Anand Classes

Network Security GNDU MSc IT E-Books pdf online Download Lecture Notes|Neeraj K Anand

Network Security GNDU MSc IT E-Books pdf online Download Lecture Notes|Neeraj K Anand

Author’s Words

 I

strongly believe that the Almighty God alone plans every thing that happens in the world. So, I sincerely thanks the Almighty God for showering his blessings upon me and using me to write this book.

I wish to express my deep sense of gratitude to my colleagues and students whom encouragement and co-operation have been source of great inspiration to me. I am thankful to my father Sh. Om Prakash Anand, my son Param Anand and my dear wife Neetu Anand for bringing me out this book. I hope that this edition of the book will prove to be more useful to the Science and Engineering students. Any suggestions for further improvement of the book will be gratefully acknowledged by the both author and publisher. Finally, we would like to thank my colleagues in the various Institutes whom have encouraged and assisted us to make our best efforts in bringing out this book.                                                               

                                                                                                                         NIT – Warangal, Telangana

                                                                                                                          Neeraj K. Anand

                                                                                                                         January 2022

Dedication

In The Everlasting Memory of My Mother

 

Late Smt. Nirmal Anand

Network Security GNDU Msc IT E-Content Books pdf online Download. Download Anand Technical Publishers Network Security GNDU MSc IT books pdf. Neeraj K Anand Technical Publishers Network Security GNDU MSc IT books pdf Download. Buy GNDU Network Security Msc IT Book Online Amazon.

About The Book

Network Security Book furnishes the peruser with an essential comprehension of the issues engaged with the security of PC frameworks and organizations. Starting in nature, this significant new book covers all angles connected with the developing field of PC security. Such complete inclusion in a solitary text has recently been inaccessible, and school teachers and understudies, just as experts answerable for framework security, will track down this interesting book an important wellspring of data either as a course reading or as an overall reference.
Network Security examines existing and expected dangers to PC frameworks and organizations and layouts the essential moves that are by and large made to ensure them. The initial two parts of the text acquaint the peruser with the field of PC security, covering principal issues and targets. The following a few sections portray security models, validation issues, access control, interruption location, and harm control. Later sections address organization and data set security and frameworks/networks associated with wide-region organizations and internetworks. Different points incorporate firewalls, cryptography, malevolent programming, and security norms. The book incorporates contextual analyses with data about occurrences including PC security, representing the issues and potential harm that can be caused when security falls flat. Network Security GNDU Msc IT E-Content Books pdf.

Syllabus (M.Sc. IT – 2nd Semester (GNDU)

Essential of Network Perimeter Security : Terms. Defense in depth

Packet Filtering : TCP/IP Primer, How Packet filtering Works, TCP And UDP Ports, TCP’s Tree-way handshake, The Cisco Router as a packets filter, An Alternative packet filter : IP Chains, The Cisco ACL, Effective Users of Packets-filtering devices, Tracking Rejected Traffic, Problem with Packets Filters, Dynamic packet Filtering and be Reflexive.

Stateful Firewalls : How a Stateful Firewall works, The concept of state , Stateful Filtering and stateful Inspection.

Proxy Firewalls : Fundamentals of Proxying, Pros And Cons of Proxy Firewalls, Types of Proxies, Tools of Proxying.

Security Policy : Firewalls Are Policy, How to develop Policy, Perimeter Consideration.

Network Instruction Detection : Network instruction detection basics, The roles of Network IDS in a parameter defense, IDS Sensor placement, Using an IDS Management Networks.

The Need for Host Hardening : Removing or Disabling of Unnecessary Programs. Limiting access to data And Configuration Files, Controlling User and Privileges, Maintaining Host Security Logs, Applying Patches, additional Hardening Guidelines.

Host Defenses : Hosts and the perimeter, Antivirus Software, Host-Based Firewalls, Host –based Instruction detection, Challenges Of host defenses components.

Instruction Prevention System : What is IPS, IPS Limitation, NIPS, Host-Based instruction Prevention System, Monitoring file Integrity, Monitoring Application Behavior.

Fundamentals of Secure Premier Design : Gathering Design Requirements, Design Elements for Premier Security.

Separation Resources : Security Zones, Common Design Elements, VLAN-Based Seperation.

Book Contents

Chapter-1 : INTRODUCTION TO NETWORK SECURITY

SECURITY FUNDAMENTALS…………………………………………………………………….. 10

SECURITY GOALS………………………………………………………………………………………. 11

ATTACKS……………………………………………………………………………………………………. 12

SERVICES AND MECHANISM…………………………………………………………………….. 14

Security Mechanisms………………………………………………………………………….. 16

Relation between Services and Mechanisms……………………………… 17

A Model for Network Security……………………………………………………….. 17

 

Chapter-2 : PERIMETER SECURITY FUNDAMENTALS

NETWORK Perimeter……………………………………………………………………………… 19

Border Routers…………………………………………………………………………………….. 20

Firewalls………………………………………………………………………………………………… 20

Intrusion Detection Systems (IDS)………………………………………………….. 24

Intrusion Prevention Systems (IPS)………………………………………………… 28

Virtual Private Networks………………………………………………………………… 29

Software Architecture……………………………………………………………………… 29

De-Militarized Zones (DMZ) and Screened Subnets……………………. 29

Defense in Depth (Security in layers)……………………………………………. 33

Multilayer Perimeter Solution……………………………………………………… 33

Components of Defense in Depth……………………………………………………… 34

Internal Network of security perimeter……………………………………. 47

Security Wheel……………………………………………………………………………………… 51

Case Study :  Defense in Depth in Action……………………………………….. 53

 

Chapter-3 : PACKET FILTERING

Packet filtering…………………………………………………………………………………… 56

TCP/IP Primer : How Packet Filtering Works………………………………… 56

Cisco Router as a Packet Filter………………………………………………………. 60

An Alternative Packet Filter : IPChains………………………………………. 62

Cisco ACL Configuration……………………………………………………………………. 62

Cisco IOS Basics……………………………………………………………………………………… 65

Effective Uses of Packet-Filtering Devices………………………………… 66

Tracking Rejected Traffic………………………………………………………………… 73

Filtering by Port and Destination Address : The Cisco Extended ACL…………………………………………………………………………………………. 73

Filtering TCP and UDP Ports and ICMP Types………………………………… 75

Problems with Packet Filters………………………………………………………….. 76

Dynamic Packet Filtering & Reflexive Access List…………………… 81

 

Chapter-4 : STATEFUL FIREWALLS

Stateful Firewall……………………………………………………………………………….. 88

How a Stateful Firewall Works ?…………………………………………………… 88

The Concept of State…………………………………………………………………………… 89

Stateful Inspection…………………………………………………………………………….. 90

Transport and Network Protocols and State………………………….. 91

Application-Level Traffic and State……………………………………………. 96

File Transfer Protocol and State…………………………………………………. 97

Multimedia Protocols and the Stateful Firewall………………….. 99

Problems with Application-Level Inspection…………………………….. 99

Deep Packet Inspection……………………………………………………………………… 101

Stateful Filtering and Stateful Inspection…………………………….. 102

Stateful Firewall Product Examples…………………………………………. 103

 

Chapter-5 : proxy FIREWALLS

PROXY FirewallS………………………………………………………………………………….. 117

Application Proxy………………………………………………………………………………. 120

Fundamentals of Proxying (Proxy servers)…………………………….. 122

advantages and disadvantages of Proxy Firewalls……………. 128

Types of Proxies…………………………………………………………………………………… 130

Tools for Proxying……………………………………………………………………………. 136

Difference between Packet filtering, Stateful and…………….. 139

application proxy Firewalls…………………………………………………………. 140

 

 

 

Chapter-6 : SECURITY POLICY

SECURITY Policy……………………………………………………………………………………. 141

Firewalls Are Policy…………………………………………………………………………. 141

How to Develop Policy……………………………………………………………………… 147

Perimeter Considerations……………………………………………………………….. 152

 

Chapter-7 : Network Intrusion Detection

Intrusion detection basics……………………………………………………………… 155

Network Intrusion detection basics…………………………………………… 156

IDS System Components…………………………………………………………………….. 157

TYPES OF INTRUSION DETECTION SYSTEMS………………………………………… 157

Anomaly Detection……………………………………………………………………………. 163

Network Behavior Anomaly Detection……………………………………… 166

Signature Based Detection…………………………………………………………….. 166

Difference between Host-based & network-based ids………….. 170

Intrusion Detection Software………………………………………………………. 171

Intrusion-Related Services…………………………………………………………….. 172

Roles of Network IDS in a Perimeter Defense…………………………… 172

IDS Sensor Placement………………………………………………………………………… 175

Advantages and disadvantages of Network-Based……………… 179

Intrusion Detection Systems………………………………………………………….. 179

Case Studies………………………………………………………………………………………….. 179

 

Chapter-8 : Host Hardening

Host Hardening…………………………………………………………………………………… 185

Removing or Disabling of Unnecessary Programs…………………. 186

Limiting Access to Data and Configuration Files…………………… 192

Controlling User and Privileges…………………………………………………. 193

Maintaining Host Security Logs……………………………………………………. 197

Applying Patches………………………………………………………………………………… 198

Additional Hardening Guidelines………………………………………………… 199

 

Chapter-9 : Host Defense Components

Hosts and the Perimeter………………………………………………………………….. 201

Antivirus Software…………………………………………………………………………… 203

Host-Based Firewalls……………………………………………………………………….. 206

Host-Based Intrusion Detection Systems (HIDS)……………………….. 212

Host-Based IDS Categories………………………………………………………………. 214

Advantages and disadvantages of Host-Based intrusion Detection Systems……………………………………………………………………………… 218

Challenges of Host Defense Components………………………………….. 219

 

Chapter-10 : Intrusion Prevention Systems

intrusion prevention system…………………………………………………………. 222

IPS Limitations……………………………………………………………………………………… 225

NIPS…………………………………………………………………………………………………………… 225

NIPS Challenges…………………………………………………………………………………… 232

Switch NIPS Deployment Recommendations………………………………. 236

NIPS Benefits…………………………………………………………………………………………. 237

Host-Based Intrusion Prevention Systems………………………………… 238

HIPS Advantages………………………………………………………………………………….. 240

HIPS Challenges…………………………………………………………………………………… 240

HIPS Recommendations……………………………………………………………………… 241

 

Chapter-11 : Fundamentals of Secure Perimeter Design

Gathering Design Requirements……………………………………………………. 243

Design Elements for Perimeter Security…………………………………… 253

 

Chapter-12 : Separating Resources

Resource separation…………………………………………………………………………. 260

Security Zones…………………………………………………………………………………….. 260

Common Design Elements…………………………………………………………………. 267

VLAN-Based Separation…………………………………………………………………….. 277

 

 

Scroll to Top