Author: Thomas Akin
Publisher: O'Reilly Media, Inc.
Release Date: 2009-02-09
This succinct book departs from other security literature by focusing exclusively on ways to secure Cisco routers, rather than the entire network. The rational is simple: If the router protecting a network is exposed to hackers, then so is the network behind it. This is a reference for protecting the protectors, and author Thomas Akin supplies all the tools necessary to turn a potential vulnerability into a strength.
As a network administrator, auditor or architect, you know the importance of securing your network and finding security solutions you can implement quickly. This succinct book departs from other security literature by focusing exclusively on ways to secure Cisco routers, rather than the entire network. The rational is simple: If the router protecting a network is exposed to hackers, then so is the network behind it. Hardening Cisco Routers is a reference for protecting the protectors. Included are the following topics: The importance of router security and where routers fit into an overall security plan Different router configurations for various versions of Cisco?s IOS Standard ways to access a Cisco router and the security implications of each Password and privilege levels in Cisco routers Authentication, Authorization, and Accounting (AAA) control Router warning banner use (as recommended by the FBI) Unnecessary protocols and services commonly run on Cisco routers SNMP security Anti-spoofing Protocol security for RIP, OSPF, EIGRP, NTP, and BGP Logging violations Incident response Physical security Written by Thomas Akin, an experienced Certified Information Systems Security Professional (CISSP) and Certified Cisco Academic Instructor (CCAI), the book is well organized, emphasizing practicality and a hands-on approach. At the end of each chapter, Akin includes a Checklist that summarizes the hardening techniques discussed in the chapter. The Checklists help you double-check the configurations you have been instructed to make, and serve as quick references for future security procedures.Concise and to the point, Hardening Cisco Routers supplies you with all the tools necessary to turn a potential vulnerability into a strength. In an area that is otherwise poorly documented, this is the one book that will help you make your Cisco routers rock solid.
Author: Steven Dangerfield
Publisher: Prentice Hall
Release Date: 2002
The best security systems are designed in layers (perimeter security, application security, network device/hardware security etc.) This book was designed to cover the security of network infrastructure devices--namely, routers, and switches.
Author: Steven Andres
Release Date: 2004-05-05
This is the only computer book to focus completely on infrastucture security: network devices, protocols and architectures. It offers unique coverage of network design so administrators understand how they should design and protect their enterprises. Network security publishing has boomed in the last several years with a proliferation of materials that focus on various elements of the enterprise. * This is the only computer book to focus completely on infrastucture security: network devices, protocols and architectures * It offers unique coverage of network design so administrators understand how they should design and protect their enterprises * Helps provide real practical solutions and not just background theory
Here are all the CCNA-level Routing and Switching commands you need in one condensed, portable resource. The CCNA Routing and Switching Portable Command Guide, Third Edition, is filled with valuable, easy-to-access information and is portable enough for use whether you’re in the server room or the equipment closet. The guide summarizes all CCNA certification-level Cisco IOS® Software commands, keywords, command arguments, and associated prompts, providing you with tips and examples of how to apply the commands to real-world scenarios. Configuration examples throughout the book provide you with a better understanding of how these commands are used in simple network designs. This book has been completely updated to cover topics in the ICND1 100-101, ICND2 200-101, and CCNA 200-120 exams. Use this quick reference resource to help you memorize commands and concepts as you work to pass the CCNA Routing and Switching certification exam. The book is organized into these parts: • Part I TCP/IP v4 • Part II Introduction to Cisco Devices • Part III Configuring a Router • Part IV Routing • Part V Switching • Part VI Layer 3 Redundancy • Part VII IPv6 • Part VIII Network Administration and Troubleshooting • Part IX Managing IP Services • Part X WANs • Part XI Network Security Quick, offline access to all CCNA Routing and Switching commands for research and solutions Logical how-to topic groupings for a one-stop resource Great for review before CCNA Routing and Switching certification exams Compact size makes it easy to carry with you, wherever you go “Create Your Own Journal” section with blank, lined pages allows you to personalize the book for your needs “What Do You Want to Do?” chart inside back cover helps you to quickly reference specific tasks
As a delivery vehicle for email, web pages, text, audio, and video, the global IP network is inspiring and intimidating in its vigor and resilience. While we could discuss at length the reasons for its vigor, the resilience of this network is in large part due to IP routing. This book introduces the reader to the intricacies of IP routing as it is implemented using Cisco routers. Each section leads the reader through the basics of configuring routing protocols. This approach gives the reader a quick start with the routing protocol under discussion and reveals the underlying concepts of IP routing. What is the packet-forwarding process ? How is the routing table maintained ? How do Distance Vector algorithms work ? How do classful and classless route lookups differ ? These and other concepts are illustrated in the discussions of static routing, RIP, IGRP, and EIGRP. The limitations of these traditional routing protocols will also become obvious to the reader. Variable Length Subnet Masks, route summarization, and fast convergence are key features in the design of any large IP network. These features are discussed in the OSPF chapter, which includes an introduction to Dijkstra's algorithm, the foundation for Link State protocole. Finally, BGP-4 is described in detail, showing the reader how to use BGP-4 attributes to set routing policies. This book is intended for anyone interested in IP routing. While it is appropriate for a beginner, it will also be useful for anyone already familiar with IP routing who is seeking a better understanding of the underlying concepts.
The real-world guide to securing Cisco-based IP telephony applications, devices, and networks Cisco IP telephony leverages converged networks to dramatically reduce TCO and improve ROI. However, its critical importance to business communications and deep integration with enterprise IP networks make it susceptible to attacks that legacy telecom systems did not face. Now, there’s a comprehensive guide to securing the IP telephony components that ride atop data network infrastructures–and thereby providing IP telephony services that are safer, more resilient, more stable, and more scalable. Securing Cisco IP Telephony Networks provides comprehensive, up-to-date details for securing Cisco IP telephony equipment, underlying infrastructure, and telephony applications. Drawing on ten years of experience, senior network consultant Akhil Behl offers a complete security framework for use in any Cisco IP telephony environment. You’ll find best practices and detailed configuration examples for securing Cisco Unified Communications Manager (CUCM), Cisco Unity/Unity Connection, Cisco Unified Presence, Cisco Voice Gateways, Cisco IP Telephony Endpoints, and many other Cisco IP Telephony applications. The book showcases easy-to-follow Cisco IP Telephony applications and network security-centric examples in every chapter. This guide is invaluable to every technical professional and IT decision-maker concerned with securing Cisco IP telephony networks, including network engineers, administrators, architects, managers, security analysts, IT directors, and consultants. Recognize vulnerabilities caused by IP network integration, as well as VoIP’s unique security requirements Discover how hackers target IP telephony networks and proactively protect against each facet of their attacks Implement a flexible, proven methodology for end-to-end Cisco IP Telephony security Use a layered (defense-in-depth) approach that builds on underlying network security design Secure CUCM, Cisco Unity/Unity Connection, CUPS, CUCM Express, and Cisco Unity Express platforms against internal and external threats Establish physical security, Layer 2 and Layer 3 security, and Cisco ASA-based perimeter security Complete coverage of Cisco IP Telephony encryption and authentication fundamentals Configure Cisco IOS Voice Gateways to help prevent toll fraud and deter attacks Secure Cisco Voice Gatekeepers and Cisco Unified Border Element (CUBE) against rogue endpoints and other attack vectors Secure Cisco IP telephony endpoints–Cisco Unified IP Phones (wired, wireless, and soft phone) from malicious insiders and external threats This IP communications book is part of the Cisco Press® Networking Technology Series. IP communications titles from Cisco Press help networking professionals understand voice and IP telephony technologies, plan and design converged networks, and implement network solutions for increased productivity.
Author: Joseph D Sloan
Publisher: "O'Reilly Media, Inc."
Release Date: 2001-08-09
Over the years, thousands of tools have been developed for debugging TCP/IP networks. They range from very specialized tools that do one particular task, to generalized suites that do just about everything except replace bad Ethernet cables. Even better, many of them are absolutely free. There's only one problem: who has time to track them all down, sort through them for the best ones for a particular purpose, or figure out how to use them?Network Troubleshooting Tools does the work for you--by describing the best of the freely available tools for debugging and troubleshooting. You can start with a lesser-known version of ping that diagnoses connectivity problems, or take on a much more comprehensive program like MRTG for graphing traffic through network interfaces. There's tkined for mapping and automatically monitoring networks, and Ethereal for capturing packets and debugging low-level problems.This book isn't just about the tools available for troubleshooting common network problems. It also outlines a systematic approach to network troubleshooting: how to document your network so you know how it behaves under normal conditions, and how to think about problems when they arise, so you can solve them more effectively.The topics covered in this book include: Understanding your network Connectivity testing Evaluating the path between two network nodes Tools for capturing packets Tools for network discovery and mapping Tools for working with SNMP Performance monitoring Testing application layer protocols Software sources If you're involved with network operations, this book will save you time, money, and needless experimentation.
Securing the Internet of Things provides network and cybersecurity researchers and practitioners with both the theoretical and practical knowledge they need to know regarding security in the Internet of Things (IoT). This booming field, moving from strictly research to the marketplace, is advancing rapidly, yet security issues abound. This book explains the fundamental concepts of IoT security, describing practical solutions that account for resource limitations at IoT end-node, hybrid network architecture, communication protocols, and application characteristics. Highlighting the most important potential IoT security risks and threats, the book covers both the general theory and practical implications for people working in security in the Internet of Things. Helps researchers and practitioners understand the security architecture in IoT and the state-of-the-art in IoT security countermeasures Explores how the threats in IoT are different from traditional ad hoc or infrastructural networks Provides a comprehensive discussion on the security challenges and solutions in RFID, WSNs, and IoT Contributed material by Dr. Imed Romdhani
The essential guide to understanding and using firewalls to protect personal computers and your network An easy-to-read introduction to the most commonly deployed network security device Understand the threats firewalls are designed to protect against Learn basic firewall architectures, practical deployment scenarios, and common management and troubleshooting tasks Includes configuration, deployment, and management checklists Increasing reliance on the Internet in both work and home environments has radically increased the vulnerability of computing systems to attack from a wide variety of threats. Firewall technology continues to be the most prevalent form of protection against existing and new threats to computers and networks. A full understanding of what firewalls can do, how they can be deployed to maximum effect, and the differences among firewall types can make the difference between continued network integrity and complete network or computer failure. Firewall Fundamentals introduces readers to firewall concepts and explores various commercial and open source firewall implementations--including Cisco, Linksys, and Linux--allowing network administrators and small office/home office computer users to effectively choose and configure their devices. Firewall Fundamentals is written in clear and easy-to-understand language and helps novice users understand what firewalls are and how and where they are used. It introduces various types of firewalls, first conceptually and then by explaining how different firewall implementations actually work. It also provides numerous implementation examples, demonstrating the use of firewalls in both personal and business-related scenarios, and explains how a firewall should be installed and configured. Additionally, generic firewall troubleshooting methodologies and common management tasks are clearly defined and explained.
This guide focuses on access lists that are critical to network and Internet security. Access lists are a main part of the Cisco IOS that are used to control access, route traffic and specify packet filtering for firewalls.
This book covers what an administrator needs to plan out and integrate a DMZ into a network for small, medium and Enterprise networks. In most enterprises the perception is that a firewall provides a hardened perimeter. However, the security of internal networks and hosts is usually very soft. In such an environment, a non-DMZ system that is offering services to the Internet creates the opportunity to leapfrog to other hosts in the soft interior of your network. In this scenario your internal network is fair game for any attacker who manages to penetrate your so-called hard perimeter. - There are currently no books written specifically on DMZs - This book will be unique in that it will be the only book that teaches readers how to build a DMZ using all of these products: ISA Server, Check Point NG, Cisco Routers, Sun Servers, and Nokia Security Appliances. - Dr. Thomas W. Shinder is the author of the best-selling book on Microsoft's ISA, Configuring ISA Server 2000. Customers of the first book will certainly buy this book.
Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide is a Cisco authorized, self-paced learning tool for CCNP preparation. This book teaches readers how to design, configure, maintain, and scale routed networks that are growing in size and complexity. The book covers all routing principles covered in the CCNP Implementing Cisco IP Routing course. As part of the Cisco Press Self-Study series, Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide provides comprehensive foundation learning for the CCNP ROUTE exam. This revision to the popular Foundation Learning Guide format for Advanced Routing at the Professional level is fully updated to include complete coverage of all routing topics covered in the new Implementing Cisco IP Routing (ROUTE) course. The proposed book is an intermediate-level text, which assumes that readers have been exposed to beginner-level networking concepts contained in the CCNA (ICND1 and ICND2) certification curriculum. No previous exposure to the CCNP level subject matter is required, so the book provides a great deal of detail on the topics covered. Each chapter opens with a list of objectives to help focus the reader's study. Configuration exercises at the end of each chapter and a master lab exercise that ties all the topics together in the last chapter help illuminate theoretical concepts. Key terms will be highlighted and defined throughout. Each chapter will conclude with a summary to help review key concepts, as well as review questions to reinforce the reader's understanding of what was covered.
Author: Wesley J. Noonan
Publisher: McGraw Hill Professional
Release Date: 2004
Bulletproof your system before you are hacked! From the publisher of the international best-seller, Hacking Exposed. No More Twinkies ®! Most networks are hard on the outside and soft and gooey on the inside. Once the outer shell is penetrated, the insides are relatively unprotected. Hardening Network Infrastructure delivers proactive—instead of reactive—guidance on how to secure the perimiter as well as the internal network core.· No “it depends” information. IT Pros don’t want to wade through reams of paper to figure out what is right for their system/configuration. Hardening Network Infrastructure provides declarative information on how to harden your Perimeter and Internal Network, Routers and Switches, Intrusion Detection/Prevention Systems, and WLAN connections how and where to use Content Filters and Application Proxies- Finally, a unique approach that takes the guess work out of Windows® security. “Do This Now!”-Checklist of 5-8 tasks to complete first, “Take It From The Top” provides systematic Windows® hardening steps, followed by “Once Is Never Enough!” because security is iterative—it must be an ongoing process, finally, for the first time, readers find out how to diplomatically and politically navigate the “Soft Issues” of securing financial support, management buy-in and employee acceptance of their security strategy