Preface
        Audience
        Terminology
        Organization
        Errata to Be
        Acknowledgments

Part I Getting Started

Chapter 1 Introduction
        1.1 Why Security?
        1.2 Picking a Security Policy
        1.3 Strategies for a Secure Network
        1.4 The Ethics of Computer Security
        1.5 WARNING

Chapter 2 An Overview of TCP/IP
        2.1 The Different Layers
        2.2 Routers and Routing Protocols
        2.3 The Domain Name System
        2.4 Standard Services
        2.5 RPC-based Protocols
        2.6 File Transfer Protocols
        2.7 The ``r'' Commands
        2.8 Information Services
        2.9 The X11 System
        2.10 Patterns of Trust

Part II Building Your Own Firewall

Chapter 3 Firewall Gateways
        3.1 Firewall Philosophy
        3.2 Situating Firewalls
        3.3 Packet-Filtering Gateways
        3.4 Application-Level Gateways
        3.5 Circuit-Level Gateways
        3.6 Supporting Inbound Services
        3.7 Tunnels Good and Bad
        3.8 Joint Ventures
        3.9 What Firewalls Can't Do

Chapter 4 How to Build an Application-Level Gateway
        4.1 Policy
        4.2 Hardware Configuration Options
        4.3 Initial Installation
        4.4 Gateway Tools
        4.5 Installing Services
        4.6 Protecting the Protectors
        4.7 Gateway Administration
        4.8 Safety Analysis---Why Our Setup Is Secure and Fail-Safe
        4.9 Performance
        4.10 The TIS Firewall Toolkit
        4.11 Evaluating Firewalls
        4.12 Living Without a Firewall

Chapter 5 Authentication
        5.1 User Authentication
        5.2 Host-to-Host Authentication

Chapter 6 Gateway Tools
        6.1 Proxylib
        6.2 Syslog
        6.3 Watching the Network: Tcpdump and Friends
        6.4 Adding Logging to Standard Daemons

Chapter 7 Traps, Lures, and Honey Pots
        7.1 What to Log
        7.2 Dummy Accounts
        7.3 Tracing the Connection

Chapter 8 The Hacker's Workbench
        8.1 Introduction
        8.2 Discovery
        8.3 Probing Hosts
        8.4 Connection Tools
        8.5 Routing Games
        8.6 Network Monitors
        8.7 Metastasis
        8.8 Tiger Teams
        8.9 Further Reading

Part III A Look Back

Chapter 9 Classes of Attacks
        9.1 Stealing Passwords
        9.2 Social Engineering
        9.3 Bugs and Backdoors
        9.4 Authentication Failures
        9.5 Protocol Failures
        9.6 Information Leakage
        9.7 Denial-of-Service

Chapter 10 An Evening with Berferd
        10.1 Introduction
        10.2 Unfriendly Acts
        10.3 An Evening with Berferd
        10.4 The Day After
        10.5 The Jail
        10.6 Tracing Berferd
        10.7 Berferd Comes Home

Chapter 11 Where the Wild Things Are: A Look at the Logs
        11.1 A Year of Hacking
        11.2 Proxy Use
        11.3 Attack Sources
        11.4 Noise on the Line

Part IV Odds and Ends

Chapter 12 Legal Considerations
        12.1 Computer Crime Statutes
        12.2 Log Files as Evidence
        12.3 Is Monitoring Legal?
        12.4 Tort Liability Considerations

Chapter 13 Secure Communications over Insecure Networks
        13.1 An Introduction to Cryptography
        13.2 The Kerberos Authentication System
        13.3 Link-Level Encryption
        13.4 Network- and Transport-Level Encryption
        13.5 Application-Level Encryption

Chapter 14 Where Do We Go from Here?

Appendix A Useful Free Stuff
        A.1 Building Firewalls
        A.2 Network Management and Monitoring Tools
        A.3 Auditing Packages
        A.4 Cryptographic Software
        A.5 Information Sources

Appendix B TCP and UDP Ports
        B.1 Fixed Ports
        B.2 MBone Usage

Appendix C Recommendations to Vendors
        C.1 Everyone
        C.2 Hosts
        C.3 Routers
        C.4 Protocols
        C.5 Firewalls

Bibliography

List of Bombs

Index