Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Standard view
Full view
of .
Look up keyword or section
Like this

Table Of Contents

Chapter 1. Introduction
1.1 Security framework - Overview
1.2 Security framework - Planning
1.3 Security framework - Architecture
1.4 Security framework - Implementation
1.5 Security framework - Monitoring
1.6 Security framework - Incident response
1.7 Next steps
Chapter 2. Firewalls
2.1 Misconceptions about firewalls
2.2 Types of firewalls
• Static packet filter firewalls
• Circuit level firewalls
2.2.1 Static packet filter firewalls
2.2.2 Circuit level firewalls
2.2.3 Application layer (proxy) firewalls
2.2.4 Dynamic packet filter firewalls
2.2.5 Comparison between the different types
2.3 Firewall designs
2.3.1 Basic firewall design
2.3.2 Firewalls with demilitarized zone (DMZ)
2.3.3 Compartmentalized firewall environment design
2.4 Securing firewalls
2.5 Firewalls on AIX
Chapter 3. Check Point FireWall-1
3.1 FireWall-1 features
3.2 Complementary software for FireWall-1
3.3 Securing FireWall-1
3.3.1 Closing vulnerabilities during system startup
3.3.2 Managing FireWall-1 logs
3.3.3 Securing FireWall-1 default configurations
3.3.4 Creating a useful rulebase
3.3.5 Viewing connections
3.3.6 Enabling other defense mechanisms
3.4 List of ports that Check Point FireWall-1 uses
Chapter 4. IBM Secureway Firewall
4.1 IBM Secureway Firewall features
4.2 Complimentary software for IBM Secureway Firewall
4.3 Firewall hardening
4.4 Network Security Auditor (NSA)
4.4.1 Installing NSA
4.4.2 Using NSA
4.4.3 Interpreting NSA output
Chapter 5. Secure remote access
5.1 Secure Shell (ssh)
5.1.1 Obtaining SSH
5.1.2 Difference between SSH1 and SSH2
5.1.3 Key concepts of SSH
5.1.4 Installing OpenSSH on AIX
5.1.5 OpenSSH using SSH1
5.1.6 OpenSSH using SSH2
5.1.7 Other interesting SSH daemon configuration options
5.1.8 SSH2 interoperability between OpenSSH and SSH.Com
5.1.9 SSH clients for the PC
5.1.10 Implications of having SSH
5.1.11 Alternatives to SSH
5.2 TCP Wrapper
5.2.1 Obtaining and installing TCP Wrapper
5.2.2 Configuring TCP Wrapper
Chapter 6. Port and network scanning
6.1 fping
6.1.1 Obtaining and installing fping
6.1.2 Using fping
6.1.3 Protection against ping sweeps
6.2 Network Mapper (NMAP)
6.2.1 Obtaining and installing nmap
6.2.2 Nmap usage
6.2.3 Protection against port scanners
6.3 Security Administrator's Integrated Network Tool (SAINT)
6.3.1 Obtaining and installing SAINT
6.3.2 Using SAINT
6.4 PortSentry
6.4.1 Obtaining and installing PortSentry
6.4.2 Defense provided by PortSentry
6.5 List Open Files (lsof)
6.5.1 Installing lsof
6.5.2 Using lsof
6.6 Intrusion detection
Chapter 7. System and data integrity
7.1 Tripwire
7.1.1 Obtaining and installing Tripwire
7.1.2 Configuring and using Tripwire
7.1.3 Configuring Tripwire
7.1.4 Comments on configuration
7.1.5 When should Tripwire be run
7.1.6 Alternatives to Tripwire
7.2 John the Ripper
7.2.1 Obtaining and installing John the Ripper
7.2.2 Configuring John the Ripper
7.2.3 Using John the Ripper
7.3 Pretty Good Privacy (PGP)
7.3.1 PGP basics
7.3.2 Obtaining and installing PGP
7.3.3 Using PGP
7.3.4 Protecting your private key
7.4 MD5
7.4.1 Ensuring the integrity of downloads
Chapter 8. Securing AIX
8.1 Overview
8.2 Step 1: Remove unnecessary services
8.2.1 Removing entries from /etc/inittab
8.2.2 Removing entries from /etc/rc.tcpip
8.2.3 Removing entries from /etc/inetd.conf
8.3 Step 2: Tighten configurations of remaining services
8.3.1 Domain Name System (DNS)
8.3.2 Network File System and Network Information Service
8.3.3 Simple Mail Transfer Protocol (SMTP)
8.3.4 Simple Network Management Protocol (SNMP)
8.3.5 Trivial File Transfer Protocol (TFTP)
8.3.6 Securing X11
8.3.7 File Transfer Protocol (ftp)
8.3.8 Protecting TCP services using SOCKS
8.4 Step 3: Set proper network (no) options
8.4.1 SYN attack protection
8.4.2 Broadcast protection
8.4.3 IP routing options
8.5 Step 4: Tighten up user accounts
8.5.1 Removing unnecessary default accounts
8.5.2 Setting user attributes
8.5.3 Securing root
8.5.4 Other attributes
8.6 Step 5: Set up strong password policy
8.6.1 Modifying user password attributes
8.6.2 Password cracker utility
8.7 Step 6: Install additional security tools
8.8 Step 7: Monitor logs, audit trails, and system behavior
8.8.1 Monitor system logs
8.8.2 Enable auditing
8.8.3 Monitor files and directories
8.8.4 Monitor cron and at jobs
Appendix A. NSA Scan Options
Appendix B. Script used to scan a network with fping
Appendix C. Script to merge the AIX passwd files
Appendix D. Special notices
Appendix E. Related publications
E.1 IBM Redbooks
E.2 IBM Redbooks collections
E.3 Other resources
E.4 Referenced Web sites
How to get IBM Redbooks
IBM Redbooks fax order form
IBM Redbooks review
0 of .
Results for:
No results containing your search query
P. 1


|Views: 2,496|Likes:
Published by thomas926

More info:

Published by: thomas926 on Mar 16, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 4 to 93 are not shown in this preview.
You're Reading a Free Preview
Pages 96 to 260 are not shown in this preview.

Activity (10)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Francisco Melendez liked this
amendoados liked this
vaibhav_phatarpekar liked this
Moh Said liked this
Paul Njoroge liked this
Joaquin Labrador liked this
Semo Saleh liked this
Sree Sreedhar liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->