Web Security Field Guide

Steve Kalman

  • 出版商: Cisco Press
  • 出版日期: 2002-11-08
  • 定價: $1,650
  • 售價: 2.4$399
  • 語言: 英文
  • 頁數: 608
  • 裝訂: Paperback
  • ISBN: 1587050927
  • ISBN-13: 9781587050923
  • 相關分類: 資訊安全
  • 立即出貨(限量) (庫存=4)

買這商品的人也買了...

商品描述

 

Hands-on techniques for securing Windows(r) servers, browsers, and network communications

  • Create effective security policies and establish rules for operating in and maintaining a security- conscious environment
  • Learn how to harden Windows multi-user platforms, including NT, 2000, and XP
  • Understand secure installation options for Windows web servers and how to enhance security on existing web and FTP server installations
  • Improve security at the end user's workstation, including web browsers, desktops, and laptops
  • Evaluate the pros and cons of installing a certificate server and becoming your own Certification Authority
  • Learn the Cisco PIX Firewall and Cisco IOS Firewall architecture and how to apply Cisco standard and extended access lists
  • Discover ways to test the current state of security and keep it up to date
  • Learn to engage end users as part of the overall network security solution

While the Internet has transformed and improved the way we do business, this vast network and its associated technologies have opened the door to an increasing number of security threats. The challenge for successful, public web sites is to encourage access to the site while eliminating undesirable or malicious traffic and to provide sufficient levels of security without constraining performance or scalability. The more reliant organizations become on the Internet to perform daily jobs or conduct transactions, the greater the impact a breach of network security has. Just as Cisco Systems has been an innovator in using the Internet to conduct business, so too is it a market leader in the development and sale of products and technologies that protect data traveling across the Internet. Yet a network security solution is only as strong as its weakest link. Network attacks can occur at any point, including the network connection, the firewall, the web server, or the client. Hardening the defenses at all these points is key to creating an effective, all-encompassing network security solution.

Web Security Field Guide provides you with hands-on, proven solutions to help patch the most common vulnerabilities of Windows(r) web servers and browsers within the context of an end-to-end network security architecture. Avoiding conceptual discussions of underlying technologies, the book spends little time discussing how each application works. Using plain language and lots of step-by-step examples, the book instead focuses on helping you secure your web servers and prevent the majority of network attacks. Divided into five parts, the book opens with an overview of essential background information and helps you establish working network security rules and policies. Parts II through IV teach you the techniques for hardening the operating system, the web server, and the browser. Part V of the book addresses overall network security, focusing on preventing and controlling access. Topics such as becoming a Certification Authority, Cisco PIX(r) Firewall, Cisco IOS(r) Firewall, access lists, ongoing security maintenance, and testing are all examined in-depth, providing an overall network security plan that can drastically reduce the risk to your business systems and data.

Full of diagrams, screen captures, and step-by-step instructions for performing simple tasks that can radically improve the security of your Internet business solutions, Web Security Field Guide is a practical tool that can help ensure the integrity and security of your business-critical applications.

Table of Contents

Introduction.

I. THE FUNDAMENTALS OF WEB SECURITY.

1. Essential Information for Web Security Administrators.
2. Security Policies.

 

II. HARDENING THE SERVER.


3. Windows System Security.

 

III. INSTALLING AND PROTECTING IIS.


4. IIS Installation.
5. Enhancing Web Server Security.
6. Enhancing the FTP Server.

 

IV. PROTECTING THE USER.


7. Browser Security.
8. Desktop/Laptop Security.

V. PROTECTING THE NETWORK.


9. Becoming a Certification Authority (CA).
10. Firewalls.
11. Maintaining Ongoing Security.
12. What You Can Do.

 

VI. APPENDIXES.


Appendix A. Customizing Internet Explorer Error Messages.
Appendix B. Decoding Base64.
Appendix C. Contents of the WSFG Web Site.

商品描述(中文翻譯)

《Web安全指南》提供了實用的解決方案,幫助修補Windows網頁伺服器和瀏覽器中最常見的漏洞,並在整個網路安全架構的背景下進行。本書避免了對底層技術的概念討論,而是用簡單的語言和大量的逐步示例,重點是幫助您保護網頁伺服器並防止大部分的網路攻擊。書籍分為五個部分,首先概述了基本的背景資訊,並幫助您建立工作中的網路安全規則和政策。第二到第四部分教授您加固作業系統、網頁伺服器和瀏覽器的技巧。書籍的第五部分涵蓋了整體網路安全,重點是預防和控制訪問。深入探討了成為認證機構、Cisco PIX防火牆、Cisco IOS防火牆、存取控制清單、持續的安全維護和測試等主題,提供了一個全面的網路安全計劃,可以大大降低您的業務系統和數據的風險。《Web安全指南》充滿了圖表、螢幕截圖和逐步操作指南,可以執行簡單的任務,從而大幅提高您的互聯網業務解決方案的安全性和完整性。