start page | rating of books | rating of authors | reviews | copyrights
Search | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | R | S | T | U | V | W | X | Y | Z
Index: D
- daemons, tools for : B.5. Daemons
- data : 1.1.1. Your Data
- communications protocols : (see TCP/IP)
- DNS : 8.10.3. DNS Data
- mismatched : 8.10.4.2. Mismatched data between the hostname and IP address DNS trees
- protecting from sniffers : 10.1.2. Packet Sniffing
- theft of : (see information theft)
- espionage : 1.2.2.4. Spies (Industrial and Otherwise)
- transferring
- 6. Packet Filtering
- (see email; files, transferring)
- allowing/disallowing : 6.1. Why Packet Filtering?
- via TCP : 6.3.3.1. TCP
- user-specified, and proxying : 7.4.4. User-Specified Data
- data-driven attacks : 8.1. Electronic Mail
- datagrams : C.5.1.1. The datagram
- fragmenting : C.5.1.3. Fragmenting datagrams
- DCC (Direct Client Connections) : 8.9.2. Internet Relay Chat (IRC)
- DDN (Defense Data Network) : C.10. Internet Routing Architecture
- debugging
- 6.1.2.1. Current filtering tools are not perfect
- (see also bugs)
- operating system : 5.8.1.2. Fix all known system bugs
- dedicated proxy servers : 7.3.2. Generic Versus Dedicated Proxies
- default deny stance
- 3.5.1. Default Deny Stance: That Which Is Not Expressly Permitted Is Prohibited
- 6.2.3. Default Permit Versus Default Deny
- default permit stance
- 3.5.2. Default Permit Stance: That Which Is Not Expressly Prohibited Is Permitted
- 6.2.3. Default Permit Versus Default Deny
- Defense Data Network (DDN) : C.10. Internet Routing Architecture
- defense in depth
- 3.2. Defense in Depth
- 9.1.4.2. Defense in depth
- 9.2.3.2. Defense in depth
- delivery agent, email : 8.1. Electronic Mail
- Demilitarized Zone (DMZ) : 4.1. Some Firewall Definitions
- denial of service : 1.2.1.2. Denial of Service
- accidental : 1.2.3. Stupidity and Accidents
- designing firewalls : 1.4.3. Buying Versus Building
- destination unreachable codes : (see ICMP)
- diagramming the system : 13.5.2. Labeling and Diagraming Your System
- dictionary attacks : 10.3.1. One-Time Passwords
- Direct Client Connections (DCC) : 8.9.2. Internet Relay Chat (IRC)
- disabling Internet services : 5.8.2. Disabling Nonrequired Services
- disabling routing : (see routing, disabling)
- disconnecting after incident : 13.1.2. Disconnect or Shut Down, as Appropriate
- disconnecting machine : 13.4.3. Planning for Disconnecting or Shutting Down Machines
- disk space : (see memory/disk space; resources)
- disks, needs for : 5.3.3. What Hardware Configuration?
- diversity of defense systems : 3.7. Diversity of Defense
- DMZ (Demilitarized Zone) : 4.1. Some Firewall Definitions
- DNS (Domain Name Service)
- 2.9. Name Service
- 5.6. Selecting Services Provided by the Bastion Host
- configuring : 8.10. Domain Name System (DNS)
- in screened host architecture : 9.2.1.6. DNS
- in screened subnet architecture : 9.1.1.6. DNS
- without hiding information : 8.10.6. Setting up DNS Without Hiding Information
- data : 8.10.3. DNS Data
- fake server : 8.10.5.1. Set up a `fake' DNS server on the bastion host for the outside world to use
- hiding information with : 8.10.5. Setting Up DNS to Hide Information
- revealing information to attackers : 8.10.4.3. Revealing too much information to attackers
- server for internal hosts : 8.10.5.2. Set up a real DNS server on an internal system for internal hosts to use
- documenting
- incidents : 13.1.7. Document the Incident
- plan for : 13.4.7. Planning for Documentation
- system after incident
- 13.1.5. Snapshot the System
- 13.4.5. Planning for Snapshots
- Domain Name Service : (see DNS)
- dot (.) files, disabling creation of : 8.2.1.6. Be careful of writable directories in the anonymous FTP area
- double-reverse lookups
- 8.10.4.2. Mismatched data between the hostname and IP address DNS trees
- 8.10.5.1. Set up a `fake' DNS server on the bastion host for the outside world to use
- Drawbridge package : B.3.2. Drawbridge
- dual-homed hosts
- 7. Proxy Systems
- (see also proxy services)
- architecture of : 4.2.1. Dual-Homed Host Architecture
- with screen subnet architecture : 4.3.8. It's OK to Use Dual-Homed Hosts and Screened Subnets
- as firewall : 5.8.2.5. Turning off routing
- nonrouting : 5.2.1. Nonrouting Dual-homed Hosts
- proxy services and : (see proxy services)
- dynamic packet filtering : 6.3.3.2. UDP
- FTP and : 8.2.1.1. Packet filtering characteristics of FTP
Search | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | R | S | T | U | V | W | X | Y | Z
Copyright © 1999 O'Reilly & Associates, Inc. All Rights Reserved.
[
Library Home
|
DNS & BIND
|
TCP/IP
|
sendmail
|
sendmail Reference
|
Firewalls
|
Practical Security
]