Cybersecurity for Small Networks

Cybersecurity for Small Networks

by Seth Enoka
Released November 2022
Publisher(s): No Starch Press
ISBN: 9781718501485

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

This book is a straightforward series of projects that will teach you how to secure different facets of household or small-business networks from cyber attacks. Through guided, hands-on exercises, you'll quickly progress through several levels of security—from building a defensible network architecture to protecting your network from adversaries and monitoring for suspicious activity.

The first section will teach you how to segment a network into protected zones, set up a firewall, and mitigate wireless network security risks. Then, you’ll configure a VPN (virtual private network) to hide and encrypt network traffic and communications, set up proxies to speed up network performance and hide the source of traffic, and configure an antivirus. From there, you’ll implement back-up storage strategies, monitor and capture network activity using a variety of open-source tools, and learn tips to efficiently manage your security. By the end of this book, you’ll be armed with the skills necessary to effectively secure your small network with whatever resources you have available.

Table of contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Author
  6. Brief Contents
  7. Contents in Detail
  8. Acknowledgments
  9. Introduction
    1. How to Use This Book: What to Expect
    2. Recommended (But Not Required) Knowledge
    3. Recommended Hardware
    4. Summary
  10. 1: Getting Started with a Base Linux System and Network Map
    1. Linux Operating Systems
      1. #1: Creating an Ubuntu Virtual Machine
      2. Hypervisor Options
      3. VMware Workstation and VMware Player for Windows
      4. VMware Fusion and VMware Fusion Player for macOS
      5. VirtualBox
        1. #2: Creating a Physical Linux System
      6. Bootable USB on Windows
      7. Bootable USB on macOS
      8. Using the Bootable USB
        1. #3: Creating a Cloud-Based Linux System
    2. Finalizing the Linux Installation
    3. Hardening Your Ubuntu System
      1. #4: Installing System Packages
      2. #5: Managing Linux Users
      3. #6: Securing Remote Access
      4. Generating SSH Keys
      5. Remote Login with SSH
        1. #7: Capturing VM Configurations
      6. Taking Snapshots in VMware
      7. Taking Snapshots in VirtualBox
    4. Network Topology
      1. #8: Checking Your IP Address
      2. On Windows
      3. On a Mac
      4. On Linux
        1. #9: Creating a Network Map
        2. #10: Transferring Files
    5. Summary
  11. 2: Architecting and Segmenting Your Network
    1. Network Devices
      1. Hubs
      2. Switches
      3. Routers
    2. Creating Trust Zones
      1. Physical Segmentation
      2. Logical Segmentation
        1. #11: Segmenting Your Network
      3. Ethernet Segmentation
    3. Summary
  12. 3: Filtering Network Traffic with Firewalls
    1. Types of Firewalls
    2. iptables
      1. #12: Installing iptables
      2. iptables Firewall Rules
      3. Configuring iptables
      4. Logging iptables Behavior
    3. pfSense
      1. #13: Installing the pfSense Firewall
      2. Hardening pfSense
      3. pfSense Firewall Rules
        1. #14: Testing Your Firewall
    4. Summary
  13. 4: Securing Wireless Networks
    1. #15: Disabling IPv6
    2. #16: Limiting Network Devices
    3. Creating an Asset List
    4. Static IP Addressing
    5. MAC Address Filtering
      1. #17: Segmenting Your Network
      2. #18: Configuring Wireless Authentication
    6. WEP
    7. WPA/WPA2
    8. WPA3
    9. Summary
  14. 5: Creating a Virtual Private Network
    1. Drawbacks of Third-Party VPNs and Remote Access Services
    2. OpenVPN
    3. EasyRSA
    4. Wireguard
      1. #19: Creating a VPN with OpenVPN
      2. Set Up the Certificate Authority
      3. Create the OpenVPN Server Certificate and Key
      4. Configure OpenVPN
        1. #20: Creating a VPN with Wireguard
      5. Installing Wireguard
      6. Set Up the Key Pairs
      7. Configure Wireguard
    5. Test Your VPN
    6. Summary
  15. 6: Improving Browsing and Privacy with the Squid Proxy
    1. Why Use a Proxy?
      1. #21: Setting Up Squid
      2. Configuring Squid
      3. Configuring Devices to Use Squid
      4. Testing Squid
      5. Blocking and Allowing Domains
      6. Protecting Personal Information with Squid
      7. Disabling Caching for Specific Sites
    2. Squid Proxy Reports
    3. Summary
  16. 7: Blocking Internet Advertisements
    1. Browser-Level Ad Blocking
      1. #22: Blocking Ads in Google Chrome
      2. #23: Blocking Ads in Mozilla Firefox
      3. #24: Controlling Brave’s Privacy Settings
      4. #25: Blocking Ads with Pi-Hole
      5. Configure Pi-Hole
      6. Using Pi-Hole
      7. Configure DNS on Your Endpoints
    2. Summary
  17. 8: Detecting, Removing, and Preventing Malware
    1. Microsoft Defender for Windows
    2. Choosing Malware Detection and Antivirus Tools
      1. Antivirus Farm
      2. Signatures and Heuristics
        1. #26: Installing Avast on macOS
        2. #27: Installing ClamAV on Linux
        3. #28: Using VirusTotal
        4. #29: Managing Patches and Updates
      3. Windows Update
      4. macOS Software Update
      5. Linux Updates with apt
        1. #30: Installing Automox
      6. Installing Automox
      7. Using Automox
    3. Summary
  18. 9: Backing Up Your Data
    1. Backup Types
    2. Devising a Backup Schedule
    3. Onsite and Offsite Backups
    4. What to Back Up and What Storage to Use
      1. #31: Using Windows Backup
      2. #32: Using Windows Backup and Restore
      3. #33: Using macOS Time Machine
      4. #34: Using Linux duplicity
      5. Creating Local Backups with duplicity
      6. Creating Network Backups with duplicity
      7. Restoring duplicity Backups
      8. Additional duplicity Considerations
    5. Cloud Backup Solutions
      1. Backblaze
      2. Carbonite
    6. Virtual Machine Snapshots
    7. Testing and Restoring Backups
    8. Summary
  19. 10: Monitoring Your Network with Detection and Alerting
    1. Network Monitoring Methods
      1. Network Traffic Access Points
      2. Switch Port Analyzers
        1. #35: Configuring a SPAN Port
    2. Security Onion
      1. #36: Building a Security Onion System
      2. Installing Security Onion
        1. #37: Installing Wazuh
      3. Installing Wazuh on Windows
      4. Installing Wazuh on macOS
      5. Installing Wazuh on Linux
        1. #38: Installing osquery
      6. Installing osquery on Windows
      7. Installing osquery on macOS
      8. Installing osquery on Linux
    3. A Network Security Monitoring Crash Course
      1. Using osquery
      2. Using Wazuh
      3. Using Security Onion as a SIEM Tool
    4. Summary
  20. 11: Tips for Managing User Security on Your Network
    1. Passwords
      1. Password Managers
      2. Password Breach Detection
    2. Multifactor Authentication
    3. Browser Plug-ins
      1. Adblock Plus
      2. Ghostery
      3. HTTPS Everywhere
    4. Internet of Things Considerations
    5. Additional Resources
    6. Summary
  21. Index

Product information

  • Title: Cybersecurity for Small Networks
  • Author(s): Seth Enoka
  • Release date: November 2022
  • Publisher(s): No Starch Press
  • ISBN: 9781718501485