apd.htm

Maximum Security (First Edition) 网络安全 英文版

file on PC security. HideThat works on the Microsoft Windows 95 platform.</P>
<P>CobWeb Applications</P>
<P>Cherry Tree Cottage</P>
<P>Leatherhead Road</P>
<P>Surrey, UK KT23 4SS</P>
<P>Voice: +44 1372 459040</P>
<P>Fax: +44 1372 459040</P>
<P>E-mail: <A HREF="mailto:mikec@cobweb.co.uk"><TT>mikec@cobweb.co.uk</TT></A></P>
<P>URL: <A HREF="http://www.cobweb.co.uk"><TT>http://www.cobweb.co.uk</TT></A>
<H3><FONT COLOR="#000077"><B>WebSENSE</B></FONT></H3>
<P>WebSENSE is an advanced Internet content screening system that allows organizations
to monitor and eliminate network traffic to Internet sites deemed inappropriate or
otherwise undesirable in their networked environment. WebSENSE is implemented as
a Windows NT service running on a single Windows NT computer, eliminating the need
for software to be loaded on individual user workstations. Additionally, WebSENSE
supports a wide range of TCP protocols, including HTTP, Gopher, FTP, Telnet, IRC,
NNTP, and RealAudio. The recommended minimum requirements are Intel 486, 16MB RAM,
and Windows NT 3.51 (or greater).</P>
<P>NetPartners Internet Solutions, Inc.</P>
<P>9210 Sky Park Court, 1st Floor</P>
<P>San Diego, CA, 92123</P>
<P>Voice: 619-505-3044</P>
<P>Fax: 619-495-1950</P>
<P>E-mail: <A HREF="mailto:jtrue@netpart.com"><TT>jtrue@netpart.com</TT></A></P>
<P>URL: <A HREF="http://www.netpart.com"><TT>http://www.netpart.com</TT></A>
<H3><FONT COLOR="#000077"><B>Cetus StormWindows</B></FONT></H3>
<P>Cetus StormWindows&amp;tm; for Windows 95 allows authorized users to add several
types and degrees of protections to the desktop and system of a Windows 95 computer.
Intelligent use of StormWindows security measures will allow secure use of any shared
Windows 95 PC (a version for Windows NT 4 is under development). Examples of desktop
protections include

<UL>
	<LI>Hiding all desktop icons
	<LI>Hiding Start menu programs groups and links
	<LI>Preventing the saving of desktop changes
	<LI>Hiding all drives in My Computer
	<LI>Hiding the Start menu settings folders (Control Panel and printers) and taskbar
	<LI>Hiding Network Neighborhood
</UL>

<P>Some of the system protections include

<UL>
	<LI>Disabling the MS-DOS prompt and the exiting to MS-DOS mode
	<LI>Preventing warm booting (Ctrl+Alt+Del)
	<LI>Blocking the running of Registration Editor and System Policy Editor
	<LI>Preventing the merging of REG files into the Registry
	<LI>Preventing the addition or deletion of printers
	<LI>Keeping the Documents menu empty
	<LI>Hiding sensitive Control Panel pages and settings
</UL>

<P>StormWindows security schemes can be imported from and exported to other computers
by disk. StormWindows changes do not require the use of policies. StormWindows protections
would probably be most useful to someone in charge of a number of computers at a
school or business, a network manager, or a parent. Access to StormWindows is password
protected.</P>
<P>Cetus Software Inc.</P>
<P>P.O. Box 700</P>
<P>Carver, MA, 02330</P>
<P>E-mail: <A HREF="mailto:support@cetussoft.com"><TT>support@cetussoft.com</TT></A></P>
<P>URL: <A HREF="http://www.cetussoft.com/"><TT>http://www.cetussoft.com/</TT></A>
<H3><FONT COLOR="#000077"><B>PGP for GroupWise</B></FONT></H3>
<P>PGP for GroupWise provides seamless integration between GroupWise versions 4.1
and 5.<I>x</I> and either the DOS or Windows versions of PGP. With the software,
you can create public encryption keys, mail your keys to others, encrypt, digitally
sign, decrypt, and verify digital signatures in order to maintain privacy in your
Internet or intranet communications. Attached documents can by encrypted as well.</P>
<P>Risch Consulting</P>
<P>E-mail: <A HREF="mailto:mvrisch@midway.uchicago.edu"><TT>mvrisch@midway.uchicago.edu</TT></A></P>
<P>URL: <A HREF="http://student-www.uchicago.edu/users/mvrisch/mi01000.htm"><TT>http://student-www.uchicago.edu/users/mvrisch/mi01000.htm</TT></A>
<H3><FONT COLOR="#000077"><B>Windows Task-Lock</B></FONT></H3>
<P>Windows Task-Lock, version 4.1 (<TT>sgllock.zip</TT>) provides a simple, inexpensive,
but effective way to password-protect specified applications for Windows 95 no matter
how they are executed. It is easy to configure and requires little or no modifications
to your current system configuration. Optional sound events, stealth mode, and password
time-out are included. The administrator password is enabled for site licenses. Online
help is provided. (Windows 95 required.)</P>
<P>Posum L.L.C.</P>
<P>P.O. Box 21015</P>
<P>Huntsville, AL, 35824</P>
<P>Fax: 205-895-8361</P>
<P>E-mail: <A HREF="mailto:103672.2634@compuserve.com"><TT>103672.2634@compuserve.com</TT></A></P>
<P>URL: <A HREF="http://posum.com/"><TT>http://posum.com/</TT></A>
<H3><FONT COLOR="#000077"><B>Windows Enforcer</B></FONT></H3>
<P>Windows Enforcer, version 4.0 (<TT>enforcer.zip</TT>) protects systems that are
accessible to many people and require a consistent configuration and a consistent
limited selection of services such as public displays or computer labs. It is also
great for child-proofing individual systems. This is accomplished by ensuring that
user-specified tasks either never run, always run, or are allowed to run. It is easy
to configure and requires little or no modifications to your current system configuration.
Optional user-specified sounds for the startup and access-denied events are also
available. Online help is provided. (Windows 3.<I>x</I> and Windows 95.)</P>
<P>Posum L.L.C.</P>
<P>P.O. Box 21015</P>
<P>Huntsville, AL, 35824</P>
<P>Fax: 205-895-8361</P>
<P>E-mail: <A HREF="mailto:103672.2634@compuserve.com"><TT>103672.2634@compuserve.com</TT></A></P>
<P>URL: <A HREF="http://posum.com/"><TT>http://posum.com/</TT></A>
<H2><FONT COLOR="#000077"><B>UNIX Software</B></FONT></H2>
<P>The following utilities for UNIX are on the CD-ROM. This listing provides contact
information for each company and a description of its product.
<H3><FONT COLOR="#000077"><B>Portus Secure Network Firewall</B></FONT></H3>
<P>Portus is an NCSA-certified high-performance application-proxy gateway. It supports
all TCP/IP connections and has a UDP proxy add-on. It offers high levels of security
without becoming network chokepoint. Products include Portus Secure Network Firewall
for AIX, Portus Secure Network Firewall for Solaris, Portus Secure Network Firewall
Installation and Administration Guide (Acrobat file), and Portus Secure Network Firewall
General Information Manual--Firewall Tutorial (Acrobat file). These are 30-day fully
functional demos.</P>
<P>Freemont Avenue Software, Inc.<BR>
2825 Wilcrest, Suite 160<BR>
Houston, TX, 77042<BR>
Voice: 713-974-3274<BR>
Fax: 713-978-6246<BR>
E-mail: <A HREF="mailto:portus@lsli.com"><TT>portus@lsli.com</TT></A></P>
<P>Datalynx, Inc.<BR>
Voice: 619-560-8112<BR>
Fax: 619-560-8114<BR>
E-mail: <A HREF="mailto:sales@dlxguard.com"><TT>sales@dlxguard.com</TT></A><BR>
URL: <A HREF="http://www.dlxguard.com"><TT>http://www.dlxguard.com</TT></A>
<H3><FONT COLOR="#000077"><B>SATAN (Security Administrator's Tool for Analyzing Networks)</B></FONT></H3>
<P>SATAN recognizes several common networking-related security problems and reports
them without actually exploiting them. For each type of problem found, SATAN offers
a tutorial that explains the problem and what its impact could be. The tutorial also
explains what can be done about the problem. SATAN collects information that is available
to everyone with access to the network. With a properly configured firewall in place,
that should be near-zero information for outsiders. SATAN will inevitably find problems.
Here's the current problem list:

<UL>
	<LI>NFS file systems exported to arbitrary hosts
	<LI>NFS file systems exported to unprivileged programs
	<LI>NFS file systems exported via the portmapper
	<LI>NIS password file access from arbitrary hosts
	<LI>Old (before 8.6.10) sendmail versions
	<LI>REXD access from arbitrary hosts
	<LI>X server access control disabled
	<LI>Arbitrary files accessible via TFTP
	<LI>Remote shell access from arbitrary hosts
	<LI>Writable anonymous FTP home directory
</UL>

<P>System requirements: UNIX, at least 16MB of RAM, and 50mHz. Authors: Dan Farmer
and Weitse Venema</P>
<P>Location: <A HREF="http://www.trouble.org/~zen/satan/satan.html"><TT>http://www.trouble.org/~zen/satan/satan.html</TT></A>
<H3><FONT COLOR="#000077"><B>Strobe</B></FONT></H3>
<P>Strobe is a network/security tool that locates and describes all listening TCP
ports on a (remote) host or on many hosts in a manner that maximizes bandwidth utilization
and minimizes process resources manner. Strobe approximates a parallel finite state
machine internally. In nonlinear multihost mode, it attempts to apportion bandwidth
and sockets among the hosts very efficiently. This can reap appreciable gains in
speed for multiple distinct hosts/routes. On a machine with a reasonable number of
sockets, strobe is fast enough to port scan entire Internet subdomains. It is even
possible to survey an entire small country in a reasonable time from a fast machine
on the network backbone, provided the machine in question uses dynamic socket allocation
or has had its static socket allocation increased very appreciably (check your kernel
options). Strobe is said to be faster than ISS2.1 (a high quality commercial security
scanner by <TT>cklaus@iss.net</TT> and friends) or PingWare (also commercial). Author:
Julian Assange</P>
<P>Location: <A HREF="http://sunsite.kth.se/Linux/system/Network/admin/"><TT>http://sunsite.kth.se/Linux/system/Network/admin/</TT></A>
<H3><FONT COLOR="#000077"><B>SAFEsuite</B></FONT></H3>
<P>SAFEsuite&amp;tm; is a family of network security assessment tools designed to
audit, monitor, and correct all aspects of network security. Internet Scanner is
the fastest, most comprehensive, proactive UNIX and Windows NT security scanner available.
It configures easily, scans quickly, and produces comprehensive reports. Internet
Scanner probes a network environment for selected security vulnerabilities, simulating
the techniques of a determined intruder. Depending on the reporting options selected,
Internet Scanner provides information about each vulnerability found: location, in-depth
description, and suggested corrective actions.</P>
<P>Internet Security Systems, Inc. (ISS)</P>
<P>41 Perimeter Center East, Suite 660</P>
<P>Atlanta, GA, 30071</P>
<P>Voice: 770-395-0150</P>
<P>Fax: 770-395-1972</P>
<P>E-mail: <A HREF="mailto:info@iss.net"><TT>info@iss.net</TT></A></P>
<P>URL: <A HREF="http://www.iss.net"><TT>http://www.iss.net</TT></A>
<H2><FONT COLOR="#000077"><B>NetWare</B></FONT></H2>
<P>The following NetWare utilities are on the CD-ROM. This listing provides contact
information for each company and a description of its product.
<H3><FONT COLOR="#000077"><B>SecureConsole</B></FONT></H3>
<P>SecureConsole for NetWare is a fileserver console security application that adds
a new level of control and accountability to the NetWare server. It restricts access
for individual users or NetWare security groups to specific server commands or applications.
SecureConsole also records the commands performed by each logon. SecureConsole acts
like a screen saver on the console forcing the user to identify himself with a valid
NetWare login and password. If the user is authorized to access the server, SecureConsole
unlocks the screen but continues to verify the user's actions against his list of
authorized functions and application screens. This means that different users or
groups can have different levels of access. Installation of SecureConsole is simple!
The software can be installed through the NetWare v4 product installation program
or by copying the program to the server manually. No special NetWare queues, setup
files, or license files are required, and the product is <I>not</I> serialized. This
allows for software distribution products or batch installation to multiple fileservers.</P>
<P>Server Systems Limited</P>
<P>7A Villa Marina Arcade</P>
<P>Harris Promenade</P>
<P>Douglas, UK</P>
<P>Voice: 1-800-581-3502 (USA)</P>
<P>Fax: 1-800-581-3502 (USA)</P>
<P>Voice: +61 6 292-9988 (Australia)</P>
<P>Fax: +61 6 292-9977 (Australia)</P>
<P>Voice: +44 117 940-2020 (UK)</P>
<P>Fax: +44 117 907-7448 (UK)</P>
<P>E-mail: <A HREF="mailto:sales@serversystems.com"><TT>sales@serversystems.com</TT></A>,
<TT>100033,3202</TT> (CompuServe)</P>
<P>URL: <A HREF="http://www.serversystems.com/"><TT>http://www.serversystems.com/</TT></A>
<H3><FONT COLOR="#000077"><TT>spooflog.c</TT><B> and </B><TT>spooflog.h</TT></FONT></H3>
<P>Author: Greg Miller
<H2><FONT COLOR="#000077"><B>Macintosh Software</B></FONT></H2>
<P>The following Macintosh utility is on the CD-ROM. This listing provides contact
information for the company.
<H3><FONT COLOR="#000077"><B>Mac TCP Watcher</B></FONT></H3>
<P>Stairways Software Pty. Ltd.</P>
<P>PO Box 1123</P>
<P>Booragoon, WA, 6154, Australia</P>
<P>E-mail: <A HREF="mailto:support@stairways.com.au"><TT>support@stairways.com.au</TT></A></P>
<P>URL: <A HREF="http://www.stairways.com/"><TT>http://www.stairways.com/</TT></A>
<H2><FONT COLOR="#000077"><B>Information</B></FONT></H2>
<P>The following information is also located on the CD-ROM.
<H3><FONT COLOR="#000077"><B>Computer Facility Security--An Overview</B></FONT></H3>
<P>Bret Watson &amp; Associates</P>
<P>c/- 6 June Rd</P>
<P>Gooseberry Hill, Western Australia, 6076, Australia</P>
<P>Tel: +61 041 4411 149</P>
<P>Fax: +61 09 454 6042</P>
<P>E-mail: <A HREF="mailto:consulting@bwa.net"><TT>consulting@bwa.net</TT></A></P>
<P>URL: <A HREF="http://www.bwa.net"><TT>http://www.bwa.net</TT></A>
<H3><FONT COLOR="#000077"><B>RadLast</B></FONT></H3>
<P>RadLast filters Radius 1 and 2 detail files.</P>
<P>Kinchlea Computer Consulting</P>
<P>3730 Denman Rd</P>
<P>Denman Island, BC, Canada, V0R 1T0</P>
<P>Tel: 250-335-0907</P>
<P>Fax: 250-335-0902</P>
<P>E-mail: <A HREF="mailto:kcc@kinch.ark.com"><TT>kcc@kinch.ark.com</TT></A><TT></TT></P>
<P>URL: <A HREF="http://kinch.ark.com/kcc"><TT>http://kinch.ark.com/kcc</TT></A>
<H2><FONT COLOR="#000077"><B>About the Software</B></FONT></H2>
<P>Please read all documentation associated with a third-party product (usually contained
with files named <TT>readme.txt</TT> or <TT>license.txt</TT>) and follow all guidelines.</P>
<CENTER>
<P>
<HR>
<A HREF="../apc/apc.htm"><IMG SRC="../button/previous.gif" WIDTH="128" HEIGHT="28"
ALIGN="BOTTOM" ALT="Previous chapter" BORDER="0"></A><A HREF="../index.htm"><IMG
SRC="../button/contents.gif" WIDTH="128" HEIGHT="28" ALIGN="BOTTOM" ALT="Contents"
BORDER="0"></A> <BR>
<BR>
<BR>
<IMG SRC="../button/corp.gif" WIDTH="284" HEIGHT="45" ALIGN="BOTTOM" ALT="Macmillan Computer Publishing USA"
BORDER="0"></P>

<P>&#169; <A HREF="../copy.htm">Copyright</A>, Macmillan Computer Publishing. All
rights reserved.
</CENTER>


</BODY>

</HTML>