Computer Security Fundamentals

ONE-VOLUME INTRODUCTION TO COMPUTER SECURITY Clearly explains core concepts, terminology, challenges, technologies, and skills Covers today's latest attacks and countermeasures The perfect beginner's guide for anyone interested in a computer security career Dr. Chuck Easttom brings together complete coverage of all basic concepts, terminology, and issues, along with all the skills you need to get started. Drawing on 30 years of experience as a security instructor, consultant, and researcher, Easttom helps you take a proactive, realistic approach to assessing threats and implementing countermeasures. Writing clearly and simply, he addresses crucial issues that many introductory security books ignore, while addressing the realities of a world where billions of new devices are Internet-connected. This guide covers web attacks, hacking, spyware, network defense, security appliances, VPNs, password use, and much more. Its many tips and examples refl ect new industry trends and the state-of-the-art in both attacks and defense. Exercises, projects, and review questions in every chapter help you deepen your understanding and apply all you've learned. LEARN HOW TO Identify and prioritize potential threats to your networkUse basic networking knowledge to improve securityGet inside the minds of hackers, so you can deter their attacksImplement a proven layered approach to network securityResist modern social engineering attacksDefend against today's most common Denial of Service (DoS) attacksHalt viruses, spyware, worms, Trojans, and other malwarePrevent problems arising from malfeasance or ignoranceChoose the best encryption methods for your organizationCompare security technologies, including the latest security appliancesImplement security policies that will work in your environmentScan your network for vulnerabilitiesEvaluate potential security consultantsMaster basic computer forensics and know what to do if you're attackedLearn how cyberterrorism and information warfare are evolving

Dr. Chuck Easttom is the author of 37 books, including several on computer security, forensics, and cryptography. He has also authored scientific papers on digital forensics, cyber warfare, cryptography, and applied mathematics. He is an inventor with 25 computer science patents. He holds a doctor of science degree in cybersecurity (dissertation topic: a study of lattice-based algorithms for post quantum cryptography), a Ph.D. in Computer Science (dissertation topic: "A Systematic Framework for Network Forensics Using Graph Theory"), and a Ph.D. in Nanotechnology (dissertation topic: "The Effects of Complexity on Carbon Nanotube Failures") and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He also holds more than 70 industry certifications (CISSP, CEH, etc.). He is a frequent speaker at cybersecurity, computer science, and engineering conferences. He is a Distinguished Speaker and senior member of the ACM and a senior member of the IEEE. You can find out more about Dr. Easttom and his research at www.ChuckEasttom.com.

Introduction xxix Chapter 1: Introduction to Computer Security 2 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 How Seriously Should You Take Threats to Network Security?. . . . . . . . . . 4 Identifying Types of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 7 Assessing the Likelihood of an Attack on Your Network.. . . . . . . . . . . . 17 Basic Security Terminology. . . . . . . . . . . . . . . . . . . . . . . . 18 Concepts and Approaches.. . . . . . . . . . . . . . . . . . . . . . . . 21 How Do Legal Issues Impact Network Security?.. . . . . . . . . . . . . . . 24 Online Security Resources.. . . . . . . . . . . . . . . . . . . . . . . . 25 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Chapter 2: Networks and the Internet 34 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Network Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 How the Internet Works. . . . . . . . . . . . . . . . . . . . . . . . . 43 History of the Internet.. . . . . . . . . . . . . . . . . . . . . . . . . . 50 Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 52 Other Network Devices.. . . . . . . . . . . . . . . . . . . . . . . . . 59 Advanced Network Communications Topics.. . . . . . . . . . . . . . . . 60 Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Chapter 3: Cyber Stalking, Fraud, and Abuse 74 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 How Internet Fraud Works.. . . . . . . . . . . . . . . . . . . . . . . . 75 Identity Theft.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Cyber Stalking.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Protecting Yourself Against Cybercrime.. . . . . . . . . . . . . . . . . . 91 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Chapter 4: Denial of Service Attacks 106 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 DoS Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Illustrating an Attack.. . . . . . . . . . . . . . . . . . . . . . . . . . 107 Common Tools Used for DoS Attacks.. . . . . . . . . . . . . . . . . . . 109 DoS Weaknesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Specific DoS Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . 112 Real-World Examples of DoS Attacks.. . . . . . . . . . . . . . . . . . . 120 How to Defend Against DoS Attacks.. . . . . . . . . . . . . . . . . . . 121 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 Chapter 5: Malware 130 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 Viruses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 The Buffer-Overflow Attack. . . . . . . . . . . . . . . . . . . . . . . 145 Spyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 Other Forms of Malware.. . . . . . . . . . . . . . . . . . . . . . . . 149 Detecting and Eliminating Viruses and Spyware. . . . . . . . . . . . . . . 153 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Chapter 6: Techniques Used by Hackers 166 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 Basic Terminology.. . . . . . . . . . . . . . . . . . . . . . . . . . . 167 The Reconnaissance Phase.. . . . . . . . . . . . . . . . . . . . . . . 167 Actual Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Malware Creation. . . . . . . . . . . . . . . . . . . . . . . . . . . 184 Penetration Testing.. . . . . . . . . . . . . . . . . . . . . . . . . . 187 The Dark Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 Chapter 7: Industrial Espionage in Cyberspace 200 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 What Is Industrial Espionage?.. . . . . . . . . . . . . . . . . . . . . . 202 Information as an Asset. . . . . . . . . . . . . . . . . . . . . . . . . 203 Real-World Examples of Industrial Espionage.. . . . . . . . . . . . . . . 205 How Does Espionage Occur?. . . . . . . . . . . . . . . . . . . . . . 207 Protecting Against Industrial Espionage.. . . . . . . . . . . . . . . . . . 212 Trade Secrets.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 The Industrial Espionage Act.. . . . . . . . . . . . . . . . . . . . . . 218 Spear Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 219 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 Chapter 8: Encryption 226 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 Cryptography Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . 227 History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . . . 228 Modern Cryptography Methods.. . . . . . . . . . . . . . . . . . . . . 236 Public Key (Asymmetric) Encryption.. . . . . . . . . . . . . . . . . . . 245 PGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 Legitimate Versus Fraudulent Encryption Methods.. . . . . . . . . . . . . 251 Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . 252 Hashing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 254 Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 Cryptanalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 Cryptography Used on the Internet.. . . . . . . . . . . . . . . . . . . . 259 Quantum Computing Cryptography. . . . . . . . . . . . . . . . . . . . 259 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 Chapter 9: Computer Security Technology 268 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268 Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 Antispyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 IDSs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 Digital Certificates.. . . . . . . . . . . . . . . . . . . . . . . . . . . 292 SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 Virtual Private Networks.. . . . . . . . . . . . . . . . . . . . . . . . 296 Wi-Fi Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299 Chapter 10: Security Policies 304 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304 What Is a Policy?.. . . . . . . . . . . . . . . . . . . . . . . . . . . 305 Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 305 Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 308 Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 316 Security Breaches.. . . . . . . . . . . . . . . . . . . . . . . . . . . 319 Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 321 Development Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 322 Standards, Guidelines, and Procedures.. . . . . . . . . . . . . . . . . . 323 Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 324 Zero Trust.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 Important Laws.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 Chapter 11: Network Scanning and Vulnerability Scanning 336 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336 Basics of Assessing a System.. . . . . . . . . . . . . . . . . . . . . . 337 Securing Computer Systems.. . . . . . . . . . . . . . . . . . . . . . 346 Scanning Your Network. . . . . . . . . . . . . . . . . . . . . . . . . 352 Testing and Scanning Standards.. . . . . . . . . . . . . . . . . . . . . 363 Getting Professional Help.. . . . . . . . . . . . . . . . . . . . . . . . 366 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 Chapter 12: Cyber Terrorism and Information Warfare 378 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 379 Weapons of Cyber Warfare.. . . . . . . . . . . . . . . . . . . . . . . 382 Economic Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384 Military Operations Attacks. . . . . . . . . . . . . . . . . . . . . . . 386 General Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 387 Supervisory Control and Data Acquisitions (SCADA).. . . . . . . . . . . . . 387 Information Warfare.. . . . . . . . . . . . . . . . . . . . . . . . . . 388 Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 391 Future Trends.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 Defense Against Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 399 Terrorist Recruiting and Communication.. . . . . . . . . . . . . . . . . . 399 TOR and the Dark Web.. . . . . . . . . . . . . . . . . . . . . . . . . 400 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 Chapter 13: Cyber Detective 408 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 General Searches. . . . . . . . . . . . . . . . . . . . . . . . . . . 410 Company Searches.. . . . . . . . . . . . . . . . . . . . . . . . . . 413 Court Records and Criminal Checks.. . . . . . . . . . . . . . . . . . . 413 Usenet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 Google.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Maltego. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 Chapter 14: Introduction to Forensics 426 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426 General Guidelines. . . . . . . . . . . . . . . . . . . . . . . . . . . 427 Finding Evidence on a PC. . . . . . . . . . . . . . . . . . . . . . . . 440 Finding Evidence in System Logs.. . . . . . . . . . . . . . . . . . . . 441 Getting Back Deleted Files.. . . . . . . . . . . . . . . . . . . . . . . 442 Operating System Utilities. . . . . . . . . . . . . . . . . . . . . . . . 445 The Windows Registry. . . . . . . . . . . . . . . . . . . . . . . . . 447 Mobile Forensics: Cell Phone Concepts.. . . . . . . . . . . . . . . . . . 452 The Need for Forensic Certification.. . . . . . . . . . . . . . . . . . . . 457 Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 458 Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 459 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 Chapter 15: Cybersecurity Engineering 466 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 Defining Cybersecurity Engineering.. . . . . . . . . . . . . . . . . . . . 467 Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475 SecML. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 Modeling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 Glossary 494 Appendix A: Resources 500 Appendix B: Answers to the Multiple Choice Questions 502 9780137984787, TOC, 12/6/2022