- VoIP Threat Taxonomy
- Sep 24, 2008
- This chapter categorizes the main threats against VoIP service and explains their impact and possible methods of protection.
- Attacking and Defending the Internet with Border Gateway Protocol (BGP)
- Aug 25, 2008
- Carolyn Meinel explains how sysadmins can take advantage of resources offered by several organizations to detect and defeat BGP problems.
- The Building Blocks in a Cisco NAC Appliance Design
Alok Agrawal, Jamey Heary, Jerry Lin, Chad Sullivan
- Jul 8, 2008
- This chapter focuses on the building blocks available with the Cisco NAC Appliance solution.
- Security Features on Switches
- Jul 4, 2008
- This chapter describes Layer 2 security basics and security features on switches available to combat network security threats.
- Securing the Cisco Security Monitoring, Analysis, and Response System
Gary Halleen, Greg Kellogg
- Jul 3, 2008
- This chapter describes recommendations for securing MARS appliances, both physically and electronically.
- Securing Wireless Networks
Jim Doherty, Neil Anderson, MAGGIORA & DOHERTY
- Jul 2, 2008
- This chapter discusses wireless security, including a checklist for securing Wi-Fi.
- Identifying and Classifying Network Security Threats
- Jun 26, 2008
- This chapter presents several best practices and methodologies you can use to successfully and quickly identify and classify security threats and anomalies in the network.
- IP Network Traffic Plane Security Concepts
Gregg Schudel, David J. Smith
- Jun 18, 2008
- This chapter introduces the concepts of defense in depth and breadth as applied to IP traffic plane security.
- SSL VPN Design Considerations
Jazib Frahim, Qiang Huang
- Jun 10, 2008
- This chapter discusses design issues you should consider when you build a Secure Socket Layer (SSL) Virtual Private Network (VPN) solution.
- Attacking the Spanning Tree Protocol
Eric Vyncke, Christopher Paggen
- Jun 4, 2008
- Conducting STP attacks is now within the reach of a wide population, thanks to the availability of point-and-shoot attacks tools. Fortunately, simple features widely available on a range of switches, such as BPDU-guard, provide effective measures against spanning-tree–based exploits.
- SSH Security Primer: Server Security Settings
- Feb 23, 2007
- John Tränkenschuh describes the settings and implementation details important to your OpenSSH server installation. Because an OpenSSH server functions as a VPN gateway as much as a means to transfer files and invoke commands remotely, it's important to get this right.
- SSH Security Primer: Client Security
- Feb 16, 2007
- John Tränkenschuh provides a quick survey of SSH client security issues and suggested configurations for the reference SSH distribution, OpenSSH.
- Broadband Routers and Firewalls
Ido Dubrawsky, Wes Noonan
- Nov 17, 2006
- Building a Human Firewall: Raising Awareness to Protect Against Social Engineering
- Oct 27, 2006
- Thierry Wohnlich proposes an alternate view of information security awareness, a view that takes into consideration the reasons behind the need for awareness, and discusses the role of the individuals in relation to information technology.
- Creating Custom Policies for the Cisco Security Agent
Chad Sullivan, Jeff Asher, Paul Mauvais
- Jul 14, 2006
- Creating your own policies is a major part of operating a successful CSA deployment. To accomplish this, you must thoroughly understand the components available to you and the methods of research available. Understanding the rule types and the events caused by those rules helps you move forward in your deployment and perform day-to-day support. A solid grasp of the fundamentals and advanced components not only makes you an effective administrator but also an efficient one. This chapter will help you get started with this.
- Troubleshooting Cisco Secure ACS on Windows
- Jun 16, 2006
- Cisco Secure Access Control Server, which is known as CS ACS, fills the server-side requirement of the Authentication, Authorization, and Accounting (AAA) client server equation. For many security administrators, the robust and powerful AAA engine, along with CS ACS's ability to flexibly integrate with a number of external user databases, makes the CS ACS software the first and sometimes only choice for an AAA server-side solution. This chapter explores CS ACS in detail and walks you through troubleshooting steps. The chapter focuses on the approach required to troubleshoot any issue efficiently, either with the CS ACS software itself or with the whole AAA process.
- Penetration Testing and Network Defense: Performing Host Reconnaissance
Andrew Whitaker, Daniel Newman
- Jun 2, 2006
- Malicious hackers also value reconnaissance as the first step in an effective attack. For them, seeing what is on the "other side of the hill" is crucial to knowing what type of attack to launch. Although penetration testers might not always have the luxury of time that a malicious hacker might have, they do recognize the value of reconnaissance. This chapter will help you develop network reconnaissance skills to help you protect your network from intrusion.
- Intrusion Prevention: Signatures and Actions
Earl Carter, Jonathan Hogue
- May 26, 2006
- Attack signatures have been around for long enough that the definition should be universally understood, but that's not the case. Simply put, an IPS signature is any distinctive characteristic that identifies something. Using this definition, all IPS products use signatures of some kind, regardless of what the product descriptions claim. To find something and stop it, you must be able to identify it, and for you to identify it, it must display a distinct characteristic. This chapter introduces you to the concept of signatures.
- Home Network Router Security Secrets
- Apr 7, 2006
- Ever delve inside your home network routers and use the hidden security settings that can lock down a network nice and tight? Most people never do. Andy Walker reveals 10 secrets on how to easily access your router's security settings.
- A Student-Hacker Showdown at the Collegiate Cyber Defense Competition
- Mar 31, 2006
- Students-turned-IT managers faced off against experienced hackers at the Mid-Atlantic Regional Collegiate Cyber Defense Competition. Seth Fogie witnessed this real-world competition and reports on its unexpected twists, turns, and even drama.