Computer Security Basics, 2nd Edition By Rick Lehtinen Publisher: O'Reilly Pub Date: June 2006 Print ISBN-10: 0-596-00669-1 Print ISBN-13: 978-0-59-600669-3 Pages: 310 Table of Contents | Index This is the must-have book for a must-know field Today, general security knowledge is mandatory, and, if you who need to understand the fundamentals, Computer Security Basics 2nd Edition is the book to consult The new edition builds on the well-established principles developed in the original edition and thoroughly updates that core knowledge For anyone involved with computer security, including security administrators, system administrators, developers, and IT managers, Computer Security Basics 2nd Edition offers a clear overview of the security concepts you need to know, including access controls, malicious software, security policy, cryptography, biometrics, as well as government regulations and standards This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing Topics include: Computer security concepts Security breaches, such as viruses and other malicious programs Access controls Security policy Web attacks Communications and network security Encryption Physical security and biometrics Wireless network security Computer security and requirements of the Orange Book OSI Model and TEMPEST Computer Security Basics, 2nd Edition By Rick Lehtinen Publisher: O'Reilly Pub Date: June 2006 Print ISBN-10: 0-596-00669-1 Print ISBN-13: 978-0-59-600669-3 Pages: 310 Table of Contents | Index Copyright Preface Part PART I: Security for Today Chapter 1 Introduction Section 1.1 The New Insecurity Section 1.2 What Is Computer Security? Section 1.3 Threats to Security Section 1.4 Why Buy Security? Section 1.5 What's a User to Do? Section 1.6 Summary Chapter 2 Some Security History Section 2.1 Information and Its Controls Section 2.2 Computer Security: Then and Now Section 2.3 Early Computer Security Efforts Section 2.4 Building Toward Standardization Section 2.5 Computer Security Mandates and Legislation Section 2.6 Summary Part PART II: Computer Security Chapter 3 Computer System Security and Access Controls Section 3.1 What Makes a System Secure? Section 3.2 System Access: Logging into Your System Section 3.3 Summary Chapter 4 Viruses and Other Wildlife Section 4.1 Financial Effects of Malicious Programs Section 4.2 Viruses and Public Health Section 4.3 Viruses, Worms, and Trojans (Oh, My!) Section 4.4 Who Writes Viruses? Section 4.5 Remedies Section 4.6 The Virus Hype Section 4.7 An Ounce of Prevention Section 4.8 Summary Chapter 5 Establishing and Maintaining a Security Policy Section 5.1 Administrative Security Section 5.2 Overall Planning and Administration Section 5.3 Day-to-Day Administration Section 5.4 Separation of Duties Section 5.5 Summary Chapter 6 Web Attacks and Internet Vulnerabilities Section 6.1 About the Internet Section 6.2 What Are the Network Protocols? Section 6.3 The Fragile Web Section 6.4 Summary Part PART III: Communications Security Chapter 7 Encryption Section 7.1 Some History Section 7.2 What Is Encryption? Section 7.3 The Data Encryption Standard Section 7.4 Other Cryptographic Algorithms Section 7.5 Message Authentication Section 7.6 Government Cryptographic Programs Section 7.7 Cryptographic Export Restrictions Section 7.8 Summary Chapter 8 Communications and Network Security Section 8.1 What Makes Communication Secure? Section 8.2 Modems Section 8.3 Networks Section 8.4 Network Security Section 8.5 Summary Part PART IV: Other Types of Security Chapter 9 Physical Security and Biometrics Section 9.1 Physical Security Section 9.2 Locks and Keys: Old and New Section 9.3 Biometrics Section 9.4 Gentle Reminder Section 9.5 Summary Chapter 10 Wireless Network Security Section 10.1 How We Got Here Section 10.2 Today's Wireless Infrastructure Section 10.3 How Wireless Works Section 10.4 Playing the Fields Section 10.5 What Is This dB Stuff? Section 10.6 Why Does All This Matter? Section 10.7 Encouraging Diversity Section 10.8 Physical Layer Wireless Attacks Section 10.9 Summary Part PART V: Appendixes OSI Model TEMPEST Section B.1 The Problem of Emanations Section B.2 The TEMPEST Program Section B.3 TEMPEST Standards Section B.4 Hard As You Try The Orange Book, FIPS PUBS, and the Common Criteria Section C.1 About the Orange Book Section C.2 Rating by the Book Section C.3 Summary of Orange Book Classes Section C.4 FIPS by the Numbers Section C.5 I Don't Want You Smelling My Fish About the Author Colophon Index Computer Security Basics, Second Edition by Rick Lehtinen, Deborah Russell, and G.T Gangemi Sr Copyright © 2006, 1991 O'Reilly Media, Inc All rights reserved Printed in the United States of America Published by O'Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472 O'Reilly books may be purchased for educational, business, or sales promotional use Online editions are also available for most titles (safari.oreilly.com) For more information, contact our corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com Editor: Tatiana Apandi Developmental Editor: Mary Dageforde Production Editor: Darren Kelly Copyeditor: Mary Anne Weeks Mayo Proofreader: Darren Kelly Indexer: Julie Hawks Cover Designer: Edie Freedman Interior Designer: David Futato Illustrators: Robert Romano and Jessamyn Read Printing History: July 1991: First Edition June 2006: Second Edition Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc Computer Security Basics, the image of a key, and related trade dress are trademarks of O'Reilly Media, Inc Figure 7-1 is reproduced by permission of the Smithsonian Institution Figure 10-14 used by permission of Berkeley Varitronics Systems, Inc Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and O'Reilly Media, Inc was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein ISBN: 0-596-00669-1 [M] Preface About This Book This book is about computer securitywhat it is, where it came from, where it's going, and why we should care about it It introduces the many different areas of security in clear and simple terms: access controls, worms and viruses, cryptography, firewalls, network and web security, biometric devices, and more If you're at all interested in computer security or if computer security is a part of your job (whether you want it to be or not!), you should find this book useful I've tried to give you the big picture and quite a few helpful details This book is not a technical reference I've tried to pull together the basics about many different areas of computer security and put that information together comprehensively If you need particularly technical information about a specific area of computer security (for example, making your specific system or operating system more secure, securing your web site, or configuring a router or firewall), you should refer to other, more specialized books Summary of Contents This book is divided into 10 chapters and 3 appendixes Part I, Security for Today This section presents a brief overview of what computer security is, where it came from, and where it's going Chapter 1, Introduction This chapter introduces computer security: what it is and why it's important It summarizes the threats to computers and the information stored on them, and it introduces the different types of computer security Chapter 2, Some Security History This chapter briefly describes the history of computer security: where it came from, and what government mandates, laws, and standards address it Part II, Computer Security This section discusses computer security methods of protecting information stored in a computer system, primarily by controlling access to that information Chapter 3, Computer System Security and Access Controls This chapter introduces computer system security and describes how that security controls access to systems and data Chapter 4, Viruses and Other Wildlife This chapter explores viruses, worms, Trojans, and other types of malicious code Chapter 5, Establishing and Maintaining a Security Policy This chapter describes the administrative procedures that improve security within an organization It also introduces business continuity and disaster recovery as part of security Chapter 6, Web Attacks and Internet Vulnerabilities This chapter introduces the perils that can attack your system or network while it is connected to the Internet Part III, Communications Security This section discusses communications security methods of protecting information while it's being transmitted over communications lines and network backbones Chapter 7, Encryption This chapter explains what encryption is and how it protects data Chapter 8, Communications and Network Security This chapter introduces network concepts and discusses some basic communications security issues Part IV, Other Types of Security Security Controls for Computer Systems Security Features User's Guide (SFUG) security kernel security label syntax security model security policy 2nd administrative security overall planning and administration establishing and maintaining multilevel self/group/public controls semaphore system sensitivity labels 2nd separation of duties 2nd SERPENT server key server-side attacks web server-side scripts languages Service Provisioning Markup Language (SPML) servlets session session keys shadow password files Shamir, Adi SHARK shell scripts Shockwave Rider, The SI-CERT signaling equipment signature-writing pattern Simple Mail Transfer Protocol (SMTP) 2nd simple security condition SingCERT (Singapore CERT) single key single-level device SKIPJACK Slovenian Computer Emergency Response Team smart cards 2nd smart keys smashing the stack sniffers 2nd Softwar: La Guerre Douce software security tools software vulnerabilities source suppression Spafford, Gene spam spoofing 2nd spread spectrum systems Spring Joint Computer Conference of 1967 spyware SQUARE standardization cryptography emanations star property state two-digit numeric codes stealth Steinauer, Dennis Stoll, Cliff subject sensitivity label substitution ciphers 2nd summarizes suspicious user activity switching systems symmetric key system access system access controls system administration system administrator/operator functions system design Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] TACACS tag abuse Tan Book taps TCSEC TEA telephone connections TEMPEST 2nd 3rd Endorsement Programs (TEP) Faraday screen Industrial TEMPEST Program initial standards NACSEM 5100 Optical Products Program program overview security, containment approach source suppression standards Test Services Program Zoned Equipment Program Temporal Key Integrity Protocol (TKIP) 2nd terminal Terminal Access Controller Access Control System (TACACS) terrorists test documentation requirement testing equipment Thompson, Ken threats countermeasures insiders and outsiders intentional and unintentional natural physical vulnerabilities tickets 2nd tiger teams time bombs time-to-live (TTL) tokens 2nd 3rd active topology traffic analysis training users tranquility property Transmission Control Protocol/Internet Protocol (TCP/IP) Transport Control Protocol (TCP) attacks transposition ciphers 2nd trap door Trivial File Transfer Protocol (TFTP) Trojan horses 2nd 3rd bombs trunk, communications Trusted Computer System Evaluation Criteria (TCSEC) Trusted Database Management System Interpretation (TDI) (Lavender Book) trusted distribution trusted facility management Trusted Facility Manual (TFM) Trusted Network Interpretation (TNI) (Red Book) trusted recovery trusted system tunneling Turing, Alan twisted pair cable two key two-factor authentication TWOFISH Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] U.K Data Protection Act and Regulation of Investigatory Powers Bill U.S Communications Security (COMSEC) U.S Computer Departments Technology Administration U.S Department of Homeland Security United Kingdom Department of Trade and Industry unity gain antenna unreliability US-CERT USB form factor devices User Datagram Protocol (UDP) Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] van Eck, Wim vertical polarization Virtual Private Network (VPN) 2nd viruses 2nd 3rd antivirus programs creators financial effects of firewalls history hype overview prevention public health and remedies VLF (very low frequency) Voice over Internet Protocol (VoIP) voice verification VPN inside firewall internetworking remote access tunneling protocols vulnerabilities communications emanation exploiting hardware human media natural physical software Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] WAN systems war chalking war driving war flying war walking Ware, Willis H warm sites water damage Web attacks Web services, advanced Wertheimer, Nancy Wi-Fi Protected Access (WPA) 2nd wide area networks Wired Equivalent Privacy (WEP) 2nd wireless wireless cards wireless costs wireless local area networks wireless network security access points (APs) ad hoc infrastructure AES protocol background basic service set (BSS) bridge channels cloak decibel (dB) electrical fields director dish antenna parabolic reflector reflector Yagi electrostatic vector how wireless works independent service set (ISS) infrastructure infrastructure architecture LEAP protocol monitoring wireless networks multipath signals physical layer wireless attacks advanced eavesdropping attacks eavesdropping eavesdropping defenses forced degradation attacks hardening access points PoE rogue access points sophisticated attacks roaming stealth Temporal Key Integrity Protocol (TKIP) why it matters Wi-Fi Protected Access (WPA) Wired Equivalent Privacy (WEP) wireless cards wiretaps WLANs worms 2nd Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] X.500 Xerox Network System (XNS) Xerox PARC worms XNTP Network Time Protocol exploits XOR Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Yagi Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Zero Day problem zombies 2nd Zoned Equipment Program ... Computer security and requirements of the Orange Book OSI Model and TEMPEST Computer Security Basics, 2nd Edition By Rick Lehtinen Publisher: O'Reilly Pub Date: June 2006 Print ISBN- 10: 0-596-00669-1 Print ISBN- 13: 978-0-59-600669-3 Pages: 310... July 1991: First Edition June 2006: Second Edition Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc Computer Security Basics, the image of a key, and related trade... Part PART I: Security for Today Chapter 1 Introduction Section 1.1 The New Insecurity Section 1.2 What Is Computer Security? Section 1.3 Threats to Security Section 1.4 Why Buy Security? Section 1.5