Network and Cloud Security

Network and Cloud Security

by Courtney Nash
Released December 2015
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781491952764

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Prerequisites: strong system administration experience and some familiarity with security

If you share resources across your network or the cloud, you need a firm grasp of all of the security implications. In this course, you'll get hands-on experience securing your infrastructure while learning about risk assessment and management, sensitive data, computer forensics, penetration testing, and much more. By the end of this course, you'll know how to secure your data and keep it that way.

Table of contents

  1. Introduction
    1. Introduction
    2. What Will Be Covered
    3. What Is Linux
    4. Distributions
    5. Scratch Versus Binary
    6. Ubuntu Package Management
    7. RedHat Package Management
  2. Booting
    1. The Boot Process
    2. Physical Protections
    3. The Boot Manager - GRUB
    4. Protecting The Boot Manager
    5. xinetd
    6. Runlevels
    7. Setting Default Runlevels
    8. GRUB2
    9. LILO
  3. Services
    1. Service Management
    2. Service Management With RHEL7
    3. TCP Wrappers
    4. Listening Ports
    5. Standard Postfix Configuration
    6. Apache Configuration
    7. Hardening Apache
    8. Virtual Hosts In Apache
    9. DNSSec
    10. MySQL
    11. PostgreSQL
    12. Tomcat
    13. JBoss
    14. mod_security
    15. SSL-TLS And Apache
    16. SPF And Greylisting In Postfix
  4. Logging And Log Management
    1. Syslog
    2. Remote Logging
    3. Reading Log Files
    4. Logwatch
    5. Log Aggregation
    6. utmp And wtmp
  5. Intrusion Detection And Prevention
    1. Anti-Virus
    2. Tripwire
    3. Samhaim
    4. Prelude
    5. AIDE
    6. Snort
    7. Alerting With Snort
    8. Snort Console
    9. Reading Snort Traces With Wireshark
    10. RootKitHunter
  6. Users And Permissions
    1. etc-shadow And etc-passwd Files
    2. Creating Users
    3. Securing Passwords
    4. Cracking Passwords
    5. Alternate User Management
    6. AppArmor
    7. Unix Permissions
    8. SELinux
    9. Modifying SELinux Permissions
    10. Restoring SELinux Permissions
    11. PAM
  7. Utilities
    1. netstat
    2. Process Management – top And ps
    3. Process Management – kill
    4. nmap
    5. OpenVAS
    6. Nexpose
    7. Find
    8. tcpdump
    9. Wireshark
    10. lspci And lsusb
  8. Kernel
    1. Linux Kernel
    2. Kernel Modules
    3. Managing Kernel Parameters
    4. Kernel Builds
    5. Kernel Config
    6. Viewing Kernel Config From Running Kernel
  9. Firewalls
    1. iptables
    2. NAT With iptables
    3. iptables Tables
    4. Matching On Protocol
    5. Rate limiting
    6. New Versus Established Versus Related
    7. Targets
    8. iptables Logs
    9. iptables With Multiple Interfaces
    10. Firewalld
    11. Zones And Services
    12. Matching On Owner
    13. ufw
    14. gufw
  10. Conclusion
    1. What We Covered
    2. What Comes Next
    3. Wrap-Up
  11. Introduction To Cloud Services
    1. Introduction And About The Author
    2. Service Models
    3. Service And Deployment Models
    4. Deployment Models Summary
    5. Deployment Models And Benefits
    6. Distributed Processing - The Reverse Cloud
    7. Building Internal Cloud Hardware
    8. Building Internal Cloud Software
    9. Using An External Cloud
  12. Securing The Infrastructure
    1. Introduction
    2. Framework
    3. Policy Samples
    4. Risk Management Introduction
    5. Risk Assessment
    6. Risk Management
    7. Security Program And CIA
    8. CIA
    9. Types Of Security
    10. Sensitive Data
    11. Data Classification
    12. AAA
    13. Bastion Host - Part 1
    14. Bastion Host - Part 2
    15. Configuration Control
    16. Security Training - Part 1
    17. Security Training - Part 2
    18. User Provisioning
    19. Monitoring And Incident Response
    20. Incident Response Process
  13. Preparing For Cloud Use
    1. Introduction And Framework For Governance
    2. Planning For Cloud Use
    3. Planning For Cloud Use - Readiness Tool
    4. Security Controls
    5. Enterprise Connect Zone
    6. Web App Security
    7. Security As A Service
    8. Security Controls Summary
    9. Due Diligence On The CSP
  14. The Cloud Services Agreement
    1. Required Services
    2. NDA, Access And Compliance
    3. Data Protection And Redundancy
    4. Data Fault Tolerance And Redundancy
    5. System Fault Tolerance And Redundancy
    6. Connectivity Fault Tolerance And Redundancy
    7. Notification And Penalties
    8. CSP Prudent Management
    9. Monitoring The CSP
  15. Staying Secure In The Cloud
    1. Cautious Implementation
    2. Inspections - Monitoring And Metrics
    3. Incident Response And Key Escrow
    4. Agreement Monitoring And Enforcement
  16. Wrap Up
    1. Course Review
  17. Introduction
    1. What Is Forensics?
    2. Professions Needing Forensics
    3. What You Should Expect From This Video
    4. What You Should Know
    5. What You Will Learn
  18. Legal Issues
    1. Chain Of Custody
    2. Evidence Acquisition
    3. Validating Data Under Linux
    4. Validating Data Under Windows
    5. Expert Witness
    6. Ethics For Experts
    7. Evidence Storage
    8. Rules Of Evidence
  19. Investigations
    1. Differences With Legal Investigations
    2. Reasons For Corporate Investigations
    3. Preparing For An Investigation
    4. Forensic Workstation
    5. EnCase
    6. FTK
    7. Coroners Toolkit
    8. ProDiscover Basic
    9. Audit Policies
    10. Reporting
    11. UNIX Tools
    12. Sleuth Kit
    13. DEFT Linux
  20. Operating Systems
    1. Windows Family
    2. Mac OS X
    3. Linux
    4. Other Types Of Operating Systems
    5. Boot Processes
    6. File Systems: Windows-Based
    7. File Systems: Linux
    8. File Systems: Mac OS
    9. File Systems: CD
    10. RAID
    11. Autostarting
    12. Executable Types And Structure: Windows
    13. Executable Types And Structure: Unix-Based
    14. Disk Partitions
  21. Image Acquisition
    1. Image Formats
    2. Image Acquisitions Under Linux
    3. Image Acquisitions Under Windows
    4. Volatile Information
    5. Data Recovery
    6. Hard Drives
  22. Network Acquisitions
    1. OSI Reference Model
    2. TCP/IP
    3. Network Attacks
    4. Reasons For Network Acquisitions
    5. Man In The Middle Attacks
    6. Capturing Traffic
    7. NetworkMiner
    8. Other Network Tools
    9. Wireless Networking
    10. Wireless Tools
    11. Firewalls And Their Uses
    12. Intrusion Detection Systems
  23. Data Spaces
    1. Alternate Data Streams
    2. Deleted Files
    3. Hidden Partitions
    4. Slack Space And Swap File
    5. Registry
    6. Virtual Memory
    7. System Recovery Checkpoints: Windows
    8. Audit Logs And Settings
  24. Data Recovery
    1. Graphics Files
    2. E-Mail
    3. Internet: Cache, Cookies, Etc.
    4. Metadata
    5. Log Files
    6. Steganography
    7. Steganography Techniques: Images And Video
    8. Steganography Techniques: Audio And Documents
    9. Steganalysis
    10. Compression
  25. Virtual Machines
    1. Virtual Machines
    2. Checkpoints
    3. Data Formats
    4. Hypervisors
  26. Mobile Forensics
    1. IOS
    2. Android
    3. Symbian OS
    4. Tools
    5. Memory Considerations
    6. SIM Cards
  27. Malware Forensics
    1. Malware Forensics
    2. Static Malware Analysis
    3. Dynamic Malware Analysis
  28. About Me
    1. About Me
  29. Getting Started
    1. Introduction To Reversing
    2. About The Author
    3. Ethical Considerations
    4. Reversing Tools - Part 1
    5. Reversing Tools - Part 2
    6. Reversing Tools - Part 3
    7. Reversing Tools - Part 4
    8. Reversing Tools - Part 5
    9. Reversing Tools - Part 6
  30. Reversing Compiled Windows Applications
    1. Vulnerabilities - Part 1
    2. Vulnerabilities - Part 2
    3. Vulnerabilities - Part 3
    4. Using Fuzzing - Part 1
    5. Using Fuzzing - Part 2
    6. Using Fuzzing - Part 3
    7. Using Fuzzing - Part 4
    8. Just Enough Assembly - Part 1
    9. Just Enough Assembly - Part 2
    10. Just Enough Assembly - Part 3
    11. Stack Overflows - Part 1
    12. Stack Overflows - Part 2
    13. Stack Overflows - Part 3
    14. Heap Overflows - Part 1
    15. Heap Overflows - Part 2
    16. Heap Overflows - Part 3
    17. Heap Overflows - Part 4
    18. Format String Bugs - Part 1
    19. Format String Bugs - Part 2
    20. Format String Bugs - Part 3
    21. Format String Bugs - Part 4
    22. Section Overflows
    23. Windows Kernel Flaws
    24. Decompilers
    25. Automation - Part 1
    26. Automation - Part 2
  31. Reversing Compiled OS X Applications
    1. Where Are The Vulnerabilities?
    2. Locating Stack Overflows
    3. Heap Overflows
  32. Reversing Compiled Linux Applications
    1. Where Are The Vulnerabilities?
    2. Linux Stack Overflows - Part 1
    3. Linux Stack Overflows - Part 2
    4. Linux Stack Overflows - Part 3
    5. Linux Stack Overflows - Part 4
    6. Linux Stack Overflows - Part 5
    7. Linux Heap Overflows - Part 1
    8. Linux Heap Overflows - Part 2
    9. Linux Heap Overflows - Part 3
    10. Linux Heap Overflows - Part 4
    11. Linux Kernel Flaws - Part 1
    12. Linux Kernel Flaws - Part 2
  33. Reversing Android Applications
    1. Introduction To Android And ARM
    2. Android Applications
  34. Finding Other Vulnerabilities
    1. Web Site Vulnerabilities
    2. Database Vulnerabilities
  35. Simple Exploits
    1. Going From Vulnerability To Exploit
    2. A Simple Exploit Script
    3. Creating A Metasploit Module For An Exploit - Part 1
    4. Creating A Metasploit Module For An Exploit - Part 2
    5. Creating A Metasploit Module For An Exploit - Part 3
  36. Exploit Payloads
    1. Shellcode - Part 1
    2. Shellcode - Part 2
    3. Shellcode - Part 3
    4. Shellcode - Part 4
  37. Making Exploits Harder To Detect
    1. Encoding Shellcode - Part 1
    2. Encoding Shellcode - Part 2
  38. Web Exploitation
    1. Web Exploits In Metasploit
  39. ARM Exploitation
    1. Android Exploits In Metasploit
  40. Future Directions
    1. Wrap Up And Suggestions For Further Study
  41. Introduction
    1. Introduction And About The Author
    2. What We Will Cover
    3. System Requirements
    4. Legal Issues
    5. Penetration Testing
  42. 802.11
    1. 802.11 Basics
    2. Frequencies
    3. Access Points
    4. Ad-Hoc Versus Infrastructure Mode
    5. Wireless Modes - ABGN
    6. SSID, ESSID And BSSID
    7. MAC Address
    8. Associations
    9. Beaconing And Broadcasting
    10. Access Point Basics
    11. Enterprise Networks
    12. WiFi In Windows
    13. WiFi In Mac OS
    14. WiFi In Linux
  43. Securing Your Wireless Network
    1. Authentication
    2. 802.1X
    3. Radius
    4. Encryption
    5. WEP
    6. WPA
    7. WPA2
    8. WPS
    9. EAP
    10. Hiding Your Network
    11. Filtering
    12. Network Segmentation
    13. Default Configurations
  44. Wireless Attack Tools
    1. Built-In Tools
    2. Kali Linux
    3. Kismet
    4. Aircrack-Ng
    5. WiFi Explorer
    6. Wireshark
    7. Wireless Attack Toolkit
    8. NetStumbler
    9. Ettercap
    10. Dsniff
    11. Airpwn
    12. Aireplay-Ng
    13. Fern
    14. WiFi Tap
    15. Cowpatty
    16. WiFi-Honey
  45. Wireless Attacks
    1. Using Wireshark
    2. Capturing Network Packets
    3. Monitor Mode
    4. Investigating Packets
    5. Filtering
    6. Radio Traffic
    7. War Driving
    8. Frame Injection
    9. RADIUS Replay
    10. SSL Stripping
    11. De-Authentication
    12. Airodump
    13. Fake Authentication
  46. Access Point Attacks
    1. Replay Attacks
    2. Cracking WEP - Part 1
    3. Cracking WEP - Part 2
    4. Cracking WPA
    5. Rogue Access Points
    6. Man In The Middle Attacks
    7. MAC Changes
  47. Bluetooth
    1. Bluetooth Overview
    2. Bluetooth Authentication
    3. Bluetooth Profiles
    4. Bluesnarfer
    5. Blueranger
    6. BT Scanner
    7. Protecting Bluetooth
    8. Other Tools
  48. Other Wireless
    1. WiMax
    2. Near Field Communication
    3. ZigBee
    4. RFID
  49. Conclusion
    1. What Have We Covered
    2. Next Steps
    3. Conclusion

Product information

  • Title: Network and Cloud Security
  • Author(s): Courtney Nash
  • Release date: December 2015
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781491952764