Enterprise Security: The Manager's Defense Guide

First came Melissa. Then the I Love You virus. Then Code Red and Nimda. The cumulative effects of these successfully orchestrated attacks are taking their toll on the Internet economy. At a minimum, users are frustrated and their confidence is shaken. On the other end of the scale, these attacks can be devastating from a financial standpoint. It is easy to see that providing enterprise security is a critical and potentially overwhelming task, but managers have no excuse for not being prepared. The technologies of the Internet remain a significant drawing card to the business community. So what is the IT manager to do? The challenge is in devising an enterprise security strategy that will defend against all forms of attack. This book is precisely the guide that managers need. Enterprise Security allows the manager to analyze their infrastructure, spot potential weaknesses, and build a formidable defense. Written for professionals charged with defending enterprises, whether large or small, this book provides state-of-the-art guidelines and key advice for making sure that your organization's enterprise is well guarded.

Table of Contents:
Preface. I. THE FORGING OF A NEW ECONOMY. 1. What is E-Business? The E-Business Sweepstakes. Caesars of E-Business: An Embattled Business Culture. The Lure of Overnight Successes. Crossing the Digital Chasm. The Sobering Reality. Real-World Examples. E-Business: The Shaping and Dynamics of a New Economy. The E-Business Supply Chain. Related E-Business Trends. Summary. 2. What Is E-Security? E-Security at Your Service. Demands on Traditional IT Security: A Changing of the Guard. Principles of E-Security. Risk Management in the New Economy. How E-Security Enables E-Business. The E-Security Dilemma: Open Access versus Asset Protection. 3. The Malicious Opponents of E-Business. The Lure of Hacking. Hackers versus Crackers. Hacker Groups. Why Hackers Love to Target Microsoft. Meeting the Hacker Threat. National Infrastructure Protection Center. Central Intelligence Agency. Other White Hats. II. PROTECTING INFORMATION ASSETS IN AN OPEN SOCIETY. 4. A New Theater of Battle. From the Demilitarized Zone and the Perimeter to Guerilla Warfare. The Triumph of Intranets, Extranets, and Virtual Private Networks. The Vanishing World of Controlled, or Closed, Access. The Impact of Open Access. The Correlation between Open Access and Asset Protection. The Role of Authentication and Privacy in the New Economy. Summary. 5. Reempowering Information Technology in the New Arms Race. The Failings of the Old Paradigm. Infiltration of Rogue Applets. Human Error and Omission. Ongoing Change in the Enterprise Network. Deploying and Maintaining Complex Layer Client/Server Software. Shortage of Human Capital. Rigidity of Enterprise Security Policy. Tools for Rearming the IT Manager. Guidelines for E-Security. Enterprise Security Policy. Summary. III. WAGING WAR FOR CONTROL OF CYBERSPACE. 6. Attacks by Syntax: Hacker and Cracker Tools. Inherent Shortcomings of TCP/IP. Standard “Ports” of Call. TCP/IP Implementation Weaknesses. IP Spoofing. Distributed Denial-of-Service Attacks and Tools. Trin00. Tribe Flood Network. Tribe Flood Network 2000. Stacheldraht. ICMP Directed Broadcast, or Smurf Bandwidth Attack. Backdoor Programs and Trojan Horses. Backdoor Program Functions. Examples of Backdoor Programs. Summary. 7. Attacks by Automated Command Sequences. Script Attacks. The Next Generation of E-Mail Attacks. The Bubble Boy Virus. Mainstream JavaScript Attacks. Attacks through Remote Procedure Call Services. Brown Orifice. Summary and Recommendations. 8. Countermeasures and Attack Prevention. Surviving an Attack. Formulate an Emergency Response Plan and an Incident Response Team. Obtain Outside Assistance. Contact Law Enforcement Authorities. Use Intrusion Detection System Software. Countering an Attack. Disconnect Compromised Host/System from Your Network. Copy an Image of the Compromised System(s). Analyze the Intrusion. Recognizing What the Intruder Leaves Behind. 9. Denial-of-Service Attacks. Effects of DoS and DDoS Attacks. General Computing Resources. High-Performance Firewall. Network Bandwidth. Handling a SYN Flood DDoS Attack. Countermeasures. Precautions. Handling a Bandwidth DDoS Attack. Guarding against Being an Accomplice Network. Guarding against Becoming an Intermediary Network. Guarding against Being a Victim. Handling a UDP Flood Bomb. Using an IDS. Recovering from a DDoS Attack. 10. Creating a Functional Model for E-Security. Developing a Blueprint for E-Security. Understanding Business Objectives. Honing in on Your IT Security Policy. Making Good on IT Security's Best Practices. The IT Security Functional Model. Deploying Effective E-Security Architecture: Hardening the Network's Infrastructure. Hardening Your Router. Hardening Your Operating Systems. Summary. 11. Building a Security Architecture. Firewall Architecture Deployment, Controls, and Administration. Types of Firewalls. Hardening Firewalls. Remote-Access Architecture. Encryption Options for Administrators. Securing Remote-Administration Pipes for Administrators. Remote-Access Architecture/Solutions for Users. Vulnerability Assessment Architecture/Solutions. Network-Based Assessment Architecture. Host Vulnerability Assessment. Intrusion Detection Architecture. Network-Based IDS Architecture. Host-Based IDS Solutions. IV. ACTIVE DEFENSE MECHANISMS AND RISK MANAGEMENT. 12. Vulnerability Management. Types of Vulnerabilities. Managing IT Systems Vulnerabilities. Conducting Vulnerability Analysis. Network-Based Vulnerability Analysis. Host-Based Vulnerability Analysis. 13. Risk Management. The Role of Assessment in Risk Management. The Process of Risk Management. Defining the System Boundaries. Threat Analysis. Impact Analysis. Risk Determination. Summary. Appendix A: SANs/fbi Top 20 Internet Security Vulnerabilities. Appendix B: Sample CERT/Coordination Center Incident Response Form. Appendix C: Windows 2000 Security/Hardening Plan. Appendix D: Denial-of-Service Attacks. Glossary. Bibliography. Index. 020171972XT08282002

About the Author :
David Leon Clark has over twenty years of experience in information technology systems and solutions and is currently the program manager responsible for the Information Assurance practice of Acton Burnell, Inc. of Alexandria, Virginia. Mr. Clark provides advice, support, and life cycle security consulting to federal and commercial clients. He designed the core curriculum for the Information Security Management (ISM) course of study, a graduate level program for the University of Virginia's School of Continuing and Professional Studies. A professional writer on high-tech topics, he is the author of IT Manager's Guide to Virtual Private Networks, along with numerous technology white papers and marketing literature. 020171972XAB05242002