fm.htm

来自「Maximum Security (First Edition) 网络安全 英文」· HTM 代码 · 共 372 行 · 第 1/2 页

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>

<HEAD>
	
	<TITLE>Maximum Security -- Introduction </TITLE>
</HEAD>

<BODY TEXT="#000000" BGCOLOR="#FFFFFF">

<CENTER>
<H1><IMG SRC="../button/samsnet.gif" WIDTH="171" HEIGHT="66" ALIGN="BOTTOM" BORDER="0"></H1>
</CENTER>
<CENTER>
<P><A HREF="../ch01/ch01.htm"><IMG SRC="../button/next.gif" WIDTH="128" HEIGHT="28"
ALIGN="BOTTOM" ALT="Next chapter" BORDER="0"></A><A HREF="../index.htm"><IMG SRC="../button/contents.gif"
WIDTH="128" HEIGHT="28" ALIGN="BOTTOM" ALT="Contents" BORDER="0"></A> 
<HR>

</CENTER>
<CENTER>
<H1></H1>

<H1><FONT COLOR="#000077">Maximum Security: <BR>
A Hacker's Guide to Protecting Your Internet Site and Network</FONT></H1>
</CENTER>
<H2><FONT COLOR="#000077">Dedication</FONT></H2>
<CENTER>
<P><I>This book is dedicated to Michelle, whose presence has rendered me a prince
among men.</I></P>
</CENTER>
<P>
<P>
<H2><FONT COLOR="#000077">Acknowledgments</FONT></H2>
<P>My acknowledgments are brief. First, I would like to acknowledge the folks at
Sams, particularly Randi Roger, Scott Meyers, Mark Taber, Blake Hall, Eric Murray,
Bob Correll, and Kate Shoup. Without them, my work would resemble a tangled, horrible
mess. They are an awesome editing team and their expertise is truly extraordinary.</P>
<P>Next, I extend my deepest gratitude to Michael Michaleczko, and Ron and Stacie
Latreille. These individuals offered critical support, without which this book could
not have been written.</P>
<P>Also, I would like to recognize the significant contribution made by John David
Sale, a network security specialist located in Van Nuys, California. His input was
invaluable. A similar thanks is also extended to Peter Benson, an Internet and EDI
Consultant in Santa Monica, California (who, incidentally, is the current chairman
of ASC X12E). Peter's patience was (and is) difficult to fathom. Moreover, I forward
a special acknowledgment to David Pennells and his merry band of programmers. Those
cats run the most robust and reliable wire in the southwestern United States.
<H2><FONT COLOR="#000077">About the Author</FONT></H2>
<P>The author describes himself as a &quot;UNIX propeller head&quot; and is a dedicated
advocate of the Perl programming language, Linux, and FreeBSD.</P>
<P>After spending four years as a system administrator for two California health-care
firms, the author started his own security-consulting business. Currently, he specializes
in testing the security of various networking platforms (breaking into computer networks
and subsequently revealing what holes lead to the unauthorized entry) including but
not limited to Novell NetWare, Microsoft Windows NT, SunOS, Solaris, Linux, and Microsoft
Windows 95. His most recent assignment was to secure a wide area network that spans
from Los Angeles to Montreal.</P>
<P>The author now lives quietly in southern California with a Sun SPARCStation, an
IBM RS/6000, two Pentiums, a Macintosh, various remnants of a MicroVAX, and his wife.</P>
<P>In the late 1980s, the author was convicted of a series of financial crimes after
developing a technique to circumvent bank security in Automatic Teller Machine systems.
He therefore prefers to remain anonymous.
<H3><FONT COLOR="#000077">Tell Us What You Think!</FONT></H3>
<P>As a reader, you are the most important critic and commentator of our books. We
value your opinion and want to know what we're doing right, what we could do better,
what areas you'd like to see us publish in, and any other words of wisdom you're
willing to pass our way. You can help us make strong books that meet your needs and
give you the computer guidance you require.</P>
<P>Do you have access to the World Wide Web? Then check out our site at <A HREF="http://www.mcp.com"><TT>http://www.mcp.com</TT></A>.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>NOTE:</B></FONT><B> </B>If you have a technical question
	about this book, call the technical support line at 317-581-3833 or send e-mail to
	<A HREF="mailto:suppor@mcp.com"><TT>suppor@mcp.com</TT></A>.
<HR>


</BLOCKQUOTE>

<P>As the team leader of the group that created this book, I welcome your comments.
You can fax, e-mail, or write me directly to let me know what you did or didn't like
about this book--as well as what we can do to make our books stronger. Here's the
information:</P>

<P>FAX: 317-581-4669<BR>
</P>

<P>E-mail: </P>

<P>Mark Taber<BR>
<A HREF="mailto:newtech_mgr@sams.mcp.com"><TT>newtech_mgr@sams.mcp.com</TT></A><TT></TT></P>

<P>Mail: </P>

<P>Mark Taber<BR>
Comments Department<BR>
Sams Publishing<BR>
201 W. 103rd Street<BR>
Indianapolis, IN 46290
<H2><FONT COLOR="#000077">Introduction</FONT></H2>
<P>I want to write a few words about this book and how it should be used. This book
is not strictly an instructional, or &quot;How To&quot; book. Its purpose is to get
you started on a solid education in Internet security. As such, it is probably constructed
differently from any computer book you have ever read.</P>
<P>Although this book cannot teach you everything you need to know, the references
contained within this book can. Therefore, if you know very little about Internet
security, you will want to maximize the value of this book by adhering to the following
procedure:</P>
<P>Each chapter (except early ones that set the stage) contains intermittent references
that might point to white papers, technical reports, or other sources of solid, reliable
information of substance (pertaining to the topic at hand). Those references appear
in boxes labeled <I>XREF.</I> As you encounter each source, stop for a moment to
retrieve that source from the Net. After you retrieve the source, read it, then continue
reading the book. Throughout the book, perform this operation whenever and wherever
applicable. If you do so, you will finish with a very solid basic education on Internet
security.</P>
<P>I have constructed this book in this manner because Internet security is not a
static field; it changes rapidly. Nonetheless, there are certain basics that every
person interested in security must have. Those basics are not contained (in their
entirety) in any one book (perhaps not even in dozens of them). The information is
located on the Internet in the form of documents written by authorities on the subject.
These are the people who either designed and developed the Internet or have designed
and developed its security features. The body of their work is vast, but each paper
or technical report is, at most, 40 pages in length (most are fewer than 10).</P>
<P>Those readers who want only a casual education in Internet security may read the
book without ever retrieving a single document from the Internet. But if you are
searching for something more, something <I>deeper</I>, you can obtain it by adhering
to this procedure.</P>
<P>If you choose to use the book as a reference tool in the manner I have described,
there are certain conventions that you need to know. If the resource you have been
directed to is a tool, consider downloading it even if it is not for your platform.
With a proper archive tool (like Winzip), you can extract the documents that accompany
the distribution of that tool. Such documents often contain extremely valuable information.
For example, the now famous scanner named <I>SATAN</I> (made expressly for UNIX)
contains security tutorials in HTML. These do not require that you have UNIX (in
fact, all they require is a browser). Likewise, many other tools contain documents
in PDF, TXT, DOC, PS, and other formats that are readable on any platform.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>TIP:</B></FONT><B> </B>SATAN is a special case. Some of
	the tutorials are in HTML but have <TT>*.PL</TT> extensions. These extensions are
	used to signify documents that are written in Perl. If you do not have Perl installed,
	convert these documents to raw HTML. To do so, open them in a text editor and replace
	the first line (<TT>&lt;&lt; HTML</TT>) with <TT>&lt;HTML&gt;</TT>. Then rename the
	file with either an <TT>*.HTM</TT> or an <TT>*.HTML</TT> extension. From that point
	on, your browser will load the pages perfectly.
<HR>


</BLOCKQUOTE>

<P>Also, note that many of the Internet documents referenced in this book are available
in PostScript form only. PostScript is a wonderful interpreted language that draws
graphics and text. It is used primarily in technical fields. To view some of these
documents, therefore, you will require a PostScript reader (or interpreter). If you
do not already have Adobe Illustrator or some other proprietary PostScript package,
there are two leading utilities:

<UL>
	<LI>Rops
	<LI>Ghostscript/Ghostview
</UL>

<P>Both are freely available for download on the Internet. Rops is available here:

<UL>
	<LI><A HREF="ftp://ftp.winsite.com/pub/pc/winnt/txtutil/rops3244.zip"><TT>ftp://ftp.winsite.com/pub/pc/winnt/txtutil/rops3244.zip</TT></A><TT></TT>
</UL>

<P>Ghostscript and Ghostview are available here:

<UL>
	<LI><A HREF="ftp://ftp.cs.wisc.edu/ghost/aladdin/gs353w32.zip"><TT>ftp://ftp.cs.wisc.edu/ghost/aladdin/gs353w32.zip</TT></A><BR>
	<BR>
	
	<LI><A HREF="http://www.cs.wisc.edu/%7Eghost/gsview/index.html"><TT>http://www.cs.wisc.edu/%7Eghost/gsview/index.html</TT></A><TT></TT>
</UL>

<P>I should point out that Rops is shareware, while Ghostscript and Ghostview (hereafter,