w infk01 - Open Source Security Tools, Książki IT

[ Pobierz całość w formacie PDF ]
howlett_fm.fm Page i Tuesday, June 29, 2004 2:10 PM
Open Source
Security Tools
 howlett_fm.fm Page ii Tuesday, June 29, 2004 2:10 PM
B
RUCE
P
ERENS
’ O
PEN
S
OURCE
S
ERIES
http://www.phptr.com/perens
C++ GUI Programming with Qt 3
Jasmin Blanchette, Mark Summerfield
◆
Managing Linux Systems with Webmin: System Administration and
Module Development
Jamie Cameron
◆
Understanding the Linux Virtual Memory Manager
Mel Gorman
◆
Implementing CIFS: The Common Internet File System
Christopher Hertel
◆
Embedded Software Development with eCos
Anthony Massa
◆
Rapid Application Development with Mozilla
Nigel McFarlane
◆
The Linux Development Platform: Configuring, Using, and Maintaining a
Complete Programming Environment
Rafeeq Ur Rehman, Christopher Paul
◆
Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT,
Apache, MySQL, PHP, and ACID
Rafeeq Ur Rehman
◆
The Official Samba-3 HOWTO and Reference Guide
John H. Terpstra, Jelmer R. Vernooij, Editors
◆
Samba-3 by Example: Practical Exercises to Successful Deployment
John H. Terpstra
◆
 howlett_fm.fm Page iii Tuesday, June 29, 2004 2:10 PM
Open Source
Security Tools
Practical Applications for Security
Tony Howlett
Prentice Hall
Professional Technical Reference
Upper Saddle River, NJ 07458
www.phptr.com
 howlett_fm.fm Page iv Wednesday, June 30, 2004 9:51 AM
Visit Prentice Hall on the Web: www.phptr.com
Library of Congress Cataloging-in-Publication Data
Howlett, Tony.
Open source security tools : practical applications for security / Tony Howlett
p. cm.
Includes index.
ISBN 0-321-19443-8 (pbk. : alk. paper)
1. Computer security. 2. Computer networks—Security measures. 3. Open source software. I. Title.
QA76.9.A25H6985 2004
005.8—dc22
2004009479
Copyright © 2005 Pearson Education, Inc.
Publishing as Prentice Hall Professional Technical Reference
Upper Saddle River, New Jersey 07458
Prentice Hall PTR offers excellent discounts on this book when ordered in quantity for bulk purchases or special
sales. For more information, please contact: U.S. Corporate and Government Sales, 1-800-382-3419, corp-
sales@pearsontechgroup.com. For sales outside of the U.S., please contact: International Sales,
1-317-581-3793, international@pearsontechgroup.com.
Company and product names mentioned herein are the trademarks or registered trademarks of their respective
owners.
This material may be distributed only subject to the terms and conditions set forth in the Open Publication
License, v.1.0 or later. The latest version is presently available at www.opencontent.org/openpub/.
Printed in the United States of America
First Printing, July 2004
ISBN 0-321-19443-8
Pearson Education Ltd.
Pearson Education Australia Pty., Limited
Pearson Education South Asia Pte. Ltd.
Pearson Education Asia Ltd.
Pearson Education Canada, Ltd.
Pearson Educación de Mexico, S.A. de C.V.
Pearson Education—Japan
Pearson Malaysia S.D.N. B.H.D.
 HowlettTOC.fm Page v Tuesday, June 29, 2004 2:33 PM
Contents
Preface xi
Audience xii
Contents xii
Open Source Security Tool
Index xiii
Chapter 1: Information Security
and Open Source Software
1
Information Security and Open
Source Software 1
Securing the Perimeter
1
Plugging the Holes 2
Establishing an Early Warning
System 2
Building a Management System
for Security Data 2
Implementing a Secure Wireless
Solution 3
Securing Important Files and
Communications 3
Investigating Break-ins
xiii
Chapter 2: Operating System
Tools xiii
Chapter 3: Firewalls xiii
Chapter 4: Port Scanners
xiii
Chapter 5: Vulnerability
Scanners xiv
Chapter 6: Network Sniffers xiv
Chapter 7: Intrusion Detection
Systems xiv
Chapter 8: Analysis and
Management Tools xiv
Chapter 9: Encryption Tools
3
The Practice of Information
Security 4
Confidentiality
4
Integrity 5
Availability 5
The State of Computer Crime
xiv
5
Chapter 10: Wireless Tools
xiv
The Advent of the Internet
7
Chapter 11: Forensic Tools
xiv
Ubiquitous, Inexpensive
Broadband 7
Attack of the Script Kiddies 8
Worms, Auto-rooters, and Other
Malware 9
Info-Security Business Risks
Chapter 12: More On Open
Source Software xv
Appendix A: Common Open
Source Licenses xv
Appendix B: Basic Linux/UNIX
Commands xv
Appendix C: Well-Known TCP/IP
Port Numbers xv
Appendix D: General Permission
and Waiver Form
9
Data Loss 9
Denial of Service 10
Embarrassment/Loss of
Customers
10
xv
Liability 10
Disclosure of Corporate Secrets
and Data 11
Tampering with Records
Appendix E: Nessus
Plug-ins xv
CD-ROM Contents and
Organization xv
Using the Tools xvi
Reference Installation
12
Loss of Productivity
12
Open Source History 13
Linux Enters the Scene
xvi
14
Input Variables xvi
Acknowledgements
Open Source Advantages
15
xvii
Cost 15
Extendability
15
Tools Index
xix
v
   [ Pobierz całość w formacie PDF ]