ch07.htm

来自「Maximum Security (First Edition) 网络安全 英文」· HTM 代码 · 共 1,036 行 · 第 1/4 页

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>

<HEAD>
	
	<TITLE>Maximum Security -- Ch 7 -- Birth of a Network: The Internet</TITLE>
</HEAD>

<BODY TEXT="#000000" BGCOLOR="#FFFFFF">

<CENTER>
<H1><IMG SRC="../button/samsnet.gif" WIDTH="171" HEIGHT="66" ALIGN="BOTTOM" BORDER="0"><BR>
<FONT COLOR="#000077">Maximum Security: </FONT></H1>
</CENTER>
<CENTER>
<H2><FONT COLOR="#000077">A Hacker's Guide to Protecting Your Internet Site and Network</FONT></H2>
</CENTER>
<CENTER>
<P><A HREF="../ch06/ch06.htm"><IMG SRC="../button/previous.gif" WIDTH="128" HEIGHT="28"
ALIGN="BOTTOM" ALT="Previous chapter" BORDER="0"></A><A HREF="../ch08/ch08.htm"><IMG
SRC="../button/next.gif" WIDTH="128" HEIGHT="28" ALIGN="BOTTOM" ALT="Next chapter"
BORDER="0"></A><A HREF="../index.htm"><IMG SRC="../button/contents.gif" WIDTH="128"
HEIGHT="28" ALIGN="BOTTOM" ALT="Contents" BORDER="0"></A> 
<HR>

</CENTER>
<CENTER>
<H1><FONT COLOR="#000077">7</FONT></H1>
</CENTER>
<CENTER>
<H1><FONT COLOR="#000077">Birth of a Network: The Internet</FONT></H1>
</CENTER>
<P>Readers already familiar with the Internet's early development may wish to bypass
this little slice of history. The story has been told many times.</P>
<P>Our setting is the early 1960s: 1962, to be exact. Jack Kennedy was in the White
House, the Beatles had just recorded their first hit single (<I>Love Me Do</I>),
and Christa Speck, a knock-out brunette from Germany, made Playmate of the Year.
Most Americans were enjoying an era of prosperity. Elsewhere, however, Communism
was spreading, and with it came weapons of terrible destruction.</P>
<P>In anticipation of impending atomic disaster, The United States Air Force charged
a small group of researchers with a formidable task: creating a communication network
that could survive a nuclear attack. Their concept was revolutionary: a network that
had no centralized control. If 1 (or 10, or 100) of its nodes were destroyed, the
system would continue to run. In essence, this network (designed exclusively for
military use) would survive the apocalypse itself (even if we didn't).</P>
<P>The individual largely responsible for the creation of the Internet is Paul Baran.
In 1962, Baran worked at RAND Corporation, the think tank charged with developing
this concept. Baran's vision involved a network constructed much like a fishnet.
In his now-famous memorandum titled <I>On Distributed Communications: I. Introduction
to Distributed Communications Network</I>, Baran explained:

<DL>
	<DD>The centralized network is obviously vulnerable as destruction of a single central
	node destroys communication between the end stations. In practice, a mixture of star
	and mesh components is used to form communications networks. Such a network is sometimes
	called a `decentralized' network, because complete reliance upon a single point is
	not always required.
</DL>



<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>The RAND Corporation
	has generously made this memorandum and the report delivered by Baran available via
	the World Wide Web. The documents can be found at <A HREF="http://www.rand.org/publications/electronic/"><B>http://www.rand.org/publications/electronic/</B></A>.
	
<HR>


</BLOCKQUOTE>

<P>Baran's model was complex. His presentation covered every aspect of the proposed
network, including routing conventions. For example, data would travel along the
network by whatever channels were available at that precise moment. In essence, the
data would dynamically determine its own path at each step of the journey. If it
encountered some sort of problem at one crossroads of the Net, the data would find
an alternate route. Baran's proposed design provided for all sorts of contingencies.
For instance, a network node would only accept a message if that node had adequate
space available to store it. Equally, if a data message determined that all nodes
were currently unavailable (the <I>all lines busy</I> scenario), the message would
wait at the current node until a data path became available. In this way, the network
would provide intelligent data transport. Baran also detailed other aspects of the
network, including</P>

<UL>
	<LI><FONT COLOR="#000000">Security<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Priority schemes (and devices to avoid network overload)<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Hardware<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Cost</FONT>
</UL>

<PRE></PRE>
<P>In essence, Baran eloquently articulated the birth of a network in painstaking
detail. Unfortunately, however, his ideas were ahead of their time. The Pentagon
had little faith in such radical concepts. Baran delivered to defense officials an
11-volume report that was promptly shelved.</P>
<P>The Pentagon's shortsightedness delayed the birth of the Internet, but not by
much. By 1965, the push was on again. Funding was allocated for the development of
a decentralized computer network, and in 1969, that network became a reality. That
system was called <I>ARPANET</I>.</P>
<P>As networks go, ARPANET was pretty basic, not even closely resembling the Internet
of today. Its topology consisted of links between machines at four academic institutions
(Stanford Research Institute, the University of Utah, the University of California
at Los Angeles, and the University of California at Santa Barbara).</P>
<P>One of those machines was a DEC PDP-10. Only those more mature readers will remember
this model. These are massive, ancient beasts, now more useful as furniture than
computing devices. I mention the PDP-10 here to briefly recount another legend in
computer history (one that many of you have never heard). By taking this detour,
I hope to give you a frame of reference from which to measure how incredibly long
ago this was in computer history.</P>
<P>It was at roughly that time that a Seattle, Washington, company began providing
computer time sharing. The company reportedly took on two bright young men to test
its software. These young men both excelled in computer science, and were rumored
to be skilled in the art of finding holes within systems. In exchange for testing
company software, the young men were given free dial-up access to a PDP-10 (this
would be the equivalent of getting free access to a private bulletin board system).
Unfortunately for the boys, the company folded shortly thereafter, but the learning
experience changed their lives. At the time, they were just old enough to attend
high school. Today, they are in their forties. Can you guess their identities? The
two boys were Bill Gates and Paul Allen.</P>
<P>In any event, by 1972, ARPANET had some 40 hosts (in today's terms, that is smaller
than many local area networks, or <I>LANs</I>). It was in that year that Ray Tomlinson,
a member of Bolt, Beranek, and Newman, Inc., forever changed the mode of communication
on the network. Tomlinson created electronic mail.</P>
<P>Tomlinson's invention was probably the single most important computer innovation
of the decade. E-mail allowed simple, efficient, and inexpensive communication between
various nodes of the network. This naturally led to more active discussions and the
open exchange of ideas. Because many recipients could be added to an e-mail message,
these ideas were more rapidly implemented. (Consider the distinction between e-mail
and the telephone. How many people can you reach with a modern conference call? Compare
that to the number of people you can reach with a single e-mail message. For group-oriented
research, e-mail cannot be rivaled.) From that point on, the Net was alive.</P>
<P>In 1974, Tomlinson contributed to another startling advance. He (in parallel with
Vinton Cerf and Robert Khan) invented the Transmission Control Protocol (TCP). This
protocol was a new means of moving data across the network bit by bit and then later
assembling these fragments at the other end.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>NOTE:</B></FONT><B> </B>TCP is the primary protocol used
	on the Internet today. It was developed in the early 1970s and was ultimately integrated
	into Berkeley Software Distribution UNIX. It has since become an Internet standard.
	Today, almost all computers connected to the Internet run some form of TCP. In Chapter
	6, &quot;A Brief Primer on TCP/IP,&quot; I closely examine TCP as well as its sister
	protocols. 
<HR>


</BLOCKQUOTE>

<P>By 1975, ARPANET was a fully functional network. The groundwork had been done
and it was time for the U.S. government to claim its prize. In that year, control
of ARPANET was given to an organization then known as the United States Defense Communications
Agency (this organization would later become the Defense Information Systems Agency).</P>
<P>To date, the Internet is the largest and most comprehensive structure ever designed
by humankind. Next, I will address some peripheral technological developments that
helped form the network and bring it to its present state of complexity. To do this,
I will start with C.
<H2><FONT COLOR="#000077"><B>What Is C?</B></FONT></H2>
<P><I>C</I> is a popular computer programming language, often used to write language
compilers and operating systems. I examine C here because its development (and its
relationship to the UNIX operating system) is directly relevant to the Internet's
development.</P>
<P>Nearly all applications designed to facilitate communication over the Internet
are written in C. Indeed, both the UNIX operating system (which forms the underlying
structure of the Internet) and TCP/IP (the suite of protocols used to traffic data
over the Net) were developed in C. It is no exaggeration to say that if C had never
emerged, the Internet as we know it would never have existed at all.</P>
<P>For most non-technical users, programming languages are strange, perplexing things.
However, programming languages (and programmers) are the very tools by which a computer
program (commonly called an <I>application</I>) is constructed. It may interest you
to know that if you use a personal computer or workstation, better than half of all
applications you now use were written in the C language. (This is true of all widely
used platforms, including Macintosh.) In this section, I want to briefly discuss
C and pay some homage to those who helped develop it. These folks, along with Paul
Baran, Ken Thompson, and a handful of others, are the grandparents of the Internet.</P>
<P>C was created in the early 1970s by Dennis M. Ritchie and Brian W. Kernighan.
These two men are responsible for many technological advancements that formed the
modern Internet, and their names appear several times throughout this book.</P>
<P>Let's discuss a few basic characteristics of the C programming language. To start,
C is a compiled as opposed to an interpreted language. I want to take a moment to
explain this critical distinction because many of you may lack programming experience.
<H3><FONT COLOR="#000077"><B>Interpreted Programming Languages</B></FONT></H3>
<P>Most programs are written in plain, human-readable text. This text is made up
of various commands and blocks of programming code called <I>functions</I>. In interpreted
languages, this text remains in human-readable form. In other words, such a program
file can be loaded into a text editor and read without event.</P>
<P>For instance, examine the program that follows. It is written for the Practical
Extraction and Report Language (Perl). The purpose of this Perl program is to get
the user's first name and print it back out to the screen.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>NOTE:</B></FONT><B> </B>Perl is strictly defined as an interpreted
	language, but it does perform a form of compilation. However, that compilation occurs
	in memory and never actually changes the physical appearance of the programming code.
	
<HR>


</BLOCKQUOTE>

<P>This program is written in plain English:</P>
<PRE><FONT COLOR="#0066FF">#!/usr/bin/perl
print &quot;Please enter your first name:&quot;;
$user_firstname = &lt;STDIN&gt;;
chop($user_firstname);
print &quot;Hello, $user_firstname\n&quot;
print &quot;Are you ready to hack?\n&quot;
</FONT></PRE>
<P>Its construction is designed to be interpreted by Perl. The program performs five
functions:</P>

<UL>
	<LI><FONT COLOR="#000000">Start the Perl interpreter<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Print a message to the user, asking for his or her first
	name<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Get the user's first name<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Remove the carriage return at the end of the user input<BR>
	<BR>
	</FONT>
	<LI><FONT COLOR="#000000">Print a new message to the user, identifying him or her
	by name</FONT>
</UL>

<PRE></PRE>
<P>Interpreted languages are commonly used for programs that perform trivial tasks
or tasks that need be done only once. These are sometimes referred to as <I>throwaway</I>
<I>programs</I>. They can be written quickly and take virtually no room on the local
disk.</P>
<P>Such interpreted programs are of limited use. For example, in order to run, they
must be executed on a machine that contains the command interpreter. If you take
a Perl script and install it on a DOS-based machine (without first installing the
Perl interpreter), it will not run. The user will be confronted with an error message
(<TT>Bad command or file name</TT>). Thus, programs written in Perl are dependent
on the interpreter for execution.</P>
<P>Microsoft users will be vaguely familiar with this concept in the context of applications
written in Visual Basic (VB). VB programs typically rely on runtime libraries such
as <TT>VBRUN400.DLL</TT>. Without such libraries present on the drive, VB programs
will not run.