TY  - BOOK
AU  - Cheswick,William R.
AU  - Bellovin,Steven M.
TI  - Firewalls and internet security : : repelling the wily hacker / 
T2  - Addison-Wesley Professional Computing Series
SN  - 0201633574
PY  - 1994///
CY  - Massachusetts
PB  - Addison-Wesley
KW  - PROTECCION DE DATOS
KW  - INTERNET-SEGURIDAD
KW  - FIREWALLS
N1  - CONTENIDO
Preface xi
Part I. Getting Started 1
1. Introduction 3
Why Security? 3
Picking a Security Policy 4
Strategies for a Secure Network 8
The Ethics of Computer Security 15
WARNING 17
2. An Overview of TCP/IP 19
The Different Layers 19
Routers and Routing Protocols 26
The Domain Name System 27
Standard Services 29
RPC-based Protocols 34
File Transfer Protocols 39
The r Commands 42
Information Services 44
The X11 System 47
Patterns of Trust 48
Part II. Building Your Own Firewall 49
3. Firewall Gateways 51
Firewall Philosophy 51
Situating Firewalls 53
Packet-Filtering Gateways 54
Application-Level Gateways 75
Circuit-Level Gateways 76
Supporting Inbound Services 78
Tunnels Good and Bad 79
Joint Ventures 80
What Firewalls Can't Do 82
4. How to Build an Application-Level Gateway 85
Policy 85
Hardware Configuration Options 86
Initial Installation 89
Gateway Tools 91
Installing Services 94
Protecting the Protectors 109
Gateway Administration 110
Safety Analysis_Why Our Setup Is Secure and Fail-Safe 113
Performance 115
The TIS Firewall Toolkit 115
Evaluating Firewalls 116
Living Without a Firewall 118
5. Authentication 119
User Authentication 120
Host-to-Host Authentication 123
6. Gateway Tools 125
Proxylib 125
Syslog 127
Watching the Network: Tcpdump and Friends 128
Adding Logging to Standard Daemons 130
7. Traps, Lures, and Honey Pots 133
What to Log 133
Dummy Accounts 140
Tracing the Connection 141
8. The Hacker's Workbench 143
Introduction 143
Discovery 145
Probing Hosts 148
Connection Tools 150
Routing Games 150
Network Monitors 152
Metastasis 152
Tiger Teams 155
Further Reading 156
Part III. A Look Back 157
9. Classes of Attacks 159
Stealing Passwords 159
Social Engineering 160
Bugs and Backdoors 161
Authentication Failures 163
Protocol Failures 164
Information Leakage 165
Denial-of-Service 165
10. An Evening with Berferd 167
Introduction 167
Unfriendly Acts 167
An Evening with Berferd 169
The Day After 174
The Jail 175
Tracing Berferd 177
Berferd Comes Home 178
11. Where the Wild Things Are: A Look at the Logs 181
A Year of Hacking 183
Proxy Use 189
Attack Sources 190
Noise on the Line 192
Part IV. Odds and Ends 195
12. Legal Considerations 197
Computer Crime Statutes 198
Log Files as Evidence 200
Is Monitoring Legal? 202
Tort Liability Considerations 206
13. Secure Communications over Insecure Networks 211
An Introduction to Cryptography 211
The Kerberos Authentication System 223
Link-Level Encryption 226
Network- and Transport-Level Encryption 227
Application-Level Encryption 229
14. Where Do We Go from Here? 235
A. Useful Free Stuff 239
Building Firewalls 240
Network Management and Monitoring Tools 243
Auditing Packages 244
Cryptographic Software 246
Information Sources 247
B. TCP and UDP Ports 249
Fixed Ports 249
MBone Usage 252
C. Recommendations to Vendors 253
Everyone 253
Hosts 253
Routers 254
Protocols 254
Firewalls 255
Bibliography 257
List of s 277
Index 279
ER  -