Network attacks and defenses: a hands-on approach
Gespeichert in:
| Format: | Buch |
|---|---|
| Sprache: | English |
| Veröffentlicht: |
Boca Raton [u.a.]
CRC Press
2013
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | "An Auerbach book". Includes bibliographical references and index |
| Beschreibung: | xxxi, 443 p. ill 24 cm |
| ISBN: | 9781466517943 1466517948 |
Internformat
MARC
| LEADER | 00000nam a2200000zc 4500 | ||
|---|---|---|---|
| 001 | BV040795679 | ||
| 003 | DE-604 | ||
| 005 | 20131212 | ||
| 007 | t | ||
| 008 | 130305s2013 xxua||| |||| 00||| eng d | ||
| 010 | |a 2012030746 | ||
| 020 | |a 9781466517943 |c hardcover : alk. paper |9 978-1-4665-1794-3 | ||
| 020 | |a 1466517948 |c hardcover : alk. paper |9 1-4665-1794-8 | ||
| 035 | |a (OCoLC)835326249 | ||
| 035 | |a (DE-599)BVBBV040795679 | ||
| 040 | |a DE-604 |b ger |e aacr | ||
| 041 | 0 | |a eng | |
| 044 | |a xxu |c US | ||
| 049 | |a DE-473 |a DE-1050 | ||
| 050 | 0 | |a TK5105.59 | |
| 082 | 0 | |a 005.8 | |
| 084 | |a ST 276 |0 (DE-625)143642: |2 rvk | ||
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 245 | 1 | 0 | |a Network attacks and defenses |b a hands-on approach |c Zouheir Trabelsi ... [et al.] |
| 264 | 1 | |a Boca Raton [u.a.] |b CRC Press |c 2013 | |
| 300 | |a xxxi, 443 p. |b ill |c 24 cm | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 500 | |a "An Auerbach book". | ||
| 500 | |a Includes bibliographical references and index | ||
| 650 | 4 | |a Computer network |x Security measures | |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Rechnernetz |0 (DE-588)4070085-9 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Rechnernetz |0 (DE-588)4070085-9 |D s |
| 689 | 0 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | |5 DE-604 | |
| 700 | 1 | |a Trabelsi, Zouheir |e Sonstige |4 oth | |
| 856 | 4 | 2 | |m Digitalisierung UB Bamberg |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025775885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-025775885 | ||
Datensatz im Suchindex
| _version_ | 1804150131037044736 |
|---|---|
| adam_text | Contents
Introduction
...............................................................xxv
1
Switch s CAM Table Poisoning Attack
.....................1
1.1
Introduction
..............................................................1
1.2
Lab Exercise
1.1:
Switch s CAM Table Poisoning
.....3
1.2.1
Outcome
......................................................3
1.2.2
Description
...................................................3
1.2.3
Experiment
...................................................5
1.2.3.1
Step
1:
Assign Static IP
Addresses to the Network
Hosts
..........................................5
1.2.3.2
Step
2:
View the Contents
of the CAM Table
......................6
1.2.3.3
Step
3:
Generate a Malicious
Packet to Corrupt the CAM
Table
..........................................8
1.2.3.4
MAC Flood Attack for
Traffic Sniffing
...........................9
1.3
Lab Exercise
1.2:
Prevention of CAM Table
Poisoning Attack
......................................................10
1.3.1
Outcome
.....................................................10
1.3.2
Description
..................................................10
1.3-3
Experiment
..................................................11
1.3.3.1
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.........................................11
vi
■
Contents
1.3.3-2
Step
2:
Configure the
Restrict Mode Security Port
in the Switch
............................11
1.3.3.3
Step
3:
Generate a Malicious
Packet to Corrupt the CAM
Table
.........................................12
1.3.3.4
Step
4:
Configure the
Shutdown Mode Security
Port in the Switch
.....................14
1.4
Chapter Summary
....................................................15
2
ARP
Cache Poisoning-Based MiM
and DoS Attacks
....................................................17
2.1
Introduction
.............................................................17
2.1.1
Address Resolution Protocol
(ARP)
............17
2.1.2
ARP
Cache
..................................................18
2.2
Lab
2.1:
ARP
Cache Poisoning Attack
.....................20
2.2.1
Outcome
.....................................................20
2.2.2
Description
..................................................20
2.2.3
Static
ARP
Cache Update
............................21
2.2.4
Experiment
..................................................25
2.2.4.1
Network Architecture
...............25
2.2.4.2
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.........................................26
2.2.4.3
Step
2:
View the
ARP
Caches of the Hosts
.................26
2.2.4.4
Build a Malicious
ARP
Request Packet to Corrupt a
Target Host s
ARP
Cache
.........26
2.3
Lab
2.2:
DoS Attack Based on
ARP
Cache
Poisoning
................................................................28
2.3.1 Outcome
....................................................28
2.3.2
DoS Attack Based on
ARP
Cache
Poisoning
...................................................28
Contents ■
vii
2.З.З
Experiment..................................................
ЗО
2.3.3.1
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.........................................30
2.3.3.2
Step
2:
View Host As
ARP
Cache
........................................30
2.3.3.3
Step
3:
Build the
Malicious
ARP
Request Packet
31
2.3.3.4
Step
4:
Test the DoS Attack
......32
2.4
Lab
2.3:
MiM Attack Based on
ARP
Cache
Poisoning
.................................................................33
2.4.1
Outcome
.....................................................33
2.4.2
MiM Attack Based on
ARP
Cache
Poisoning
....................................................33
2.4.3
Experiment
..................................................36
2.4.3.1
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.........................................37
2.4.3.2
Step
2:
Enable IP Routing at
Host
С
.......................................37
2.4.3.3
Step
3:
View the
ARP
Caches of Host A and Host
В..
39
2.4.3.4
Step
4:
Build Two Malicious
ARP
Request Packets
...............39
2.4.3.5
Step
5:
Test the MiM Attack
.....41
2.4.3.6
Step
6:
Sniff and Analyze
the Traffic between Hosts A
andB
........................................41
2.5
Chapter Summary
...................................................44
3
Abnormal
ARP
Traffic Detection and Prevention....
45
3.1
Introduction
.............................................................45
3.2
Abnormal
ARP
Packets
...........................................46
3.3
Experiments
.............................................................51
3.3.1
Cross-Layers
ARP
Inspection
.....................55
3.3.2
ARP Stateful
Inspection
..............................55
viii
■ Contents
3.3.3
ARP
Request
Storm and ARP
Scan
............56
3.3.3.1
ARP
Request
Storm
..................
5б
3.3.3.2
ARP
Scan
..................................56
3.3.4
Experimental Results Analysis
...................57
3.4
Lab
3.1:
Abnormal
ARP
Traffic Detection
...............58
3.4.1
Outcome
.....................................................58
3.4.2
XArp
2
Detection Tool
...............................58
3.4.3
Experiment
..................................................59
3.4.3.1
Network Architecture
...............59
3.4.3.2
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.........................................60
3.4.3.3
Step
2:
Install the XArp
2
Tool
..........................................60
3.4.3.4
Step
3:
Configure a SPAN
Port in the Cisco Switch
...........61
3.4.3.5
Step
4:
Generate and Detect
Abnormal
ARP
Packets
............61
3.5
Lab
3.2:
Abnormal
ARP
Traffic Prevention
Using Dynamic
ARP
Inspection for a
Non-DHCP Network Environment
..........................69
3.5.1 Outcome
.....................................................69
3.5.2
Dynamic
ARP
Inspection
...........................69
3.5.3
Experiment
..................................................70
3.5.3.1
Network Architecture
...............70
3.5.3.2
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.........................................71
3.5.3.3
Step
2:
Configure Dynamic
ARP
Inspection for a Non-
DHCP Environment in a
Cisco Catalyst
3560
Switch
.......71
3-5.3.4
Step
3:
Generate and
Prevent Abnormal
ARP
Packets
......................................74
Contents ■ ix
3.6 Lab 33: Abnormal
ARP
Traffic Prevention
Using Dynamic
ARP
Inspection and DHCP
Snooping for a DHCP Environment
........................82
3.6.1
Outcome
.....................................................82
3.6.2
DHCP Snooping
..........................................82
3.6.3
Experiment
..................................................83
3.6.3.1
Network Architecture
...............83
3.6.3.2
Step
1:
Enable DHCP
Snooping
.................................84
3.6.33
Step
2:
Configure Dynamic
ARP
Inspection for a DHCP
Environment
.............................85
3.6.3.4
Step
3:
Generate and Prevent
Abnormal
ARP
Packet
.............86
3.7
Chapter Summary
...................................................88
4
Network Traffic Sniffing and Promiscuous
Mode Detection
......................................................89
4.1
Introduction
.............................................................89
4.2
Lab
4.1:
Promiscuous Mode Detection
...................94
4.2.1
Outcome
.....................................................94
4.2.2
Description
..................................................94
4.2.3
Tests
............................................................95
4.2.4
Promiscuous Mode Detection Tools
........101
4.2.5
Experiment
................................................103
4.2.6
Network Architecture
...............................103
4.2.7
Experiment
................................................103
4.2.7.1
Step
1:
Assign Static IP
Addresses to the Network s
Hosts
.......................................103
4.2.7.2
Step
2:
Run Host B s NIC in
Promiscuous Mode
................104
4.2.7.3
Step
3:
Generate Trap
ARP
Request Packets
......................104
4.2.7.4
Step
4:
Analyze the
ARP
Response Packets
...................106
і
■ Contents
4.2.8
Wireless Network Sniffing
........................110
4.2.8.1
WEP Key Cracking and
Network Traffic Decryption... Ill
4.3
Chapter Summary
..................................................116
5
IP-Based Denial-of-Service Attacks
.....................117
5.1
Introduction
...........................................................117
5.1.1
Distributed Denial-of-Service (DDoS)
Attack
........................................................118
5.2
Lab
5.1:
Land Attack
..............................................120
5.2.1
Outcome
...................................................120
5.2.2
Description
................................................120
5.2.3
Experiment
................................................120
5.2.3.1
Step
1:
Configure the
Network Interfaces in the
Jumper Networks Device
.......121
5.2.3.2
Step
2:
Set the Security
Policies (Filtering Rules)
.........122
5.2.3.3
Step
3:
Enable Protection
against the Land Attack
.........122
5.2.3.4
Step
4:
Build Land Attack
Packets
....................................123
5.2.3.5
Step
5:
Sniff the Generated
Traffic
......................................124
5.2.3.6
Step
6:
View Results in
the Log File of the Juniper
Networks Device
....................125
5.3
Lab
5.2:
SYN
Flood Attack
....................................126
5.3.1
Outcome
...................................................126
5.3-2
Description
................................................126
5.З.З
Experiment
................................................127
5.3.3.1
Step
3:
Enable Protection
against the
SYN
Flood Attack
128
5.3.3.2
Step
4:
Build
SYN
Flood
Attack Packets
........................128
Contents ■ xi
5.3.3.3
Step
5:
Sniff the Generated
Traffic
......................................131
5.3-3.4
Step
6:
View Results in
the Log File of the Juniper
Networks Device
....................132
5.4
Lab
5.3:
Teardrop Attack
.......................................133
5.4.1
Outcome
...................................................133
5.4.2
Description
................................................133
5.4.3
Experiment
................................................134
5.4.3.1
Step
3:
Enable Protection
against the Teardrop Attack...
134
5.4.3.2
Step
4:
Build Teardrop
Attack Packets
........................135
5.4.3.3
Step
5:
View Results in
the Log File of the Juniper
Networks Device
....................137
5.5
Lab
5.4:
UDP
Flood Attack
....................................138
5.5.1
Outcome
...................................................138
5.5.2
Description
................................................138
5.5.3
Experiment
................................................139
5.5.3.1
Step
3:
Enable Protection
against the
UDP
Flood
Attack
......................................139
5.5.3.2
Step
4:
Build
UDP
Flood
Attack Packets
........................140
5.5.3.3
Step
5:
Sniff the Generated
Traffic
......................................142
5.5.3.4
Step
6:
View Results in
the Log File of the Juniper
Networks Device
....................143
5.6
Lab
5.5:
Abnormal IP Packets
................................144
5.6.1
Outcome
...................................................144
5.6.2
Description
................................................144
5.6.2.1
ICMP Fragmented Packet
.......144
5.6.2.2
Large ICMP Packet
..................145
5.6.2.3
Unknown Protocol Packet
.....145
xii ■ Contents
5.6.3 Experiment................................................145
5.6.3.1 Step 3:
Enable Protection
against the Three Abnormal
Packets
....................................146
5.6.3.2
Step
4:
Generate the Three
Abnormal Packets
..................147
5.6.3.3
Step
5:
View Results in
the Log File of the Juniper
Networks Device
....................149
5.7
Chapter Summary
..................................................149
6
Reconnaissance Traffic
........................................151
6.1
Introduction
...........................................................151
6.2
Lab
6.1:
IP Address Sweeping
...............................153
6.2.1
Outcome
...................................................153
6.2.2
Description
................................................153
6.2.3
Experiment
................................................153
6.2.3.1
Step
3:
Enable Protection
against IP Address
Sweeping
................................154
6.2.3.2
Step
4:
Perform IP Address
Sweeping
................................155
6.2.3.3
Step
5:
Sniff the Generated
Traffic
......................................155
6.2.3.4
Step
6:
View Results in
the Log File of the Juniper
Networks Device
....................156
6.3
Lab
6.2:
TCP Port Scanning
...................................156
6.3.1
Outcome
...................................................156
6.3-2
Description
................................................157
6.3-3
Experiment
................................................158
6.3.3.1
Enable Protection against
Port Scanning
.........................158
6.3.3.2
Step
4:
Perform TCP Port
Scanning
.................................159
Contents ■ xiii
6.3.3.3
Step
5:
Sniff the Generated
Traffic
......................................160
6.3-3.4
Step
6:
View Results in
the Log File of the Juniper
Networks Device
....................
lói
6.4
Lab
6.З:
Remote Operating System
Identification
.........................................................
lói
6.4.1
Outcome
...................................................
lói
6.4.2
Description
................................................
lói
6.4.2.1
NetScanTools Pro
....................162
6.4.2.2
NmapTool
..............................163
6.4.3
Experiment
................................................165
6.4.3.1
Step
3:
Enable Protection
against the Three TCP
Packets
....................................167
6.4.3.2
Step
4:
Generate the Three
TCP Probe Packets
.................167
6.4.3.3
Step
5:
Sniff the Generated
Traffic
......................................167
6.4.3.4
Step
6:
View Results in
the Log File of the Juniper
Networks Device
....................169
6.5
Lab
6.4:
Traceroute
................................................170
6.5.1
Outcome
...................................................170
6.5.2
Description
................................................171
6.5.3
Preventing Techniques
.............................173
6.5.3.1
Experiment
6.4.1:
Analyze
Traffic Generated by the
Tracert Command
..................174
6.5.3.2
Experiment
6.4.2:
Deny
Traceroute Traffic
...................177
6.6
Chapter Summary
..................................................179
7
Packet Filtering and Inspection
...........................181
7.1
Introduction
...........................................................181
7.2
Lab
7.1:
Basic Packet Filtering
...............................182
xiv ■ Contents
7.2.1
Outcome
...................................................182
7.2.2 Basic Packet
Filtering................................
183
7.2.3 Experiment................................................184
7.2.4 Network
Architecture
...............................184
7.2.5 Experiment Steps......................................185
7.2.5.1 Step 1:
Configure the
Network Interfaces in
the
Juniper Networks Device.......185
7.2.5.2 Step 2:
Set Up
Web, FTP,
and Telnet
Servers..................185
7.2.5.3 Step 3:
Implement Filtering
Rules for Security Policies
......187
7.2.5.4
Step
4:
Test the Filtering
Rules and View the Results
in the Log File of the
Juniper Networks Device
.......190
7.3
Lab
7.2:
Nonstandard
Services Filtering
................191
7.3.1
Outcome
...................................................191
7.3.2
Nonstandard
Services Filtering
.................191
7.3.3
Experiment
................................................192
7.3.4
Network Architecture
...............................193
7.3.5
Experiment Steps
......................................193
7.3.5.1
Step
1:
Configure the
Network Interfaces in the
Juniper Networks Device
.......193
7.3.5.2
Step
2:
Set Up a
Nonstandard Web
Server
Running on Port
3000............193
7.3-5.3
Step
3:
Create a
Nonstandard
Service Profile
in the Juniper Networks
Device
.....................................194
7.З.5.4
Step
4:
Implement Filtering
Rules to Filter Traffic
Targeting the
Nonstandard
Service
....................................195
Contents ■ xv
7.3.5.5
Step
5: Test
the Filtering
Rules and View the Results
in the Event Log of the
Juniper Networks Device
.......196
7.4
Lab
7.3:
Consistency and Efficiency Verification
of Firewall Filtering Rules
......................................197
7.4.1
Outcome
...................................................197
7.4.2
Consistency and Efficiency of Filtering
Rules
..........................................................197
7.4.3
Importance of the Filtering Rules Order
.... 201
7.4.4
Experiment: Juniper Networks Device
....203
7.4.5
Network Architecture
...............................203
7.4.6
Experiment Steps
......................................203
7.4.6.1
Step
1:
Configure the
Network Interfaces in the
Juniper Networks Device
.......203
7.4.6.2
Step
2:
Implement
Inconsistent and Inefficient
Filtering Rules
.........................204
7.4.6.3
Step
3:
Verify the
Consistency and Efficiency
of the Filtering Rules
..............204
7.4.7
Experiment: FirePAC Tool
........................205
7.4.8
Experiment Steps
......................................205
7.4.8.1
Step
1:
Acquire the Firewall
Configuration File
..................206
7.4.8.2
Step
2:
Verify the
Consistency and Efficiency
of the Filtering Rules
..............207
7.4.8.3
Step
3:
Analysis of the
FirePAC Tool s Findings
..........207
7.5
Lab
7.4:
Packet Content Filtering
...........................211
7.5-1
Outcome
...................................................211
7.5.2
Packet Content Filtering
............................211
7.5.3
Experiment
................................................213
7.5.4
Network Architecture
...............................214
xvi ■ Contents
7.5.5 Experiment Steps......................................214
7.5.5.1 Step 1:
Configure
the
Network Interfaces in
the
Juniper Networks Device.......215
7.5.5.2 Step 2:
Set Up
Web, FTP,
and E-Mail Servers.................215
7.5.5.3
Step 3:
Implement Filtering
Rules for Security Policies
......215
7.5.5.4
Step
4:
Test the Filtering
Rules and View the Results
in the Log File of the
Juniper Networks Device
.......218
7.6
Lab
7.5:
Stateless versus Stateful Packet Filtering....
224
7.6.1
Outcome
...................................................224
7.6.2
Security Issues with Stateless Packet
Filtering
.....................................................224
7.6.3
Stateful TCP Packet Filtering
....................230
7.6.4
Stateful
UDP
Packet Filtering
...................232
7.6.5
Stateful ICMP Packet Filtering
..................234
7.6.6
Experiment
................................................237
7.6.7
Network Architecture
...............................237
7.6.8
Experiment Steps
......................................238
7.6.8.1
Part
1:
Stateful TCP Packet
Filtering Testing
......................238
7.6.9
Part
2:
Stateful ICMP Packet Filtering
Testing
.......................................................242
7.7
Lab
7.6:
Active and Passive FTP Modes
................245
7.7.1
Outcome
...................................................245
7.7.2
Active and Passive FTP Modes
.................246
7.7.2.1
Active FTP Mode
....................246
7.7.2.2
Active FTP Traffic Filtering
....247
7.7.2.3
Filtering Rules
Implementation for Active
FTP Traffic
..............................248
7.7.2.4
Security Issue with Active
FTP Mode
...............................253
Contents ■ xvii
7.7.3 Passive FTP Mode.....................................253
7.7.3.1 Passive
FTP Traffic Filtering...
254
7.7.3.2
Filtering Rules
Implementation for Passive
FTP Traffic
..............................256
7.7.3.3
Security Issue with the
Passive FTP Mode
..................258
7.7.4
Experiment: Active FTP Traffic Sniffing
and Analysis
..............................................260
7.7.5
Network Architecture
...............................260
7.7.6
Experiment Steps
—
Part
1:
Active FTP
Session
.......................................................260
7.7.6.1
Step
1:
Connect to the FTP
Server Using the Active FTP
Mode and Sniff the Session
Packets
....................................261
7.7.6.2
Step
2:
Analyze the Active
FTP Session Packets
...............261
7.7.7
Experiment Steps
—
Part
2:
Passive FTP
Mode
.........................................................265
7.7.7.1
Step
1:
Configure
LeapFTP as a Passive FTP
Client
......................................265
7.7.7.2
Step
2:
Connect to the FTP
Server and Sniff the Session
Packets
....................................266
7.7.7.3
Step
3:
Analyze the Passive
FTP Session Packets
...............266
7.8
Chapter Summary
..................................................271
8
Router Security
....................................................273
8.1
Introduction
...........................................................273
8.2
Lab
8.1:
AAA Model Basics
...................................275
8.2.1
Outcome
...................................................275
8.2.2
Description
................................................275
8.2.3
Experiment
................................................277
xviii ■ Contents
8.2.4 Network
Architecture...............................
277
8.2.5 Experiment Steps......................................277
8.2.5.1 Step 1 : Basic Router Set-Up
Commands
.............................278
8.2.5.2 Step 2:
Configure the
Loopback Interface................279
8.2.5.3
Step
3:
Console Default
Authentication and
Authorization
.........................280
8.2.5.4
Step
4:
VTY (Telnet)
Default Authentication and
Authorization
.........................280
8.2.5.5
Step
5:
Configure the AAA
Model: Authentication
............281
8.2.5.6
Step
6:
Apply Authentication
to VTY
....................................281
8.2.5.7
Step
7:
Apply Authentication
to the Console
........................282
8.2.5.8
Step
8:
Test the Console and
Telnet Authentication
.............282
8.2.5.9
Step
9:
Configure the AAA
Model: Authorization
...............283
8.2.5.10
Step
10:
Apply Authorization
to VTY
....................................283
8.2.5.11
Step
11 :
Apply Authorization
to the Console
........................284
8.2.5.12
Step
12:
Test the Console
and Telnet Authorization
.......284
8.2.5.13
Step
13:
Configure Console
Logging
...................................285
8.3
Lab
8.2:
Secure Network Services
.........................286
8.3-1
Outcome
...................................................286
8.3-2
Description
................................................286
8.3-3
Experiment
...............................................288
Contents ■ xix
8.3.4 Network
Architecture..............................
288
8.3.5 Experiment Steps......................................289
8.3-5.1 Step 1:
Initialization of the
PC
and Router
........................289
8.3.5.2
Step
2:
Sniff ICMP Traffic
.......291
8.3.5.3
Step
3:
Sniff Telnet Traffic
......293
8.3.5.4
Step
4:
Sniff SSH Traffic
.........297
8.3.5.5
Step
5:
Sniff HTTP Traffic
......299
8.3.5.6
Step
6:
Sniff HTTPS Traffic
....301
8.4
Lab
8.3:
Packet Filtering on a Border Router
........303
8.4.1
Outcome
...................................................303
8.4.2
Description
................................................303
8.4.3
Experiment
................................................305
8.4.4
Network Architecture
...............................305
8.4.5
Experiment Steps
......................................305
8.4.5.1
Step
1:
Basic Router Set-Up
Commands
.............................306
8.4.5.2
Step
2:
Enable Buffered
Logging at the Debug Level...
306
8.4.5.3
Step
3:
Initialize Routers
and PCs: IPs and
Hostnames
.............................307
8.4.5.4
Step
4:
Run Dynamic
Routing: OSPF Area
0
with
Redistribution
.........................311
8.4.5.5
Step
5:
Run HTTP and
Telnet Servers on Both
Routers
....................................315
8.4.5.6
Step
6:
Implement the
Security Policies on Border
Router FW
..............................318
8.4.5.7
Step
7:
Test the Security
Policies Created in Step
6......320
8.5
Chapter Summary
..................................................323
xx ■ Contents
9 Site-to-Site
VPN
Tunnel Implementation
against
Eavesdropping Attacks
........................................325
9.1
Introduction
...........................................................325
9.1.1
IKE Protocol Phases
.................................327
9.1.2
IPsec
Modes
..............................................328
9.1.3
IPsec
Protocols
..........................................328
9.1.4
VPN Types
................................................328
9.2
Lab
9.1:
Site-to-Site VPN
—
First Implementation
.... 329
9.2.1
Outcome
...................................................329
9.2.2
Description
................................................330
9.2.3
Experiment
................................................330
9.2.3.1
Step
1:
Reset the Firewall to
the Default Setting
..................331
9.2.3.2
Step
2:
Assign IP Addresses
of the Machines and the
Firewall Interfaces for Both
Sites
.........................................332
9.2.3.3
Step
3:
Assign the Network
IP Addresses of the Two
LANs
(ΑΙ
-Ain
and Dubai)
for Both Sites
..........................338
9.2.3.4
Step
4:
Configure the VPN
from the Al-Ain Site to the
Dubai Site, and Vice Versa
.....341
9.2.3.5
Step
5:
Route from the
Al-Ain Site to the Dubai Site
Gateway, and Vice Versa
.......346
9.2.3.6
Step
6:
Set the Policies for
Both Sites
................................348
9.2.3.7
Step
7:
Ping from Al-Ain
to Dubai, and Vice Versa,
to Test VPN Tunnel
Establishment
.........................351
9.2.3.8
Step
8:
Verify VPN Tunnel
Establishment
.........................351
Contents ■ xxi
9.3 Lab 9.2: Site-to-Site VPN —
Second
Implementation......................................................353
9.3.1
Outcome
...................................................353
9.3.2
Description................................................
353
9.3.3
Experiment................................................353
9.3.3.1
Step 1:
Reset the
Firewall
to
the Default Setting for Both
Sites
.........................................354
9.3.3.2
Step
2:
Assign IP Addresses
to the Machines and the
Firewall Interface for Both
Sites
.........................................355
9.3.3.3
Step
3:
Define the Traffic
That Must Be Protected
.........356
9.3.3.4
Step
4:
Create a Static Route
from the
ΑΙ
-Ain
Site to the
Dubai Site, and Vice Versa
.....357
9.3.3.5
Step
5:
Enable IKE Protocol
at Both Sites
...........................357
9.3.3.6
Step
6:
Define the Phase
1
Parameters of IKE
..................358
9.3.3.7
Step
7:
Define the Pre-
Shared Key That Will Be
Used by Both Sites
.................358
9.3.3.8
Step
8:
Define the IKE
Phase
2
Parameters of the
IPsec
Protocol
.........................359
9.3.3.9
Step
9:
Bind the Parameters
of the Two Phases with
Each Other
.............................359
9.3.3.10
Step
10:
Apply the Crypto
Map on the Outside
Interface (GigabitEthernet
0/0)..........................................360
xxii ■ Contents
9.3.3.11
Step
11:
Ping from the
Al-Ain Site to the Dubai
Site, and Vice Versa
................
З6О
9.3.3.12
Step
12:
Study the
Parameters That Are Set in
the Security Association
.........
Зб1
9.4
Chapter Summary
..................................................365
10
Remote Access VPN Tunnel Implementation
against Eavesdropping Attacks
...........................367
10.1
Introduction
...........................................................
Зб7
10.2
Lab
10.1:
Remote Access VPN
—
First
Implementation
......................................................369
10.2.1
Outcome
...................................................369
10.2.2
Description
................................................369
10.2.3
Experiment
................................................370
10.2.3.1 Step
1:
Reset the Firewall to
the Default Setting
..................371
10.2.3.2
Step
2:
Assign IP Addresses
to the Machines and the
Firewall Interface
....................371
10.2.3.3
Step
3:
Create Users
...............375
10.2.3.4
Step
4:
Configure the
Phase
1
Proposal
....................378
10.2.3.5
Step
5:
Configure the
Phase
2
Proposal
....................380
10.2.3.6
Step
6:
Create the Security
Policy
......................................381
10.2.3.7
Step
7:
Configure the
Juniper NetScreen Remote
VPN Client and Test the
Connectivity
...........................382
10.2.3.8
Step
8:
Verify VPN Tunnel
Establishment
.........................391
Contents ■ xxiii
10.3 Lab 10.2: Remote Access VPN —
Second
Implementation......................................................392
10.3.1
Outcome
...................................................392
10.3.2
Description................................................
392
10.3.3 Experiment................................................392
10.3.3.1 Step 1:
Reset the
Firewall
to
the Default Setting
..................394
10.3.3.2
Step
2:
Assign IP Addresses
to the Machines and the
Firewall Interfaces
..................394
10.3.3.3
Step
3:
Choose the VPN
Tunnel Type That Is Remote
Access and Select the
Remote Access Clients
...........397
10.3.3.4
Step
4:
Specify the VPN
Tunnel Group Name and
Authentication Method
...........399
10.3.3.5
Step
5:
Configure User
Accounts
................................400
10.3.3.6
Step
6:
Configure the Pool
of Addresses
...........................401
10.3-3.7
Step
7:
Configure the Client
Attributes
................................401
10.3.3.8
Step
8:
Configure the IKE
Policy
......................................402
10.3.3.9
Step
9:
Configure
IPsec
Encryption and
Authentication Parameters
.....402
10.3.3.10
Step
10:
Address Translation
Exception and Split
Tunneling
................................403
10.3.3.11 Step
11:
Install Cisco VPN
Client Software
.......................404
xxiv ■ Contents
10.3.3.12
Step
12:
Launch the
Software and Test the
Connectivity
...........................405
10.3.3.13
Step
13:
Verify VPN Tunnel
Establishment
.........................410
10.3.3.14
Step
14:
Monitor the VPN
Tunnel in the ASA
..................412
10.4
Chapter Summary
..................................................419
Index
.......................................................................................421
|
| any_adam_object | 1 |
| building | Verbundindex |
| bvnumber | BV040795679 |
| callnumber-first | T - Technology |
| callnumber-label | TK5105 |
| callnumber-raw | TK5105.59 |
| callnumber-search | TK5105.59 |
| callnumber-sort | TK 45105.59 |
| callnumber-subject | TK - Electrical and Nuclear Engineering |
| classification_rvk | ST 276 ST 277 |
| ctrlnum | (OCoLC)835326249 (DE-599)BVBBV040795679 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01697nam a2200445zc 4500</leader><controlfield tag="001">BV040795679</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20131212 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">130305s2013 xxua||| |||| 00||| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2012030746</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781466517943</subfield><subfield code="c">hardcover : alk. paper</subfield><subfield code="9">978-1-4665-1794-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1466517948</subfield><subfield code="c">hardcover : alk. paper</subfield><subfield code="9">1-4665-1794-8</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)835326249</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV040795679</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-473</subfield><subfield code="a">DE-1050</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK5105.59</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Network attacks and defenses</subfield><subfield code="b">a hands-on approach</subfield><subfield code="c">Zouheir Trabelsi ... [et al.]</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boca Raton [u.a.]</subfield><subfield code="b">CRC Press</subfield><subfield code="c">2013</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xxxi, 443 p.</subfield><subfield code="b">ill</subfield><subfield code="c">24 cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">"An Auerbach book".</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer network</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Rechnernetz</subfield><subfield code="0">(DE-588)4070085-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Rechnernetz</subfield><subfield code="0">(DE-588)4070085-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Trabelsi, Zouheir</subfield><subfield code="e">Sonstige</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Bamberg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025775885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-025775885</subfield></datafield></record></collection> |
| id | DE-604.BV040795679 |
| illustrated | Illustrated |
| indexdate | 2024-07-10T00:34:02Z |
| institution | BVB |
| isbn | 9781466517943 1466517948 |
| language | English |
| lccn | 2012030746 |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-025775885 |
| oclc_num | 835326249 |
| open_access_boolean | |
| owner | DE-473 DE-BY-UBG DE-1050 |
| owner_facet | DE-473 DE-BY-UBG DE-1050 |
| physical | xxxi, 443 p. ill 24 cm |
| publishDate | 2013 |
| publishDateSearch | 2013 |
| publishDateSort | 2013 |
| publisher | CRC Press |
| record_format | marc |
| spelling | Network attacks and defenses a hands-on approach Zouheir Trabelsi ... [et al.] Boca Raton [u.a.] CRC Press 2013 xxxi, 443 p. ill 24 cm txt rdacontent n rdamedia nc rdacarrier "An Auerbach book". Includes bibliographical references and index Computer network Security measures Computersicherheit (DE-588)4274324-2 gnd rswk-swf Rechnernetz (DE-588)4070085-9 gnd rswk-swf Rechnernetz (DE-588)4070085-9 s Computersicherheit (DE-588)4274324-2 s DE-604 Trabelsi, Zouheir Sonstige oth Digitalisierung UB Bamberg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025775885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Network attacks and defenses a hands-on approach Computer network Security measures Computersicherheit (DE-588)4274324-2 gnd Rechnernetz (DE-588)4070085-9 gnd |
| subject_GND | (DE-588)4274324-2 (DE-588)4070085-9 |
| title | Network attacks and defenses a hands-on approach |
| title_auth | Network attacks and defenses a hands-on approach |
| title_exact_search | Network attacks and defenses a hands-on approach |
| title_full | Network attacks and defenses a hands-on approach Zouheir Trabelsi ... [et al.] |
| title_fullStr | Network attacks and defenses a hands-on approach Zouheir Trabelsi ... [et al.] |
| title_full_unstemmed | Network attacks and defenses a hands-on approach Zouheir Trabelsi ... [et al.] |
| title_short | Network attacks and defenses |
| title_sort | network attacks and defenses a hands on approach |
| title_sub | a hands-on approach |
| topic | Computer network Security measures Computersicherheit (DE-588)4274324-2 gnd Rechnernetz (DE-588)4070085-9 gnd |
| topic_facet | Computer network Security measures Computersicherheit Rechnernetz |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025775885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT trabelsizouheir networkattacksanddefensesahandsonapproach |