防火墙技术指南

Information contained in this work has been obtained by The McGraw-Hill Companies，lnc. （"McGraw-Hill"） from sources believed to be reliable. However，neither McGraw-Hill nor its authors guarantees the accuracy or completeness of any information published herein and neither McGraw-Hill nor its authors shall be responsible for any errors， omissions， or damages arising out of use of this information. This work is published with the understanding that McGraw-Hill and its authors are supplying information but are not attempting to render engineering or other professional services， Ifsuch services are required， the assistance of an appropriate professional should be sought.

Preface
Acknowledgments
Part 1 Introducing TCP/IP and the Need for Security：Firewalls
Chapter lInternetworking Protocols and Standards：An Overview
Internet Protocol （IP）
How IP Addressing Works
IP Security Risks
User Datagram Protocol （UDP）
Attacking UDP Services： SATAN at Ease
ISS for UNIX and Windows NT
Transmission Control Protocol （TCP）
IP Addresses
Extending IP Addresses Through CIDR
TCP/IP Security Risks and Countermeasures
IPSEC-An IETF IP Security Countermeasure
IPSO-A DOD IP Security Countermeasure
Routing Information Protocol （RIP）
MBONE - The Multicast Backbone
Internet Control Message Protoco（ （ICMP）
Internet Group Management Protocol （IGMP）
Open Shortest-Path First （OSPF）
Border Gateway Protocol Version 4 （BGP4）
Address Resolution Protocol
Reverse Address Resolution Protocol （RARP）
Security Risks of Passing IP Datagrams Through
Routers
Simple Network Management Protocol （SNMP）
Watch Your ISP Connection
The Internet Protocol Next Generation or IPv6
Address Expansion
Automatic Configuration of Network Devices
Security
Real-Time Perf ormance
Multicasting
IPv6 Security
Network Time Protocol （NTP）
Dynamic Host Conguration Protocol （DHCP）
Windows Sockets
Domain Name System （DNS）
Limiting DNS Information
Firewalls Concepts
The Flaws in Firewalls
Fun with DMZs
Authentication lssues
Trust at the Perimeter
Intranets
Chapter 2Basic Connectivity
What Happened to TTY
What Is the Baudot Code?
UNIX to UNIX CoPy （UUCP）
SLIP and PPP
Rlogin
Virtual Terminal Protocol （Telnet） .
Columbia University' Kermit： A Secure and Reliable
Telnet Server
Telnet Services Security Considerations
A Systems Manager Approach to Network Security
Telnet Session Security Checklist
Trivial File Transfer Protocol （TFTP）
TFTP Security Considerations
File Transfer Protocol （FTP）
Some of the Challenges of Using Firewalls
Increasing Security on lP Networks
Chapter 3 Cryptography： Is It Enough?
Introduction
Symmetric Key Encryption （Private Keys）
Data Encryption Standard （DES）
International Data Encryption Afgorithm （IDEA）
CAST
Skipjack
RC2/RC4
Asymmetric Key Encryption/Public Key Encryption
RSA
Digital Signature Standard （DSS）
Message Digest Algorithms
MD2， MD4, and MD5
Secure Hash Standard/Secure Hash Algorithm
（SHS/SHA）
Certificates
Certificate Servers
Key Management
Kerberos
Key-Exchange Algorithms （KEA
……
Part 2 Firewall Implementations and Limitations
Part 3 Firewall Resource Guide
Appendix A List of Firewall Resellers and Related Tools
Glossary
Bibliography
Index