard
414Index
