Introduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices

Similar documents
Fundamentals of Network Security v1.1 Scope and Sequence

Chapter 7. Local Area Network Communications Protocols

The Internet Protocol (IP)

TSIN02 - Internetworking

Interconnecting Networks with TCP/IP

Cisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p.

TCP /IP Fundamentals Mr. Cantu

EITF25 Internet Techniques and Applications L7: Internet. Stefan Höst

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

Review of Important Networking Concepts

Position of IP and other network-layer protocols in TCP/IP protocol suite

co Configuring PIX to Router Dynamic to Static IPSec with

LOGICAL ADDRESSING. Faisal Karim Shaikh.

McGraw-Hill The McGraw-Hill Companies, Inc., 2000

Interconnecting Cisco Networking Devices Part 1 ICND1

ICND1 v2.0 Interconnecting Cisco Networking Devices Part 1 CCENT & Part of CCNA Rout/Switch

EE 610 Part 2: Encapsulation and network utilities

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1

Networking interview questions

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

ASA/PIX Security Appliance

Introduction p. 1 Self-Assessment p. 9 Networking Fundamentals p. 17 Introduction p. 18 Components and Terms p. 18 Topologies p. 18 LAN Technologies

Lecture 17 Overview. Last Lecture. Wide Area Networking (2) This Lecture. Internet Protocol (1) Source: chapters 2.2, 2.3,18.4, 19.1, 9.

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Network Layer/IP Protocols

Novell TCP IP for Networking Professionals.

CIS-331 Final Exam Spring 2016 Total of 120 Points. Version 1

Router and ACL ACL Filter traffic ACL: The Three Ps One ACL per protocol One ACL per direction One ACL per interface

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

IP Protocols. ALTTC/Oct

ET4254 Communications and Networking 1

Inspection of Router-Generated Traffic

Outline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address

Introduction to TCP/IP networking

Firewall Stateful Inspection of ICMP

Hands-On TCP/IP Networking

IP - The Internet Protocol

ECE 461 Internetworking Fall Quiz 1

Chapter 2 Network Models 2.1

Cisco Secure PIX Firewall Advanced (CSPFA)

Network Layer PREPARED BY AHMED ABDEL-RAOUF

TCP/IP and the OSI Model

Networks. an overview. dr. C. P. J. Koymans. Informatics Institute University of Amsterdam. February 4, 2008

SYSTEMS ADMINISTRATION USING CISCO (315)

Network Protocols - Revision

Read addressing table and network map

Tutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem.

"Charting the Course... Interconnecting Cisco Networking Devices Accelerated 3.0 (CCNAX) Course Summary

2. What flavor of Network Address Translation can be used to have one IP address allow many users to connect to the global Internet? A. NAT B.

1. Which OSI layers offers reliable, connection-oriented data communication services?

exam. Number: Passing Score: 800 Time Limit: 120 min CISCO Interconnecting Cisco Networking Devices Part 1 (ICND)

TCP/IP Protocol Suite and IP Addressing

Configuration Examples

OSI Network Layer. Chapter 5

firewalls perimeter firewall systems firewalls security gateways secure Internet gateways

Table of Contents. Cisco IPSec Tunnel through a PIX Firewall (Version 7.0) with NAT Configuration Example

ITEC 3210 M - Applied Data Communications and Networks. Professor: Younes Benslimane, Ph.D.

Interconnecting Cisco Network Devices Part 1 v2.0 (ICND 1)

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

TSIN02 - Internetworking

Preface to the First Edition Preface to the Second Edition Acknowledgments UNIX Operating System Environment p. 1 UNIX: Past and Present p.

ACL Rule Configuration on the WAP371

Network and Security: Introduction

B.Sc. (Hons.) Computer Science with Network Security B.Eng. (Hons) Telecommunications B.Sc. (Hons) Business Information Systems

Computer Networks. Lecture 9 Network and transport layers, IP, TCP, UDP protocols

RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6

Network Interconnection

Implementing Firewall Technologies

TCP/IP Networking Basics

Just enough TCP/IP. Protocol Overview. Connection Types in TCP/IP. Control Mechanisms. Borrowed from my ITS475/575 class the ITL

History Page. Barracuda NextGen Firewall F

Chapter 5 OSI Network Layer

Internetwork Protocols

Lecture 8. Network Layer (cont d) Network Layer 1-1

Computer Networking: A Top Down Approach Featuring the. Computer Networks with Internet Technology, William

This tutorial will help you in understanding IPv4 and its associated terminologies along with appropriate references and examples.

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

OSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

Configuring Commonly Used IP ACLs

This talk will cover the basics of IP addressing and subnetting. Topics covered will include:

Need For Protocol Architecture

IP Basics Unix/IP Preparation Course June 29, 2010 Pago Pago, American Samoa

Concept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space that is provided.

Need For Protocol Architecture

Configuring IP SLAs TCP Connect Operations

Network Basic v0.1. Network Basic v0.1. Chapter 3 Internet Protocol. Chapter 3. Internet Protocol

Information about Network Security with ACLs

CC231 Introduction to Networks Dr. Ayman A. Abdel-Hamid. Internet Protocol Suite

IPsec NAT Transparency

CompTIA Exam JK0-023 CompTIA Network+ certification Version: 5.0 [ Total Questions: 1112 ]

Object Groups for ACLs

Interconnecting Cisco Networking Devices: Accelerated

Protection Against Distributed Denial of Service Attacks

What Is CCNA? p. 2 CCNA Exam Philosophy p. 4 What Cisco Says about CCNA p. 4 What We Can Infer from What Cisco States p. 5 Summary of the CCNA Exam

Cisco Interconnecting Cisco Networking Devices Part 1.

Chapter 2 Advanced TCP/IP

IPv6 Firewall Support for Prevention of Distributed Denial of Service Attacks and Resource Management

CCNA 1 Chapter 6 v5.0 Exam Answers 2013

Permitting PPTP Connections Through the PIX/ASA

Transcription:

Preface p. xv Acknowledgments p. xvii Introduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices p. 6 Firewall Features p. 6 Packet Filtering p. 6 Network Address Translation p. 7 Authentication Services p. 7 Encryption p. 7 Alarm Generation p. 8 Proxy Services p. 8 Book Preview p. 8 The TCP/IP Protocol Suite p. 8 The Internet Protocol p. 9 TCP and UDP p. 9 NetWare p. 9 Router Hardware and Software p. 9 Working with Access Lists p. 10 The PIX Firewall p. 10 The TCP/IP Protocol Suite p. 11 The ISO Open Systems Interconnection Reference Model p. 12 Layers of the OSI Reference Model p. 12 The Physical Layer p. 13 The Data Link Layer p. 13 The Network Layer p. 14 The Transport Layer p. 14 The Session Layer p. 15 The Presentation Layer p. 15 The Application Layer p. 15 Data Flow p. 16 Layer Subdivision p. 17 The TCP/IP Protocol Suite p. 18 Comparison to the ISO Reference Model p. 18 Internet Protocol (IP) p. 19 Internet Control Message Protocol (ICMP) p. 20 TCP and User Datagram Protcol (UDP) p. 20 Data Delivery p. 20

The Internet Protocol p. 23 The IP Header p. 24 Vers Field p. 24 Hlen and Total Length Fields p. 24 Service Type Field p. 24 Identification and Fragment Offset Fields p. 25 Time to Live Field p. 25 Flags Field p. 25 Protocol Field p. 26 Source and Destination Address Fields p. 30 Overview p. 31 IPv4 p. 32 The Basic Addressing Scheme p. 33 Address Classes p. 33 Class A p. 34 Class B p. 34 Class C p. 35 Class D p. 36 Class E p. 36 Dotted-Decimal Notation p. 37 Reserved Addresses p. 38 Networking Basics p. 39 Subnetting p. 40 Host Addresses on Subnets p. 44 The Subnet Mask p. 45 Configuration Examples p. 47 Classless Networking p. 50 IPv6 p. 51 Address Architecture p. 51 Address Types p. 51 Address Notation p. 52 Address Allocation p. 52 Provider-Based Addresses p. 54 Special Addresses p. 54 Address Resolution p. 55 Operation p. 56 ICMP p. 59 TCP and UDP p. 65 The TCP Header p. 66 Source and Destination Port Fields p. 67 Port Numbers p. 67

Sequence and Acknowledgment Number Fields p. 70 Hlen Field p. 71 Code Bits Field p. 71 Window Field p. 72 Checksum Field p. 72 Options and Padding Fields p. 73 The UDP Header p. 74 The Source and Destination Port Fields p. 75 Length Field p. 75 Checksum Field p. 76 Firewall and Router Access List Considerations p. 76 NetWare p. 77 Overview p. 78 General Structure p. 78 Network Layer Operation p. 78 Transport Layer Operation p. 79 SAPs, RIPs, and the NCP p. 79 NetWare Addressing p. 80 Network Address p. 80 Node Address p. 80 Socket Number p. 81 IPX p. 81 Packet Structure p. 82 Checksum Field p. 82 Length Field p. 83 Transport Control Field p. 83 Packet Type Field p. 83 Destination Network Address Field p. 84 Destination Node Address Field p. 84 Destination Socket Field p. 84 Source Network Field p. 85 Source Node Field p. 85 Source Socket Field p. 85 SPX p. 85 Packet Structure p. 86 Comparison to IPX p. 87 Connection Control Field p. 87 Datastream Type Field p. 88 Source Connection ID Field p. 88 Destination Connection ID Field p. 88

Sequence Number Field p. 89 Acknowledgment Number Field p. 89 Allocation Number Field p. 89 SAP, RIP, and NCP p. 89 Router Hardware and Software Overview p. 91 Basic Hardware Components p. 92 Central Processing Unit (CPU) p. 93 Flash Memory p. 93 ROM p. 93 RAM p. 93 Nonvolatile RAM p. 94 I/O Ports and Media-Specific Converters p. 94 The Router Initialization Process p. 96 Basic Software Components p. 99 Operating System Image p. 99 Configuration File p. 100 Data Flow p. 100 The Router Configuration Process p. 102 Cabling Considerations p. 102 Console Access p. 103 Setup Considerations p. 104 The Command Interpreter p. 107 User Mode Operations p. 107 Privileged Mode of Operation p. 109 Configuration Command Categories p. 111 Global Configuration Commands p. 112 Interface Commands p. 113 Line Commands p. 113 Router Commands p. 114 Abbreviating Commands p. 115 Security Management Considerations p. 116 Password Management p. 116 Access Lists p. 117 Cisco Router Access Lists p. 119 Cisco Access List Technology p. 120 Access Lists Defined p. 121 Creating Access Lists p. 122 Access List Details p. 125 Applying Access Lists p. 127 Named Access Lists p. 131 Editing Access Lists p. 133

Access List Processing Revisited p. 135 Placement of Entries in an Access List p. 136 Representing Address Ranges -- Using Wildcard Masks p. 137 Wildcard Mask Examples p. 140 Additional Wildcard Mask Example p. 144 Wildcard Mask Shortcuts p. 145 Wildcard Masks Concluded p. 145 Packet Filtering Technology p. 146 The Role of Packet Filters p. 146 Packet Filters Defined p. 147 Stateless and Stateful Packet Filtering p. 148 Packet Filter Limitations p. 149 IP Address Spoofing p. 150 Stateless Packet Inspection p. 151 Limited Information p. 151 Human Error p. 151 Configuration Principles p. 152 Traditional IP Access Lists p. 153 Standard Access Lists p. 153 Extended IP Access Lists p. 158 Filtering the TCP Protocol p. 161 HTTP Services p. 162 Inbound Traffic p. 162 FTP Services p. 163 Filtering the UDP Protocol p. 165 Filtering the ICMP Protocol p. 166 Filtering IP Packets p. 168 Other Protocols p. 171 Discovering Protocols p. 171 Advanced Cisco Router Security Features p. 173 Next Generation Access Lists p. 174 Dynamic Access Lists p. 174 Limitations p. 177 Time-Based Access Lists p. 178 Limitations p. 179 Reflexive Access Lists p. 180 Limitations p. 181 Examples p. 182 Context Based Access Control (CBAC) p. 186 Overview p. 186 The Process p. 187

Caveats p. 188 Configuration p. 188 Choose an Interface p. 189 Configure Access Lists p. 190 Configure Timeouts and Thresholds p. 191 Define Inspection Rules p. 191 Apply the Inspection Rules p. 193 Additional Details p. 193 Example Configuration p. 194 Other IP Security Features p. 199 Hardening the Router p. 199 Secure Router Access p. 200 Disable Unnecessary Services p. 201 Commands p. 201 TCP Intercept -- Preventing SYN Flooding p. 202 Enabling TCP Intercept p. 203 Setting the Mode p. 203 Aggressive Thresholds p. 204 Sample Configuration p. 204 Network Address Translation p. 204 Caveats p. 205 NAT Terms p. 205 Sample Configurations p. 206 Translating Source Addresses p. 206 Translating Source and Destination Addresses p. 209 TCP Load Distribution p. 210 Useful Commands p. 211 Non-IP Access Lists p. 213 IPX Access Lists p. 214 Filtering IPX Data Packets p. 215 Filtering IPX SAP Updates p. 218 Filtering IPX RIP Updates p. 219 Layer 2 Access Lists p. 220 Filtering by Layer 2 Address p. 220 Filtering by LSAP or Type p. 222 Filtering by Byte Offset p. 223 Using Access Expressions p. 224 The Cisco PIX p. 225 Cisco PIX Basics p. 226 Models and Specifications p. 229 Special Features of the PIX p. 231

Limitations of the PIX p. 234 Closed Implementation p. 234 Limited Routing Support p. 235 Limited VPN Support p. 235 Limited Client Authentication p. 235 Configuring the Cisco PIX p. 236 Default Configuration p. 236 Naming Interfaces p. 236 Interface Settings p. 240 Passwords p. 240 Hostname p. 241 Fixup Commands p. 241 Names p. 242 Failover p. 243 Pager Lines p. 243 Logging p. 243 IP Addressing p. 243 ARP p. 244 Routing Commands p. 244 Translation Timeouts p. 245 SNMP Commands p. 246 Maximum Transmission Unit (MTU) Commands p. 246 Floodguard p. 246 Getting the PIX Up and Running p. 247 Defining NAT and Global Pools p. 248 Using Static NAT and Conduits p. 254 Dual NAT -- Using the Alias Command p. 258 PIX Access Lists p. 260 Handling Multi-Channel Protocols p. 263 Setting Passwords p. 266 Managing the PIX p. 266 Advanced Configuration Topics p. 268 User Authentication p. 268 Virtual Private Networks p. 270 Redundant PIX Design p. 271 Filtering Web Traffic p. 273 The PIX Manager p. 274 Determining Wildcard Mask Ranges p. 279 Creating Access Lists p. 291 Standard Access Lists p. 295 Extended IP Access Lists p. 297

Glossary p. 299 Acronyms and Abbreviations p. 309 Index p. 315 Table of Contents provided by Blackwell's Book Services and R.R. Bowker. Used with permission.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback