Preface
This book is a practical guide to building your own firewall.
It provides step-by-step explanations of how to design and install a
firewall at your site and how to configure Internet
services such as electronic mail, FTP, the World Wide Web, and others
to work with a firewall. Firewalls are complex, though, and we
can't boil everything down to simple rules. Too much depends on
exactly what hardware, operating system, and networking you are using
at your site, and what you want your users to be able to do and not
do. We've tried to give you enough rules, examples, and
resources here so you'll be able to do the rest on your own.
What is a firewall, and what does it do for you? A
firewall is a way to restrict access between the Internet and
your internal network. You typically install a firewall at the
point of maximum leverage, the point where your network connects to
the Internet. The existence of a firewall at your site can
greatly reduce the odds that outside attackers will penetrate your
internal systems and networks. The firewall can also keep your
own users from compromising your systems by sending dangerous
information  --  unencrypted passwords and sensitive data  -- 
to the outside world.
The attacks on Internet-connected systems we are seeing today are
more serious and more technically complex than those in the past. To
keep these attacks from compromising our systems, we need all the
help we can get. Firewalls are a highly effective way of protecting
sites from these attacks. For that reason, we strongly recommend you
include a firewall in your site's overall Internet
security plan. However, a firewall should be only one component
in that plan. It's also vital that you establish a security
policy, that you implement strong host security, and that you
consider the use of authentication and encryption devices that work
with the firewalls you install. This book will touch on each of
these topics while maintaining its focus on firewalls.
0.1. Scope of This Book
This book is divided into five parts.
Part I, "Network Security", explores the problem of Internet
security and focuses on firewalls as part of an effective
strategy to address that problem.
- Chapter 1, "Why Internet Firewalls?", introduces the major risks associated
with using the Internet today; discusses what to protect, and what to
protect against; discusses various security models; and introduces
firewalls in the context of what they can and can't do
for your site's security.
- Chapter 2, "Internet Services", outlines the services users want and need
from the Internet, and summarizes the security problems posed by
those services.
- Chapter 3, "Security Strategies", outlines the basic security principles
an organization needs to understand before it adopts a security
policy and invests in specific security mechanisms.
Part II, "Building Firewalls", describes how to build firewalls.
- Chapter 4, "Packets and Protocols ", describes the basic network concepts firewalls work with.
- Chapter 5, "Firewall Technologies", explains the terms and technologies used in building firewalls.
- Chapter 6, "Firewall Architectures", describes the major architectures used in constructing firewalls, and the situations they are best suited to.
- Chapter 7, "Firewall Design", presents the process of designing a firewall.
- Chapter 8, "Packet Filtering" describes how packet filtering systems work, and discusses what you can and can't accomplish with them in building a
firewall.
- Chapter 9, "Proxy Systems", describes how proxy clients and servers work, and how to use these systems in building a firewall.
- Chapter 10, "Bastion Hosts", presents a general overview of the process of designing and building the bastion hosts used in many firewall configurations.
- Chapter 11, "Unix and Linux Bastion Hosts", presents the details of designing and building a Unix or Linux bastion host.
- Chapter 12, "Windows NT and Windows 2000 Bastion Hosts ", presents the details of designing and building a Windows NT bastion host.
Part III, "Internet Services", describes how to configure services in
the firewall environment.
- Chapter 13, "Internet Services and Firewalls", describes the general issues involved
in selecting and configuring services in the firewall environment.
- Chapter 14, "Intermediary Protocols", discusses basic protocols that are used
by multiple services.
- Chapter 15, "The World Wide Web", discusses the Web and related services.
- Chapter 16, "Electronic Mail and News", discusses services used for transferring
electronic mail and Usenet news.
- Chapter 17, "File Transfer, File Sharing, and Printing", discusses the services used for moving
files from one place to another.
- Chapter 18, "Remote Access to Hosts", discusses services that allow you to
use one computer from another computer.
- Chapter 19, "Real-Time Conferencing Services", discusses services that allow people to
interact with each other online.
- Chapter 20, "Naming and Directory Services", discusses the services used to
distribute information about hosts and users.
- Chapter 21, "Authentication and Auditing Services", discusses services used to identify
users before they get access to resources, to keep track of what sort
of access they should have, and to keep records of who accessed what
and when.
- Chapter 22, "Administrative Services", discusses other services used to
administer machines and networks.
- Chapter 23, "Databases and Games", discusses the remaining two major
classes of popular Internet services, databases and games.
- Chapter 24, "Two Sample Firewalls", presents two sample
configurations for basic firewalls.
Part IV, "Keeping Your Site Secure", describes how to establish a security
policy for your site, maintain your firewall, and handle the
security problems that may occur with even the most effective
firewalls.
- Chapter 25, "Security Policies", discusses the importance of having a
clear and well-understood security policy for your site, and what
that policy should and should not contain. It also discusses ways of
getting management and users to accept the policy.
- Chapter 26, "Maintaining Firewalls", describes how to maintain security at
your firewall over time and how to keep yourself aware of new
Internet security threats and technologies.
- Chapter 27, "Responding to  Security Incidents", describes what to do when a break-in
occurs, or when you suspect that your security is being breached.
Part V, "Appendixes", consists of the following summary
appendixes:
- Appendix A, "Resources", contains a list of places you can go
for further information and help with Internet security: World Wide
Web pages, FTP sites, mailing lists, newsgroups, response teams,
books, papers, and conferences.
- Appendix B, "Tools", summarizes the best freely available
firewall tools and how to get them.
- Appendix C, "Cryptography", contains background information on
cryptography that is useful to anyone trying to decrypt the marketing
materials for security products.
 
|  |  |  | 
| Copyright Page |  | 0.2. Audience |