[...]... Contents 11 Firewall Engineering 211 11 .1 Rulesets 11 .2 11 .3 11 .4 11 .5 Proxies Building a Firewall from Scratch Firewall Problems Testing Firewalls 214 215 227 230 12 Tunneling and VPNs 12 .1 Tunnels 12 .2 Virtual Private Networks (VPNs) 12 .3 Software vs Hardware V 212 233 234 236 242 Protecting an Organization 245 13 Network... 310 310 311 312 18 Secure Communications over Insecure Networks 18 .1 The Kerberos Authentication System 18 .2 Link-Level Encryption 18 .3 Network-Level Encryption 18 .4 Application-Level Encryption 313 314 318 318 322 19 Where Do We Go from Here? 19 .1 IPv6 19 .2 DNSsec 19 .3 Microsoft and Security 19 .4 Internet Ubiquity 19 .5... Unfriendly Acts 16 .2 An Evening with Berferd 16 .3 The Day After 282 285 287 287 290 294 Contents xi 16 .4 The Jail 16 .5 Tracing Berferd 16 .6 Berferd Comes Home 295 296 298 17 The Taking of Clark 17 .1 Prelude 3 01 302 17 .2 CLARK 302 17 .3 17 .4 17 .5 17 .6 17 .7 17 .8 Crude Forensics Examining CLARK ... Layout 13 .1 Intranet Explorations 13 .2 Intranet Routing Tricks 13 .3 In Host We Trust 13 .4 Belt and Suspenders 13 .5 Placement Classes 247 248 249 253 255 257 14 Safe Hosts in a Hostile Environment 14 .1 What Do We Mean by "Secure"? 14 .2 Properties of Secure Hosts 14 .3 Hardware Configuration 14 .4 Field-Stripping a Host 14 .5... Software 14 .6 Administering a Secure Host 14 .7 Skinny-Dipping: Life Without a Firewall 259 259 260 265 266 270 2 71 277 15 Intrusion Detection 15 .1 Where to Monitor 15 .2 Types of IDSs 15 .3 Administering an IDS 279 280 2 81 282 15 .4 IDS Tools VI Lessons Learned 16 An Evening with Berferd 16 .1 Unfriendly Acts 16 .2 An Evening... perimeter security, and it is very important on the Internet It has two components: the wall and the gate On the Internet, the gate is implemented with a firewall, a configuration of machines and software that allows the townspeople to do their business, without letting the Bad Guys in To be effective, the wall should go all the way around the town, and be high enough and thick enough to withstand attack... Chapter 11 covers a lot of the deep details of firewalls, including their configuration, administration, and design It is certainly not a complete discussion of the subject, but should give readers a good start VPN tunnels, including holes through firewalls, are covered in some detail in Chapter 12 There is more detail in Chapter )8 In Part V, we upply the.se tools and lessons to organizations Chapter 13 ... that topic already exist, such us [Farrow 19 9 1 ] [Garfinkel and Spatfford, 19 96] and [Curry 19 92] Nor is this a cookbook to tell you how to administer various packaged firewall gateways The technology is too new and any such work would be obsolete before it was even published Rather, it is a set of guidelines that, we hope, both defines the problem space and roughly sketches the boundaries of possible... networks in Chapter 6 Part III covers some of the tools and techniques we can use to make our networking world safer We cover authentication tools in Chapter 7, and safer network servicing software in Chapter 8 Part IV covers firewalls and virtual private networks (VPNs) Chapter 9 introduces various types of firewalls and filtering techniques, and Chapter 10 summarizes some reasonable policies for filtering... firewall were impermeable, and even if the administrators and operators never made any mistakes, the Internet is not the only source of danger Apart from the risk of insider attacks and in many environments, that is a serious risk—an outsider can gain access by other means Often, a hacker has come in through a modem pool, and attacked the firewall from the inside [Hafner and Markoff, 19 91] Strong host security . 11 .1 Rulesets 212 11 .2 Proxies 214 11 .3 Building a Firewall from Scratch 215 11 .4 Firewall Problems 227 11 .5 Testing Firewalls 230 12 Tunneling and VPNs 233 12 .1 Tunnels 234 12 .2 Virtual. Botnets 11 7 5 .10 Active Attacks 11 7 6 The Hacker's Workbench, and Other Munitions 11 9 6 .1 Introduction 11 9 6.2 Hacking Goals 12 1 6.3 Scanning a Network 12 1 6.4 Breaking into the Host 12 2. Implementation 16 9 8 .11 Taming Named 17 0 8 .12 Adding SSL Support with Sslwrap 17 0 IV Firewalls and VPNs 17 3 9 Kinds of Firewalls 17 5 9 .1 Packet Filters 17 6 9.2 Application-Level Filtering 18 5 9.3