ch01.htm

来自「Maximum Security (First Edition) 网络安全 英文」· HTM 代码 · 共 591 行 · 第 1/3 页

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>

<HEAD>
	
	<TITLE>Maximum Security -- Ch 1 -- Why Did I Write This Book?</TITLE>
</HEAD>

<BODY TEXT="#000000" BGCOLOR="#FFFFFF">

<CENTER>
<H1><IMG SRC="../button/samsnet.gif" WIDTH="171" HEIGHT="66" ALIGN="BOTTOM" BORDER="0"><BR>
<FONT COLOR="#000077">Maximum Security: </FONT></H1>
</CENTER>
<CENTER>
<H2><FONT COLOR="#000077">A Hacker's Guide to Protecting Your Internet Site and Network</FONT></H2>
</CENTER>
<CENTER>
<P><A HREF="../fm/fm.htm"><IMG SRC="../button/previous.gif" WIDTH="128" HEIGHT="28"
ALIGN="BOTTOM" ALT="Previous chapter" BORDER="0"></A><A HREF="../ch02/ch02.htm"><IMG
SRC="../button/next.gif" WIDTH="128" HEIGHT="28" ALIGN="BOTTOM" ALT="Next chapter"
BORDER="0"></A><A HREF="../index.htm"><IMG SRC="../button/contents.gif" WIDTH="128"
HEIGHT="28" ALIGN="BOTTOM" ALT="Contents" BORDER="0"></A> 
<HR>

</CENTER>
<CENTER>
<H1><FONT COLOR="#000077">1</FONT></H1>
</CENTER>
<CENTER>
<H1><FONT COLOR="#000077">Why Did I Write This Book?</FONT></H1>
</CENTER>
<P>Hacking and cracking are activities that generate intense public interest. Stories
of hacked servers and downed Internet providers appear regularly in national news.
Consequently, publishers are in a race to deliver books on these subjects. To its
credit, the publishing community has not failed in this resolve. Security books appear
on shelves in ever-increasing numbers. However, the public remains wary. Consumers
recognize driving commercialism when they see it, and are understandably suspicious
of books such as this one. They need only browse the shelves of their local bookstore
to accurately assess the situation.</P>
<P>Books about Internet security are common (firewall technology seems to dominate
the subject list). In such books, the information is often sparse, confined to a
narrow range of products. Authors typically include full-text reproductions of stale,
dated documents that are readily available on the Net. This poses a problem, mainly
because such texts are impractical. Experienced readers are already aware of these
reference sources, and inexperienced ones are poorly served by them. Hence, consumers
know that they might get little bang for their buck. Because of this trend, Internet
security books have sold poorly at America's neighborhood bookstores.</P>
<P>Another reason that such books sell poorly is this: The public erroneously believes
that to hack or crack, you must first be a genius or a UNIX guru. Neither is true,
though admittedly, certain exploits require advanced knowledge of the target's operating
system. However, these exploits can now be simplified through utilities that are
available for a wide range of platforms. Despite the availability of such programs,
however, the public remains mystified by hacking and cracking, and therefore, reticent
to spend forty dollars for a hacking book.</P>
<P>So, at the outset, Sams.net embarked on a rather unusual journey in publishing
this book. The Sams.net imprint occupies a place of authority within the field. Better
than two thirds of all information professionals I know have purchased at least one
Sams.net product. For that reason, this book represented to them a special situation.</P>
<P>Hacking, cracking, and Internet security are all explosive subjects. There is
a sharp difference between publishing a primer about C++ and publishing a hacking
guide. A book such as this one harbors certain dangers, including

<UL>
	<LI>The possibility that readers will use the information maliciously<BR>
	<BR>
	
	<LI>The possibility of angering the often-secretive Internet-security community<BR>
	<BR>
	
	<LI>The possibility of angering vendors that have yet to close security holes within
	their software
</UL>

<P>If any of these dangers materialize, Sams.net will be subject to scrutiny or perhaps
even censure. So, again, if all of this is true, why would Sams.net publish this
book?</P>
<P>Sams.net published this book (and I agreed to write it) because there is a real
need. I'd like to explain that need for a moment, because it is a matter of some
dispute within the Internet community. Many people feel that this need is a manufactured
one, a device dreamt up by software vendors specializing in security products. This
charge--as the reader will soon learn--is unfounded.</P>
<P>Today, thousands of institutions, businesses, and individuals are going online.
This phenomenon--which has been given a dozen different names--is most commonly referred
to as the Internet explosion. That explosion has drastically altered the composition
of the Internet. By composition of the Internet, I refer to the cyberography of the
Net, or the demography of cyberspace. This quality is used to express the now diverse
mixture of users (who have varying degrees of online expertise) and their operating
systems.</P>
<P>A decade ago, most servers were maintained by personnel with at least basic knowledge
of network security. That fact didn't prevent break-ins, of course, but they occurred
rarely in proportion to the number of potential targets. Today, the Internet's population
is dominated by those without strong security knowledge, many of whom establish direct
links to the backbone. The number of viable targets is staggering.</P>
<P>Similarly, individual users are unaware that their personal computers are at risk
of penetration. Folks across the country surf the Net using networked operating systems,
oblivious to dangers common to their platform. To be blunt, much of America is going
online unarmed and unprepared.</P>
<P>You might wonder even more why Sams would publish a book such as this. After all,
isn't the dissemination of such information likely to cause (rather than prevent)
computer break-ins?</P>
<P>In the short run, yes. Some readers will use this book for dark and unintended
purposes. However, this activity will not weaken network security; it will strengthen
it. To demonstrate why, I'd like to briefly examine the two most common reasons for
security breaches:

<UL>
	<LI>Misconfiguration of the victim host<BR>
	<BR>
	
	<LI>System flaws or deficiency of vendor response
</UL>

<H2><FONT COLOR="#000077"><B>Misconfiguration of the Victim Host</B></FONT></H2>
<P>The primary reason for security breaches is misconfiguration of the victim host.
Plainly stated, most operating systems ship in an insecure state. There are two manifestations
of this phenomenon, which I classify as active and passive states of insecurity in
shipped software.
<H3><FONT COLOR="#000077"><B>The Active State</B></FONT></H3>
<P>The active state of insecurity in shipped software primarily involves network
utilities. Certain network utilities, when enabled, create serious security risks.
Many software products ship with these options enabled. The resulting risks remain
until the system administrator deactivates or properly configures the utility in
question.</P>
<P>A good example would be network printing options (the capability of printing over
an Ethernet or the Internet). These options might be enabled in a fresh install,
leaving the system insecure. It is up to the system administrator (or user) to disable
these utilities. However, to disable them, the administrator (or user) must first
know of their existence.</P>
<P>You might wonder how a user could be unaware of such utilities. The answer is
simple: Think of your favorite word processor. Just how much do you know about it?
If you routinely write macros in a word-processing environment, you are an advanced
user, one member of a limited class. In contrast, the majority of people use only
the basic functions of word processors: text, tables, spell check, and so forth.
There is certainly nothing wrong with this approach. Nevertheless, most word processors
have more advanced features, which are often missed by casual users.</P>
<P>For example, how many readers who used DOS-based WordPerfect knew that it included
a command-line screen-capture utility? It was called Grab. It grabbed the screen
in any DOS-based program. At the time, that functionality was unheard of in word
processors. The Grab program was extremely powerful when coupled with a sister utility
called Convert, which was used to transform other graphic file formats into <TT>*.wpg</TT>
files, a format suitable for importation into a WordPerfect document. Both utilities
were called from a command line in the <TT>C:\WP</TT> directory. Neither were directly
accessible from within the WordPerfect environment. So, despite the power of these
two utilities, they were not well known.</P>
<P>Similarly, users might know little about the inner workings of their favorite
operating system. For most, the cost of acquiring such knowledge far exceeds the
value. Oh, they pick up tidbits over the years. Perhaps they read computer periodicals
that feature occasional tips and tricks. Or perhaps they learn because they are required
to, at a job or other official position where extensive training is offered. No matter
how they acquire the knowledge, nearly everyone knows something cool about their
operating system. (Example: the Microsoft programming team easter egg in Windows
95.)</P>


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>The Microsoft programming team easter egg:</B></FONT> The
	Microsoft programming team easter egg is a program hidden in the heart of Windows
	95. When you enter the correct keystrokes and undertake the correct actions, this
	program displays the names of each programmer responsible for Windows 95. To view
	that easter egg, perform the following steps:</P>

</BLOCKQUOTE>


<DL>
	<DL>
		<DD><B>1. </B>Right-click the Desktop and choose New|Folder.
		<P><B>2. </B>Name that folder <TT>and now the moment you've all been waiting for</TT>.</P>
		<P><B>3. </B>Right-click that folder and choose Rename.</P>
		<P><B>4. </B>Rename the folder <TT>we proudly present for your viewing pleasure</TT>.</P>
		<P><B>5. </B>Right-click the folder and choose Rename.</P>
		<P><B>5. </B>Rename the folder <TT>The Microsoft Windows 95 Product Team!</TT>.</P>
		<P><B>6. </B>Open that folder by double-clicking it.
	</DL>
</DL>



<BLOCKQUOTE>
	<P>The preceding steps will lead to the appearance of a multimedia presentation about
	the folks who coded Windows 95. (A word of caution: The presentation is quite long.)
	
<HR>
</P>

</BLOCKQUOTE>

<P>Unfortunately, keeping up with the times is difficult. The software industry is
a dynamic environment, and users are generally two years behind development. This
lag in the assimilation of new technology only contributes to the security problem.
When an operating-system- development team materially alters its product, a large
class of users is suddenly left knowing less. Microsoft Windows 95 is a good example
of this phenomenon. New support has been added for many different protocols: protocols
with which the average Windows user might not be familiar. So, it is possible (and