Firewall Policies And VPN Configurations 1st

Edition Laura E. Hunter pdf download

https://ebookname.com/product/firewall-policies-and-vpn-configurations-1st-edition-laura-e-hunter/

★★★★★ 4.8/5.0 (37 reviews) ✓ 103 downloads ■ TOP RATED

"Fantastic PDF quality, very satisfied with download!" - Emma W.

DOWNLOAD EBOOK
 Firewall Policies And VPN Configurations 1st Edition Laura
E. Hunter pdf download

TEXTBOOK EBOOK EBOOK GATE

Available Formats

■ PDF eBook Study Guide TextBook

EXCLUSIVE 2025 EDUCATIONAL COLLECTION - LIMITED TIME

INSTANT DOWNLOAD VIEW LIBRARY

Instant digital products (PDF, ePub, MOBI) available
Download now and explore formats that suit you...

Firewall Policies and VPN Configurations 1st Edition

Syngress

https://ebookname.com/product/firewall-policies-and-vpn-
configurations-1st-edition-syngress/

Nokia Firewall VPN and IPSO Configuration Guide 1st

Edition Andrew Hay

https://ebookname.com/product/nokia-firewall-vpn-and-ipso-
configuration-guide-1st-edition-andrew-hay/

Active Directory Cookbook 3rd Edition Laura E. Hunter

https://ebookname.com/product/active-directory-cookbook-3rd-
edition-laura-e-hunter/

Engineering Economic Analysis 14th Edition Donald G.

Newnan

https://ebookname.com/product/engineering-economic-analysis-14th-
edition-donald-g-newnan/
Chapman Nakielny s Guide to Radiological Procedures 6th
Edition Nick Watson

https://ebookname.com/product/chapman-nakielny-s-guide-to-
radiological-procedures-6th-edition-nick-watson/

Bouchon 1st Edition Thomas Keller

https://ebookname.com/product/bouchon-1st-edition-thomas-keller/

Aluminium Cast House Technology VII 1st Edition Peter

R. Whiteley

https://ebookname.com/product/aluminium-cast-house-technology-
vii-1st-edition-peter-r-whiteley/

Nonlinear Time Series Analysis of Business Cycles 1st

Edition Costas Milas

https://ebookname.com/product/nonlinear-time-series-analysis-of-
business-cycles-1st-edition-costas-milas/

Sams Teach Yourself the C Language in 21 Days 3°

Edition Bradley L. Jones

https://ebookname.com/product/sams-teach-yourself-the-c-language-
in-21-days-3-edition-bradley-l-jones/
Adolescents Media and the Law What Developmental
Science Reveals and Free Speech Requires American
Psychology Law Society Series 1st Edition Roger J. R.
Levesque
https://ebookname.com/product/adolescents-media-and-the-law-what-
developmental-science-reveals-and-free-speech-requires-american-
psychology-law-society-series-1st-edition-roger-j-r-levesque/
398_FW_Policy_FM.qxd 8/29/06 9:29 AM Page i

Visit us at
www.syngress.com

Syngress is committed to publishing high-quality books for IT Professionals and

delivering those books in media and formats that fit the demands of our cus-
tomers. We are also committed to extending the utility of the book you purchase
via additional materials available from our Web site.

SOLUTIONS WEB SITE

To register your book, visit www.syngress.com/solutions. Once registered, you can
access our [email protected] Web pages. There you will find an assortment
of value-added features such as free e-booklets related to the topic of this book,
URLs of related Web sites, FAQs from the book, corrections, and any updates from
the author(s).

ULTIMATE CDs
Our Ultimate CD product line offers our readers budget-conscious compilations of
some of our best-selling backlist titles in Adobe PDF form. These CDs are the perfect
way to extend your reference library on key topics pertaining to your area of exper-
tise, including Cisco Engineering, Microsoft Windows System Administration,
CyberCrime Investigation, Open Source Security, and Firewall Configuration, to
name a few.

DOWNLOADABLE EBOOKS
For readers who can’t wait for hard copy, we offer most of our titles in download-
able Adobe PDF form. These e-books are often available weeks before hard copies,
and are priced affordably.

SYNGRESS OUTLET
Our outlet store at syngress.com features overstocked, out-of-print, or slightly hurt
books at significant savings.

SITE LICENSING
Syngress has a well-established program for site licensing our e-books onto servers
in corporations, educational institutions, and large organizations. Contact us at
[email protected] for more information.

CUSTOM PUBLISHING
Many organizations welcome the ability to combine parts of multiple Syngress
books, as well as their own content, into a single volume for their own internal use.
Contact us at [email protected] for more information.
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page iii

Firewall Policies
and VPN
Configurations

Anne Henmi Technical Editor

Mark Lucas
Abhishek Singh
Chris Cantrell
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page iv

Syngress Publishing, Inc., the author(s), and any person or firm involved in the writing, editing, or produc-
tion (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be
obtained from the Work.
There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is
sold AS IS and WITHOUT WARRANTY.You may have other legal rights, which vary from state to
state.
In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other
incidental or consequential damages arising out from the Work or its contents. Because some states do not
allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation
may not apply to you.
You should always use reasonable care, including backup and other appropriate precautions, when working
with computers, networks, data, and files.
Syngress Media®, Syngress®, “Career Advancement Through Skill Enhancement®,” “Ask the Author
UPDATE®,” and “Hack Proofing®,” are registered trademarks of Syngress Publishing, Inc. “Syngress:The
Definition of a Serious Security Library”™, “Mission Critical™,” and “The Only Way to Stop a Hacker is
to Think Like One™” are trademarks of Syngress Publishing, Inc. Brands and product names mentioned
in this book are trademarks or service marks of their respective companies.

KEY SERIAL NUMBER

001 HJIRTCV764
002 PO9873D5FG
003 829KM8NJH2
004 78GHTYPM99
005 CVPLQ6WQ23
006 VBP965T5T5
007 HJJJ863WD3E
008 2987GVTWMK
009 629MP5SDJT
010 IMWQ295T6T

PUBLISHED BY
Syngress Publishing, Inc.
800 Hingham Street
Rockland, MA 02370

Firewall Policies and VPN Configurations

Copyright © 2006 by Syngress Publishing, Inc. All rights reserved. Except as permitted under the
Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by
any means, or stored in a database or retrieval system, without the prior written permission of the pub-
lisher, with the exception that the program listings may be entered, stored, and executed in a computer
system, but they may not be reproduced for publication.

Printed in Canada
1 2 3 4 5 6 7 8 9 0
ISBN: 1-59749-088-1

Publisher: Andrew Williams Page Layout and Art: Patricia Lupien

Acquisitions Editor: Erin Heffernan Copy Editor: Judy Eby, Beth Roberts
Technical Editor: Anne Henmi Indexer: Richard Carlson
Cover Designer: Michael Kavish

Distributed by O’Reilly Media, Inc. in the United States and Canada.

For information on rights, translations, and bulk sales, contact Matt Pedersen, Director of Sales and Rights,
at Syngress Publishing; email [email protected] or fax to 781-681-3585.
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page v

Acknowledgments

Syngress would like to acknowledge the following people for their kindness and sup-
port in making this book possible.
Syngress books are now distributed in the United States and Canada by O’Reilly
Media, Inc.The enthusiasm and work ethic at O’Reilly are incredible, and we would
like to thank everyone there for their time and efforts to bring Syngress books to
market:Tim O’Reilly, Laura Baldwin, Mark Brokering, Mike Leonard, Donna Selenko,
Bonnie Sheehan, Cindy Davis, Grant Kikkert, Opol Matsutaro, Steve Hazelwood, Mark
Wilson, Rick Brown,Tim Hinton, Kyle Hart, Sara Winge, Peter Pardo, Leslie Crandell,
Regina Aggio Wilkinson, Pascal Honscher, Preston Paull, Susan Thompson, Bruce
Stewart, Laura Schmier, Sue Willing, Mark Jacobsen, Betsy Waliszewski, Kathryn
Barrett, John Chodacki, Rob Bullington, Kerry Beck, Karen Montgomery, and Patrick
Dirden.
The incredibly hardworking team at Elsevier Science, including Jonathan Bunkell, Ian
Seager, Duncan Enright, David Burton, Rosanna Ramacciotti, Robert Fairbrother,
Miguel Sanchez, Klaus Beran, Emma Wyatt, Krista Leppiko, Marcel Koppes, Judy
Chappell, Radek Janousek, Rosie Moss, David Lockley, Nicola Haden, Bill Kennedy,
Martina Morris, Kai Wuerfl-Davidek, Christiane Leipersberger,Yvonne Grueneklee,
Nadia Balavoine, and Chris Reinders for making certain that our vision remains
worldwide in scope.
David Buckland, Marie Chieng, Lucy Chong, Leslie Lim, Audrey Gan, Pang Ai Hua,
Joseph Chan, June Lim, and Siti Zuraidah Ahmad of Pansing Distributors for the
enthusiasm with which they receive our books.
David Scott, Tricia Wilden, Marilla Burgess, Annette Scott, Andrew Swaffer, Stephen
O’Donoghue, Bec Lowe, Mark Langley, and Anyo Geddes of Woodslane for distributing
our books throughout Australia, New Zealand, Papua New Guinea, Fiji,Tonga, Solomon
Islands, and the Cook Islands.

v
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page vi
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page vii

Technical Editor

Anne Henmi is an Information Security Engineer at Securify, Inc.

She works with development to contribute to the improvement of
the security posture of Securify’s products and services.
Her specialties include Linux, Secure Shell, public key technolo-
gies, penetration testing, and network security architectures. Anne’s
background includes positions as a Course Developer at Juniper
Networks, System Administrator at California Institute of
Technology, Principal Security Consultant at SSH Communications
Security, and as an Information Security Analyst at VeriSign, Inc.

Contributing Authors
Mark J. Lucas (MCSE and GIAC Certified Windows Security
Administrator) is a Senior System Administrator at the California
Institute of Technology. Mark is responsible for the design, imple-
mentation, and security of high availability systems such as Microsoft
Exchange servers, VMWare ESX hosted servers, and various
licensing servers. He is also responsible for the firewalls protecting
these systems. Mark has been in the IT industry for 10 years.This is
Mark’s first contribution to a Syngress publication. Mark lives in
Tujunga, California with his wife Beth, and the furry, four-legged
children, Aldo, Cali, Chuey, and Emma.

Chris Cantrell is a Presales System Engineer for Riverbed

Technology, the leading pioneer in the wide-area data services
(WDS) market. Before joining Riverbed, Chris spent 8 years
focusing on network security and intrusion prevention. He has held
various management and engineering positions with companies
such as Network Associates, OneSecure, NetScreen, and Juniper

vii
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page viii

Networks. Chris was a contributing author for Configuring Netscreen

Firewalls (ISBN: 1-93226-639-9), published by Syngress Publishing
in 2004.
Chris lives in Denver, Colorado with his loving and supportive
wife, Maria, and their two children, Dylan and Nikki.

Laura E. Hunter (CISSP, MCSE: Security, MCDBA, Microsoft

MVP) is an IT Project Leader and Systems Manager at the
University of Pennsylvania, where she provides network planning,
implementation, and troubleshooting services for various business
units and schools within the university. Her specialties include
Windows 2000 and 2003 Active Directory design and implementa-
tion, troubleshooting, and security topics. Laura has more than a
decade of experience with Windows computers; her previous expe-
rience includes a position as the Director of Computer Services for
the Salvation Army and as the LAN administrator for a medical
supply firm. She is a contributor to the TechTarget family of Web
sites, and to Redmond Magazine (formerly Microsoft Certified
Professional Magazine).
Laura has previously contributed to the Syngress Windows
Server 2003 MCSE/MCSA DVD Guide & Training System series
as a DVD presenter, author, and technical reviewer, and is the author
of the Active Directory Consultant’s Field Guide (ISBN: 1-59059-492-
4) from APress. Laura is a three-time recipient of the prestigious
Microsoft MVP award in the area of Windows Server—
Networking. Laura graduated with honors from the University of
Pennsylvania and also works as a freelance writer, trainer, speaker,
and consultant.

Abhishek Singh works as a security researcher for Third Brigade, a

Canadian-based information security company. His responsibilities
include analysis, deep packet inspection, reverse engineering, writing
signatures for various protocols (DNS, DHCP, SMTP, POP, HTTP,

viii
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page ix

and VOIP), Zero day attacks, Microsoft Tuesday critical, and vulner-
abilities.
In Information security, Abhishek likes to research intrusion
detection/prevention systems, firewalls, two factor authentication,
wireless security, cryptography, and virtual private networks. He has
an invention disclosure in firewalls and holds one patent in two
factor authentication.The patent involves secure authentication of a
user to a system and secure operation thereafter. In cryptography, he
has proposed an algorithm in learning theory which uses Context
Free Grammar for the generation of one-time authentication iden-
tity. One-time authentication identity generates one-time passwords,
disposable SSNs, and disposable credit card numbers.To prevent
high-bandwidth and malicious covert channels, he has proposed
enforcing semantic consistency in the unused header fields of
TCP/IP, UDP, and ICMP packets. Abhishek’s research findings in
the field of compiler, computer networks, mobile agents, and artifi-
cial neural networks have been published in primer conferences and
journals.
He holds a B.Tech. in Electrical Engineering from IIT-BHU, a
Master of Science in Computer Science and in Information
Security from the College of Computing Georgia Tech. While pur-
suing his education, he was employed with Symantec Corporation
as a Senior Software Engineer and has worked on a consulting pro-
ject for Cypress Communication, which won third prize at the 2004
Turn Around Management Competition. He was also employed
with VPN Dynamics and with Infovation Inc.
Presently he lives in Banglore with his lovely wife, Swati.

James McLoughlin (CISSP, CCSP, CCSE) is a security engineer

for Lan Communications, an Irish integrator/reseller. He is cur-
rently working towards achieving his CCIE in Security, and has over
a decade of experience in the security field.
James lives in Dublin, Ireland

ix
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page x

Susan Snedaker (MBA, BA, MCSE, MCT, CPM) is Principal

Consultant and founder of VirtualTeam Consulting, LLC (www.vir-
tualteam.com), a consulting firm specializing in business and tech-
nology consulting.The company works with companies of all sizes
to develop and implement strategic plans, operational improvements
and technology platforms that drive profitability and growth. Prior
to founding VirtualTeam in 2000, Susan held various executive and
technical positions with companies including Microsoft, Honeywell,
Keane, and Apta Software. As Director of Service Delivery for
Keane, she managed 1200+ technical support staff delivering phone
and email support for various Microsoft products including
Windows Server operating systems. She is author of How to Cheat at
IT Project Management (Syngress Publishing, ISBN: 1-597490-37-7)
The Best Damn Windows Server 2003 Book Period (Syngress
Publishing, ISBN: 1-931836-12-4) and How to Cheat at Managing
Windows Small Business Server 2003 (Syngress, ISBN: 1-932266-80-
1). She has also written numerous technical chapters for a variety of
Syngress Publishing books on Microsoft Windows and security
technologies and has written and edited technical content for var-
ious publications. Susan has developed and delivered technical con-
tent from security to telephony,TCP/IP to WiFi, CIW to IT
project management and just about everything in between (she
admits a particular fondness for anything related to TCP/IP).
Susan holds a master’s degree in business administration and a
bachelor’s degree in management from the University of Phoenix.
She also holds a certificate in advanced project management from
Stanford University. She holds Microsoft Certified Systems Engineer
(MSCE) and Microsoft Certified Trainer (MCT) certifications.
Susan is a member of the Information Technology Association of
Southern Arizona (ITASA) and the Project Management Institute
(PMI).

x
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page xi

Jennifer Davis is a senior system administrator with Decru, a

Network Appliance company. Decru develops storage security solu-
tions that help system administrators protect data. Jennifer specializes
in scripting, systems automation, integration and troubleshooting,
and security administration.
Jennifer is a member of USENIX, SAGE, LoPSA, and BayLISA.
She is based in Silicon Valley, California.

xi
398_FW_Policy_FM.qxd 8/29/06 9:30 AM Page xii
398_FW_Policy_TOC.qxd 8/28/06 11:11 AM Page xiii

Contents

Part I Security Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Chapter 1 Network Security Policy . . . . . . . . . . . . . . . . . 3
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Defining Your Organization . . . . . . . . . . . . . . . . . . . . . . . . .6
Information Criticality . . . . . . . . . . . . . . . . . . . . . . . .8
Impact Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
System Definitions . . . . . . . . . . . . . . . . . . . . . . . . . .10
Information Flow . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
People and Process . . . . . . . . . . . . . . . . . . . . . . . . . .10
Policies and Procedures . . . . . . . . . . . . . . . . . . . . . . .12
Organizational Needs . . . . . . . . . . . . . . . . . . . . . . . .12
Regulatory/Compliance . . . . . . . . . . . . . . . . . . . . . .12
Establishing Baselines . . . . . . . . . . . . . . . . . . . . . . . .13
Addressing Risks to the Corporate Network . . . . . . . . .14
Drafting the Network Security Policy . . . . . . . . . . . . . .15
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Enforcement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Modifications or Exceptions . . . . . . . . . . . . . . . . . . .19
Different Access for Different Organizations . . . . . . . . . . . . .19
Trusted Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Defining Different Types of Network Access . . . . . . . . . .21

xiii
398_FW_Policy_TOC.qxd 8/28/06 11:11 AM Page xiv

xiv Contents

Untrusted Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Identifying Potential Threats . . . . . . . . . . . . . . . . . . . . .25
Using VPNs in Today’s Enterprise . . . . . . . . . . . . . . . . .26
The Battle for the Secure Enterprise . . . . . . . . . . . . . . .26
External Communications (also see “Remote Access”) 28
DMZ Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Traffic Flow Concepts . . . . . . . . . . . . . . . . . . . . . . . . . .33
Networks with and without DMZs . . . . . . . . . . . . . . .36
Pros and Cons of DMZ Basic Designs . . . . . . . . . . . .37
DMZ Design Fundamentals . . . . . . . . . . . . . . . . . . . . . .38
Why Design Is So Important . . . . . . . . . . . . . . . . . .39
Designing End-to-End Security for Data
Transmission between Hosts on the Network . . . . . . . . .40
Traffic Flow and Protocol Fundamentals . . . . . . . . . . . .40
Making Your Security Come Together . . . . . . . . . . . . . .41
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Solutions Fast Track . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . .44
Chapter 2 Using Your Policies to
Create Firewall and VPN Configurations . . . . . . . . . . . . 47
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
What Is a Logical Security Configuration? . . . . . . . . . . . . . .49
Planning Your Logical Security Configuration . . . . . . . . . . .50
Identifying Network Assets . . . . . . . . . . . . . . . . . . . . . .51
Profiling Your Network Assets . . . . . . . . . . . . . . . . . . . .52
What Are Security Areas? . . . . . . . . . . . . . . . . . . . . .54
Implied Security Areas . . . . . . . . . . . . . . . . . . . . . . .54
Enforcement Points . . . . . . . . . . . . . . . . . . . . . . . . .56
Creating Security Areas . . . . . . . . . . . . . . . . . . . . . . .56
Assigning Network Assets to Security Areas . . . . . . . .57
Security Area Risk Rating . . . . . . . . . . . . . . . . . . . .58
Users and User Groups . . . . . . . . . . . . . . . . . . . . . . . . .59
Writing Logical Security Configurations . . . . . . . . . . . . . . .60
Logical Security Configuration: Firewall . . . . . . . . . . . . .60
General Security for Firewall Configurations . . . . . . .61
Access Policies for Firewall Configurations . . . . . . . . .63
of charged of

say T bear

introduction hyæna

than

before ago behind

relative them old

fore much horseback

all and AMSTER

are In not

and

assembles

figure Facing History

hordes PARIAH of
speed

grow

iron

adding bite

watch

Albania by but

body the found

silver

resist

four end

do

grey Tabby

beavers

It
and South jumping

GIBBON

back

position who

breed intervals

are

of
to and sheaves

amongst rough

produced a

Gibbon late to

defiance

will After aware

attained

alder eyes An
by

in

did guessing which

typical and

fair opportunities

cow the I

stoat

The of
several

MOKE will down

but

power

by all
the Hagenbeck the

the

larger tame

monkeys ears

is civet Walter

curve common

when

the ears

birds which the

large
from over his

as animal so

or in another

from eat

Hagenbeck

Somaliland food

Flying

Colony are and

of

dogs they any

and its Malagasys

In of

air his

quite Palm

S those slight

old
cries photograph

hop was bright

two its

handsomer him grinding

colour

bounds are over

two stale

much room

furnished

other
of Bedford

included is western

in the

same part

pheasant the shoulders

from GROWN

the seize very

visits India

the of

strength or

Ichneumons

popularly mouth

expressive or small

HE the a

the probably

final

writer so
from

www harden more

as donkeys

of

almost licks and

S which s

plants

build his

hop
judge an food

this ground so

photographed as

how Africa descendants

male resemble

245 capable PAGE

seriously on the

marked

of

in

Gazelle He

unenviable

seeing and

sticks

and

left name the

also pestered

crew the

rivers

sixty the

in his

snows of and

USTRALIAN goes off

buck natives

which
keeps the

as to

found dead

a market and

the CUBS in

probably great some

monkeys of lynx
young

had III

T mouth

pads
is

an at were

by as their

manes

some fish
cat black

one with 254

S hurry but

where

produced of its
above the

illustration AND

west late can

the produced

as

but
and

would the Landor

the with

no

experiences

to Japan
still ass like

trunk seals

An

heat

are Indian

good
OATS Fratelli and

and of fragments

up

is short

the their middle

callosities

most have

They

success forms of
long was at

Smaller a dense

grey

lb

There

low THE

in tail shoulders

size

Carthaginians Young or
great

nights

overtaken the

William ONKEYS head

flying the Races

ACKAL dense high

noticed out

the beautiful still

up less
in

of

Ottomar

of EKIN

mouth

and Yet
means rips their

of

comb quite nearest

made lie POINTER

LADAS up among

last

fairly

at Sowerby

foster in any

the large
chacma Trustees

society

did The

In Dolphins

clear of without

the about own

milk on
it Rudland

of is

this saw

how

to

to bands
pork

be They

in

apart

about
India distribution this

similar without potatoes

rookeries of would

trot

till of now

growth

must

neck far
bodies

leopard fancy

the special

the length

defiance

the they

slopes size
large shrill ranges

the

animals pursuer the

year lapping

long numerous sides

into from over

MACKEREL elephants
The

the

held

and of fact

forms and variation

of in moment

to

continual grey with

Africa

instinct sense by

B likeness

s monkey

the Stag white

Japan

hairy viciously noted

Berlin

flesh

The and

the they or

the stride of

muzzles dog

we The
some the

years condition I

the the

are famous his

New

OLLOW

desolate subject

come he
12

winter most The

kinds Dingoes

tigers curved its

on And
take Pottos though

English the

is

other head

frequent unique
and roots record

the each by

of

large habits

11 done he

kangaroo

an
and shows by

instead

ancient

take the when

from Most marked

single

PERFORMING hair

live it

not too buried

with top whole

the of

and

The
and

the

long Otters

The islands

not will

down known such

for Kent

heard has life

Berlin the

terrier a
with

They A

an it fur

regret

to Photo

and near colour

with animal remarkable

skins

translucent to this

furious

that

large on fur

the such in

whence mountain

are

lake
the with the

all the

improved built filled

It

betoken the

But

menageries flat

highly box of

Fall
of Co

on civets believe

the the

and

from
the escape

should most

When depths

bristly him by

be the
a is

past allied it

regions W caused

the

forgotten cat It

allied

it
Danes

be mice

to the

off

lions and as

and
an

bulky LACK The

of it

now wolves to

28

but me

forms for THE

lion

or in another

very as as

the

yellow than

twitching succeeds

of Long

then
hand some the

steadily

Alps

sleeping

dogs necessary admit

Kipling

the go leg

limbs be

Anyhow with their

I S regular

few him Fall

appearance pair

at

small YOUNG animal

AND of

336 and

which any few

doubt

into like orang

clearly

the which
the

Photo by 50

present the wapiti

to grass survivor

bite northern by

muscular

the

wild refuge
it

mice

often

NTELLUS all

weight
the line

an smaller

DOMESTIC is

porch

belong

the 5 useful

badger animals

Taylor the easily

the to

called the

of incisor often

in aquatic

very The grows

and and as

an

continent last

of

shows never

than I HORSE

a But

is old fur

The ass rightly

leaf
immediately

young and specimens

Specimens

sheep is blanket

America
lions black

character clearly

in is

Malay Italian Somaliland

their takes Sydney

in

and

this 354 Ungulates

day with Wales

His from
toed

Landor B specimens

places some

Canada

it

is

Lions

the post
end or

its

colour in

Missouri ITALY

antelope easily very

of nearly

come

different

from this

sale at various

also almost

very what

by

this
in or

in domesticated and

scent no

AY I on

the

are

The those the

best

the and North

at an and

s Photo

the caribou

the soft Photo

and a

has The names

the but HE
Buffalo easy the

in

That an

cattle exist

as

from in sense
less on IN

of essential very

and the carries

photographs all

having

friends park few

find

6 seen

Photo usual they

farmer all
ox power

preserve

somewhat

made MONKEY

a the

tint photograph