Other Known IDS Limitations IDS Countermeasures Host-Based IDS IDS Setup Before You Begin RealSecure Installation Configuring RealSecure Monitoring Events Reporting Summary

CHAPTER 9—Authentication and Encryption

The Need for Improved Security Clear Text Transmissions Passively Monitoring Clear Text Clear Text Protocols Good Authentication Required Session Hijacking Verifying the Destination Encryption 101 Methods of Encryption Encryption Weaknesses Government Intervention Good Encryption Required Solutions Data Encryption Standard DES Digital Certificate Servers IP Security IPSEC Kerberos Point-to-Point Tunneling Protocol Remote Access Dial-In User Service RADIUS RSA Encryption Secure Shell SSH Secure Sockets Layer SSL Security Tokens Simple Key Management for Internet Protocols SKIP Summary

CHAPTER 10—Virtual Private Networking

VPN Basics Selecting a VPN Product VPN Product Options VPN Alternatives Setting up a VPN Preparing the Firewall Our VPN Diagram Configuring Required Network Objects Exchanging Keys Modifying the Security Policy Testing the VPN Summary

CHAPTER 11—Viruses, Trojans, and Worms: Oh My

Viruses: The Statistics Financial Repercussions What Is a Virus? Replication Concealment Bomb Social Engineering Viruses Worms Trojan Horses Preventive Measures Access Control Checksum Verification Process Monitoring Virus Scanners Heuristic Scanners Application-Level Virus Scanners Deploying Virus Protection Protecting the Desktop Systems Protecting the NT and NetWare Servers Protecting the UNIX System Summary

CHAPTER 12—Disaster Prevention and Recovery

Disaster Categories Network Disasters Cabling Thinnet and Thicknet Fiber Cabling Excessive Cable Lengths Topology Single Points of Failure Saving Configuration Files Server Disasters Uninterruptible Power Supply UPS RAID Redundant Servers Clustering Tape Backup Server Recovery Simulating Disasters Nondestructive Testing Document Your Procedures OctopusHA+ for NT Server An Octopus Example Installing Octopus Configuring Octopus Testing Octopus Summary

CHAPTER 13—NetWare

NetWare Core OS C2 Certification NetWare Directory Services NDS Design Account Management Identification Logon Restrictions Password Restrictions Login Time Restrictions Network Address Restriction Intruder Lockout Rights to Files and Directories Group Membership Security Equal To File System Inherited Rights Mask Logging and Auditing Network Security Packet Signature Setting Packet Signature Filtcfg Tweaking NetWare Security The SECURE.NCF Script Secure Console Securing Remote Console Access Summary

CHAPTER 14—NT Server

NT Overview NT Domain Structure Storing Domain Information Domain Trusts Designing a Trust Architecture User Accounts Working with SIDs The Security Account Manager Configuring User Manager Policies Policies and Profiles File System Permissions Logging Configuring Event Viewer Reviewing the Event Viewer Logs Auditing System Events Security Patches Available IP Services Computer Browser DHCP Relay Agent Microsoft DHCP Server Microsoft DNS Server Microsoft Internet Information Server IIS 2.0 Microsoft TCPIP Printing Network Monitor Agent RIP for Internet Protocol RPC Configuration Simple TCPIP Services SNMP Service Packet Filtering with Windows NT Enabling Packet Filtering Configuring Packet Filtering A Final Word on NT Ports Securing DCOM Selecting the DCOM Transport Limiting the Ports Used by DCOM DCOM and NAT Ports Used by Windows Services Additional Registry Key Changes Logon Banner Hiding the Last Logon Name Securing the Registry on Windows NT Workstation Cleaning the Page File The Future of Windows NT Summary

CHAPTER 15—UNIX