Wireless Operational Security (eBook)
468 Seiten
Elsevier Science (Verlag)
978-0-08-052119-0 (ISBN)
*Presents a new WISDOM model for Wireless Security Infrastructures
*Acts as a critical guide to implementing Converged Networks wired/wireless with all necessary security considerations
*Rittinghouse's Cybersecurity Operations Handbook is the only security book recommended by the FCC
This comprehensive wireless network book addresses the operational and day-to-day security management requirements of 21st century companies. Wireless networks can easily be reconfigured, are very mobile, allow for potentially nonstop exposure, and require the level of security be scrutinized even more than for wired networks. This includes inherent security flaws in various wireless architectures that result in additional risks to otherwise secure converged wired networks. An even worse scenario is one where an insecure wireless network is connected to a weakly secured or insecure wired network and the wireless subnet is not separated from the wired subnet. There are approximately a dozen popular books that cover components of the architecture, design, theory, issues, challenges, and recommended policies for wireless security, none of which address them in a practical, operationally-oriented and comprehensive way. Wireless Operational Security bridges this gap.*Presents a new "e;WISDOM"e; model for Wireless Security Infrastructures*Acts as a critical guide to implementing "e;Converged Networks"e; wired/wireless with all necessary security considerations*Rittinghouse's Cybersecurity Operations Handbook is the only security book recommended by the FCC
Front Cover 1
Wireless Operational Security 4
Copyright Page 5
Contents 6
List of Figures and Tables 16
Foreword 18
Preface 20
Acknowledgments 26
Section I: General Network Security 28
Chapter 1. Basic Concepts 30
1.1 Threats to personal privacy 31
1.2 Fraud and theft 31
1.3 Internet fraud 32
1.4 Employee sabotage 34
1.5 Infrastructure attacks 35
1.6 Malicious hackers 35
1.7 Malicious coders 36
1.8 Industrial espionage 36
1.9 Social engineering 39
1.10 Privacy standards and regulations 43
1.11 Endnotes 48
Chapter 2. Managing Access 50
2.1 Access control 50
2.2 Password management 65
2.3 Endnotes 71
Chapter 3. Setting Up Defenses 74
3.1 Foundations of information assurance 74
3.2 Defense-in-Depth strategy 79
3.3 The Common Criteria Model 83
3.4 Security architecture 84
3.5 Operations security 86
3.6 Host-based intrusion detection 87
3.7 Network-based intrusion detection efforts 93
3.8 Endnotes 95
Chapter 4. Incident Management 96
4.1 Overview of RFC 2196 (Site Security Handbook) 96
4.2 Incident handling process overview 97
4.3 Endnotes 111
Chapter 5. Securing Web Applications 112
5.1 Applications development security 112
5.2 Endnotes 120
Chapter 6. Security and the Law 122
6.1 The 1996 National Information Infrastructure Protection Act 122
6.2 President’s Executive Order on critical infrastructure protection 123
6.3 The USA Patriot Act of 2001 124
6.4 The Homeland Security Act of 2002 128
6.5 Changes to existing laws 128
6.6 Investigations 139
6.7 Ethics 140
6.8 Endnotes 141
Section II: Wireless Network Security 142
Chapter 7. Wireless Networking Basics 144
7.1 Wireless local area networks 144
7.2 Mobile security 156
7.3 Encryption schemes in WLANs 177
7.4 Endnotes 183
Chapter 8. WLAN Policy and Risk Management 186
8.1 Purpose and goals of WLAN security policies 186
8.2 Basic approach to WLAN security and policy development 187
8.3 WLAN risk management 204
8.4 Risks to wired networks from wireless networks 208
8.5 Security issues for wireless public-access network use 209
8.6 Sample WLAN security checklist 210
8.7 Creating WLANs in public space 214
8.8 Designs for scalable and secure WLAN solutions 215
8.9 Endnotes 217
Chapter 9. WLAN Intrusion Process 218
9.1 Pro.ling to select a target or gather information 218
9.2 Social engineering 219
9.3 Searching publicly available resources 220
9.4 War-driving, -walking, -flying, and -chalking 221
9.5 Exploitable WLAN configurations 226
9.6 How intruders obtain network access to a WLAN 226
9.7 Password gathering and cracking software 232
9.8 Share enumerators 236
9.9 Using antennas and WLAN equipment 237
9.10 Denial-of-service attacks and tools 237
9.11 Rogue devices as exploitation tools 240
9.12 Other useful tools and techniques 242
9.13 Use of malicious code or life insertion in WLANs 244
9.14 Security vulnerabilities with public-access wireless networks 247
9.15 Weaknesses in existing security solutions 248
9.16 Endnotes 249
Chapter 10. WLAN Risk and Threat Mitigation 250
10.1 Mitigating static WEP risks with TKIP 250
10.2 Using dynamic WEP (802.1x and EAP) to address 254
10.3 VPNs in a WLAN environment 267
10.4 Enhancing WLAN security 287
10.5 Other WLAN security issues 297
10.6 Conclusion 298
10.7 Endnotes 299
Chapter 11. Additional WLAN Security Solutions 302
11.1 Intrusion detection systems 302
11.2 Security advantages of thin clients in a wireless environment 307
11.3 Using DHCP services for authentication 307
11.4 Baselining 309
11.5 Using Kerberos, RADIUS, and LDAP for WLAN authentication 310
11.6 Multifactor authentication 328
11.7 802.11i and WiFi protected access 329
11.8 Conclusion 332
11.9 Endnotes 332
Chapter 12. WISDOM for WLAN Practitioners 336
12.1 Risk assessments revisited 336
12.2 Costs of securing WLANs 337
12.3 WLAN threat and impact analysis 339
12.4 WLAN security management considerations 340
12.5 Applying WISDOM to WLAN security 342
12.6 Conclusion 382
12.7 Endnotes 383
Glossary 384
A Wireless Policy Essentials 410
A.1 Wireless position statement 410
A.2 ABC Inc. InfoSec Risk Assessment Policy 414
A.3 ABC Inc. InfoSec Audit Policy 416
A.4 ABC Inc. InfoSec Acceptable Use Policy 418
A.5 ABC Inc. InfoSec Network Policy 424
A.6 ABC Inc. InfoSec De-Militarized Zone (DMZ) Policy 429
A.7 ABC Inc. InfoSec Router Policy 434
A.8 ABC Inc. InfoSec Extranet Policy 436
A.9 ABC Inc. InfoSec Remote Access Policy 440
A.10 ABC Inc. InfoSec Dial-In Access Policy 445
A.11 ABC Inc. InfoSec VPN Communication Policy 447
A.12 ABC Inc. InfoSec Wireless Communication Policy 450
A.13 ABC Inc. InfoSec Server Policy 452
A.14 ABC Inc. InfoSec Password Policy 456
A.15 ABC Inc. InfoSec Application Password Policy 461
A.16 ABC Inc. InfoSec Anti-Virus Policy 465
A.17 ABC Inc. InfoSec Policy Exception Form 467
B Wireless-related Legislative Links 468
C Additional WLAN References 470
C.1 Other WLAN Interest Items 472
C.2 Security Risks and Legal Protections Recap 473
C.3 Endnotes 478
Index 480
| Erscheint lt. Verlag | 1.5.2004 |
|---|---|
| Sprache | englisch |
| Themenwelt | Sachbuch/Ratgeber |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Informatik ► Theorie / Studium ► Kryptologie | |
| Technik ► Elektrotechnik / Energietechnik | |
| Technik ► Nachrichtentechnik | |
| ISBN-10 | 0-08-052119-3 / 0080521193 |
| ISBN-13 | 978-0-08-052119-0 / 9780080521190 |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Größe: 3,0 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
