Muutke küpsiste eelistusi

E-raamat: Security in an IPv6 Environment

(Markel Corporation, Glen Allen, Virginia, USA),
  • Formaat: PDF+DRM
  • Ilmumisaeg: 19-Apr-2016
  • Kirjastus: Auerbach
  • Keel: eng
  • ISBN-13: 9781420092301
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 123,49 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
  • Raamatukogudele
Security in an IPv6 EnvironmentSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 19-Apr-2016
  • Kirjastus: Auerbach
  • Keel: eng
  • ISBN-13: 9781420092301
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Analyze Key Security Mechanisms and Approaches with this practical primer, the first book on the market to cover critical IPv6 security considerations.

Dan Minoli, author of over 50 books on telecommunications and networks, and Jake Kouns, Chairman, CEO and CFO of the Open Security Foundation, discuss IPv6 security vulnerabilities, considerations, and mechanisms, and survey approaches for ensuring reliable and controlled IPv6 migration. The authors pool knowledge from industry resources, RFCs, and their own considerable security experience, discussing key IPv6 features, security issues, and potential exploitation of IPv6 protocol. They examine use of firewalls and encryption, and the fundamental topic of IPSec in IPv6 environments.

Protect Networks from New and Growing Threats

An increasing amount of mission-critical commercial and military operations are supported by distributed, mobile, always-connected, hybrid public-private networks, especially IPv6-based networks. The number of attackers or inimical agents continues to grow, and all computing environments must feature high-assurance security mechanisms. Even administrators in pure IPv4 environments require at least a rudimentary understanding of IPv6 security principles to safeguard traditional networks. This comprehensive book explains why security savvy approaches are indispensible and includes considerations for mixed IPv4 and IPv6 migration environments. More than an exhaustive treatment of IPv6 and security topics, this text is a point of departure for anyone adjusting to this technological transition and subtending security considerations.

About the Authors

Daniel Minoli, director of terrestrial systems engineering for SES Americom, has done extensive work with IPv6, including four books on the subject.

Jake Kouns (CISSP, CISA, CISM), director of information security and network services for Markel Corporation, is also co-founder and president of the Open Security Foundation.
Preface xiii
About the Authors xv
Introduction, Overview, and Motivations
1(68)
Introduction and Motivations
1(7)
IPv6 Overview
8(25)
Overview of Traditional Security Approaches and Mechanisms
33(36)
References
47(3)
Appendix A: Six-Month Listing of IPv6 Press
50(19)
Basic IPv6 Protocol Mechanisms
69(36)
Introduction
69(1)
IPv6 Addressing Mechanisms
69(7)
Addressing Conventions
70(2)
Note
72(1)
Addressing Issues/Reachability
72(3)
Note
75(1)
Address Types
76(6)
Unicast IPv6 Addresses
76(1)
Aggregatable Global Unicast Addresses
77(1)
Link-Local (Unicast) Addresses
77(1)
Unspecified (Unicast) Address
78(1)
Loopback (Unicast) Address
78(1)
Compatibility (Unicast) Addresses
78(1)
Multicast IPv6 Addresses
78(3)
Anycast IPv6 Addresses
81(1)
Addresses for Hosts and Routers
81(1)
Interface Determination
82(3)
Mapping EUI-64 Addresses to IPv6 Interface Identifiers
83(1)
Mapping IEEE 802 Addresses to IPv6 Interface Identifiers
84(1)
Randomly Generated Interface Identifiers
84(1)
IPv6 Addressing (Details)
85(1)
Addressing Model
85(11)
Text Representation of Addresses
86(1)
Text Representation of Address Prefixes
87(1)
Address Type Identification
88(1)
Unicast Addresses
88(1)
Interface Identifiers
89(1)
The Unspecified Address
90(1)
The Loopback Address
90(1)
Global Unicast Addresses
90(1)
IPv6 Addresses with Embedded IPv4 Addresses
91(1)
Note
91(1)
Local-Use IPv6 Unicast Addresses
91(1)
Anycast Addresses
92(1)
Required Anycast Address
93(1)
Multicast Addresses
93(1)
Predefined Multicast Addresses
94(2)
A Node's Required Addresses
96(1)
IANA Considerations
96(1)
Notes
97(1)
Creating Modified EUI-64 Format Interface Identifiers
97(2)
Links or Nodes with IEEE EUI-64 Identifiers
97(1)
Links or Nodes with IEEE 802 48-bit MACs
98(1)
Links with Other Kinds of Identifiers
98(1)
Links without Identifiers
99(1)
64-Bit Global Identifier (EUI-64) Registration Authority
99(6)
Application Restrictions
100(1)
Distribution Restrictions
100(1)
Application Documentation
100(1)
Manufacturer-Assigned Identifiers
101(1)
References
101(4)
More Advanced IPv6 Protocol Mechanisms
105(58)
Introduction
105(1)
IPv6 and Related Protocols (Details)
106(1)
Note
107(1)
IPv6 Header Format
107(1)
IPv6 Extension Headers
108(14)
Extension Header Order
109(1)
Options
110(2)
Note
112(1)
Hop-by-Hop Options Header
112(1)
Routing Header
113(3)
Fragment Header
116(1)
Note
117(4)
Destination Options Header
121(1)
No Next Header
122(1)
Packet Size Issues
122(1)
Flow Labels
123(1)
Traffic Classes
123(1)
Upper-Layer Protocol Issues
124(2)
Upper-Layer Checksums
124(1)
Maximum Packet Lifetime
125(1)
Maximum Upper-Layer Payload Size
125(1)
Responding to Packets Carrying Routing Headers
125(1)
Semantics and Usage of the Flow Label Field
126(1)
Formatting Guidelines for Options
127(3)
IPv6 Infrastructure
130(4)
Protocol Mechanisms
130(1)
Protocol-Support Mechanisms
130(4)
Routing and Route Management
134(2)
Configuration Methods
136(2)
Dynamic Host Configuration Protocol for IPv6
138(4)
More on Transition Approaches and Mechanisms
142(21)
References
144(1)
Appendix A: Neighbor Discovery for IP Version 6 (IPv6) Protocol
145(1)
Functionality
145(5)
Appendix B: Mobile IP Version 6 (MIPv6)
150(1)
Basic Operation of Mobile IPv6
151(5)
Appendix C: Enabling IPv6 in Cisco Routers
156(1)
Enabling IPv6 Routing and Configuring IPv6 Addressing
156(1)
Enabling IPv6 Processing Globally on the Router
156(1)
Configuring IPv6 Addresses
156(1)
Verifying IPv6 Operation and Address Configuration
157(3)
IPv6 Routing and IPv6 Address Configuration Example
160(3)
Security Mechanisms and Approaches
163(32)
Introduction
163(1)
Security 101
163(11)
Review of Firewall-Based Perimeter Security
174(8)
Firewall Capabilities
176(1)
Network Address Translation (NAT)
177(1)
Virtual Private Network (VPN)
177(1)
Demilitarized Zones (DMZ)
177(1)
Antispoofing
177(1)
Firewall Types
178(1)
Packet Filter
179(1)
Proxy
179(1)
Stateful Inspection
180(1)
Firewall Architecture
181(1)
IPv6 Areas of Security Concerns: Addresses
182(4)
IPv6 Addressing Security
182(4)
IPv6 Anycast Address Security
186(1)
Documented Issues for IPv6 Security
186(9)
References
188(2)
Appendix A: Risks and Vulnerabilities
190(1)
Static Session Hijacking
190(1)
Redirection Attacks
191(1)
Denial of Service (Flooding Attacks)
192(1)
Address Privacy
193(1)
Cause Packets to Be Sent to the Attacker
193(1)
``Classic'' Redirection Attack
193(1)
Time-Shifting Attack
194(1)
Cause Packets to Be Sent to a Black Hole
194(1)
Third Party Denial-of-Service Attacks
194(1)
Basic IPv6 Security Considerations
195(12)
Introduction
195(1)
IPv6 Flow Labels Issues
195(2)
ICMPv6 Issues
197(1)
Neighbor Discovery Issues
198(4)
Routing Headers
202(1)
DNS Issues
203(1)
Minimum Security Plan
204(3)
References
205(2)
IPsec and Its Use in IPv6 Environments
207(18)
Introduction
207(1)
Overview
208(2)
IPsec Modes
210(3)
IP Authentication Header (AH)
213(1)
IP Encapsulating Security Protocol (ESP)
214(3)
Supportive Infrastructure: IPsec Architecture
217(3)
Related Observations
220(5)
References
222(3)
Firewall Use in IPv6 Environments
225(18)
Introduction
225(1)
Role of Firewalls for IPv6 Perimeters
226(5)
Packet Filtering
231(4)
Extension Headers and Fragmentation
235(2)
Concurrent Processing
237(1)
Firewall Functionality
237(1)
Related Tools
238(5)
References
241(1)
Appendix A: Market Status
241(2)
Security Considerations for Migrations/Mixed IPv4-IPv6 Networks
243(24)
Introduction
243(1)
Transition Basics
243(6)
Security Issues Associated with Transition
249(7)
Threats and the Use of IPsec
256(4)
IPsec in Transport Mode
256(1)
IPsec in Tunnel Mode
257(1)
Router-to-Router Tunnels
257(1)
Site-to-Router/Router-to-Site Tunnels
258(1)
Host-to-Host Tunnels
258(2)
NATs, Packet Filtering, and Teredo
260(2)
Use of Host-Based Firewalls
262(2)
Use of Distributed Firewalls
264(3)
References
265(2)
Index 267
Daniel Minoli, director of terrestrial systems engineering for SES Americom, has done extensive work with IPv6, including four books on the subject.

Jake Kouns (CISSP, CISA, CISM), director of information security and network services for Markel Corporation, is also co-founder and president of the Open Security Foundation.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97814200923012e.html
Märksõnad: