TY - BOOK TI - Internet security : : professional reference / SN - 156205760X PY - 1997/// CY - Indianapolis : PB - New Riders, KW - INTERNET SECURITY KW - JAVA SECURITY KW - CGI SECURITY KW - VIRUS KW - SECURITY INFORMATION N1 - CONTENIDO Introduction 1 Part I: Managing Internet Security 7 1 Understanding TCP/IP 7 The History of TCP/IP 8 Exploring Addresses, Subnets, and Hostnames 9 Working with Network Interfaces 16 Reviewing the Network Configuration Files 19 Understanding the Network Access Files 23 Examining TCP/IP Daemons 25 Exploring TCP/IP Utilities 28 2 Understanding and Creating Daemons 51 What Is a Daemon? 52 Examining the System Daemons 57 Creating Daemons with the Bourne Shell 63 Creating Daemons with PERL 67 Unix Run Levels 73 Program Listings 76 3 Using UUCP 97 The History of UUCP 98 The UUCP Network 100 Naming Your Host 102 The System V Basic Networking Utilities UUCP 103 The UUCP Chat Script 113 Configuring Version 2 UUCP 130 Configuring UUCP over TCP/IP 141 Code Listings 142 4 Audit Trails 147 Audit Trails Under Unix 148 Audit Trails Under Windows NT 162 Audit Trails Under DOS 166 Using System Logs to Discover Intruders 167 Part II: Gaining Access and Securing the Gateway 173 5 IP Spoofing and Sniffing 173 Sniffing 174 Spoofing 196 6 How to Build a Firewall 233 The TIS Firewall Toolkit 234 Preparing for Configuration 238 Configuring TCP/IP 242 The netperm Table 244 Configuring netacl 245 Configuring the Telnet Proxy 249 Configuring the rlogin Gateway 255 Configuring the FTP Gateway 259 Configuring the Sendmail Proxy: smap and smapd 264 Configuring the HTTP Proxy 270 Configuring the X Windows Proxy 275 Understanding the Authentication Server 276 Using plug-gw for Other Services 288 The Companion Administrative Tools 294 Where to Go for Help 305 Sample netperm-table File 306 Manual Reference Pages 310 7 How to Buy a Firewall 345 Firewall Refresher 346 Choosing a Firewall 348 Firewall Architecture 349 Evaluating Firewalls 354 Evaluating Firewall Performance 362 Evaluating the Security of Firewalls 367 8 SATAN and the Internet Inferno 371 The Nature of Network Attacks 373 Thinking Like an Intruder 387 The First Meeting with SATAN 410 Detecting SATAN 413 Using Secure Network Programs 414 SSL 416 Investigating What SATAN Does 419 Rendezvous with SATAN 441 Building SATAN 455 Works Cited 476 9 Kerberos 477 How Kerberos Works 478 The Kerberos Network 479 How Authentication Works 481 Encryption 485 Versions of Kerberos 497 Selecting a Vendor 499 Vendor Interoperability Issues 500 Naming Constraints 503 Cross-Realm Operation 506 Ticket Flags 508 Message Exchanges 513 Kerberos Workstation Authentication Problem 551 Other Sources of Information 553 Part III: Messaging: Creating a Secure Channel 557 10 Encryption Overview 557 Overview of Encryption Techniques 558 Crypto-Speak 562 Applying Cryptography 564 Symmetric (Secret Key) Cryptography 577 Asymmetric (Public-Key) Cryptography 600 Attacks and Cryptanalysis 601 Crypto Links 604 Summary 604 11 PGP 605 PGP Overview 606 PGP How-To 609 PGP Keys 617 Key Management 622 Basic Message Operations 637 Advanced Message Operations645 The PGP Configuration File 649 Security of PGP 654 PGP Add-Ons 657 Part IV: Modern Concerns 663 12 Windows NT Internet Security 663 Windows NT Overview 664 The Windows NT Operating Environment 669 Windows NT Logon and Authentication 675 Intranet-Related Features in Windows NT 679 Considerations for Connecting to the Internet 680 Microsoft Internet Information Server 686 Microsoft Proxy Server 691 The New Windows NT Directory Services Model 693 13 Java Security 697 Java's Functionality 699 History of the Java Language 704 Main Features of the Java Environment 706 From Class File to Execution 716 The Java Virtual Machine 722 Setting Up Java Security Features 728 14 CGI Security 735 Introducing the CGI Interface 736 Understanding Vulnerabilities 740 Minimizing Vulnerability 742 CGIWrap: An Alternative Model 744 Bypassing CGI 745 Server Side Includes (SSI) 746 Language Issues 747 Protecting Sensitive Data 751 Logging 753 15 Viruses 755 A User's Perspective 756 What Is a Computer Virus? 757 Most Likely Targets 758 IBM PC Computer Virus Types 773 Network and Internet Virus Susceptibility 809 Virus Classes 812 How Antivirus Programs Work 820 Preventative Measures and Cures 833 Profile: Virus Behavior Under Windows NT 838 Part V: Appendices 849 ER -