Chapter 1 Modern Network Security Threats 1
1.0 Introduction 1
1.1 Fundamental Principles of a Secure Network 2
1.1.1 Evolution of Network Security 2
1.1.1.1 Code Red Worm Attack 2
1.1.1.2 Evolution of Security Threats 2
1.1.1.3 Evolution of Network Security Tools 3
1.1.1.4 Threats to Networks 4
1.1.1.5 Encryption and Cryptography 4
1.1.2 Drivers for Network Security 5
1.1.2.1 The Hacker 5
1.1.2.2 Evolution of Hacking 5
1.1.2.3 First Network Attacks 6
1.1.2.4 Network Security Professionals 6
1.1.3 Network Security Organizations 7
1.1.3.1 Network Security Organizations 7
1.1.3.2 SANS Institute 7
1.1.3.3 CERT 8
1.1.3.4 (ISC)2 8
1.1.3.5 RSS 9
1.1.4 Domains of Network Security 9
1.1.4.1 Network Security Domains 9
1.1.4.2 Security Policy 10
1.1.5 Network Security Policies 10
1.1.5.1 Network Security Policy 10
1.1.5.2 Cisco SecureX Architecture 10
1.1.5.3 Cisco SecureX Product Categories 11
1.1.5.4 Network Security Policy Objectives 11
1.2 Viruses, Worms, and Trojan horses 11
1.2.1 Viruses 11
1.2.1.1 Primary Vulnerabilities for End User Devices 11
1.2.1.2 Comparison of a Human Virus and a Computer Virus 12
1.2.2 Worms 12
1.2.2.1 Worms 12
1.2.2.2 Worm Components 13
1.2.2.3 Worm and Virus Exploit Comparison 13
1.2.3 Trojan horses 14
1.2.3.1 Trojan Horse Concept 14
1.2.3.2 Trojan Horse Classifications 15
1.2.4 Mitigating Viruses, Worms, and Trojan Horses 15
1.2.4.1 Buffer Overflows 15
1.2.4.2 Antivirus Software 15
1.2.4.3 Worm Mitigation 16
1.2.4.4 SQL Slammer Worm 16
1.3 Attack Methodologies 17
1.3.1 Reconnaissance Attacks 17
1.3.1.1 Types of Attacks 17
1.3.1.2 Types of Reconnaissance Attacks 18
1.3.1.3 Packet Sniffer 18
1.3.1.4 Ping Sweeps and Port Scans 18
1.3.1.5 Mitigating Reconnaissance Attacks 19
1.3.2 Access Attacks 19
1.3.2.1 Access Attacks 19
1.3.2.2 Types of Access Attacks 20
1.3.2.3 Mitigating Access Attacks 20
1.3.3 Denial of Service Attacks 21
1.3.3.1 DoS Attacks 21
1.3.3.2 DoS and DDoS 21
1.3.3.3 Types of DoS Attacks 22
1.3.3.4 DoS Attack Symptoms 22
1.3.4 Mitigating Network Attacks 23
1.3.4.1 Mitigating Network Attacks 23
1.3.4.2 Mitigating Reconnaissance Attacks 23
1.3.4.3 Mitigating Access Attacks 24
1.3.4.4 Mitigating DoS Attacks 24
1.3.4.5 Defending the Net...