[ Pobierz całość w formacie PDF ]
Internet Firewalls
and
Network Security
Second Edition
Chris Hare
Karanjit Siyan
New Riders Publishing
Indianapolis, Indiana
i
I
NTERNET
F
IREWALLS
AND
N
ETWORK
S
ECURITY
, S
ECOND
E
DITION
Internet Firewalls and Network Security, Second Edition
By Chris Hare and Karanjit Siyan
Published by:
New Riders Publishing
201 West 103rd Street
Indianapolis, IN 46290 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form
or by any means, electronic or mechanical, including photocopying, recording, or by
any information storage and retrieval system, without written permission from the
publisher, except for the inclusion of brief quotations in a review.
Copyright
Ó
1996 by New Riders Publishing
Printed in the United States of America 1 2 3 4 5 6 7 8 9 0
Library of Congress Cataloging-in-Publication Data
Hare, Chris, 1962-
Internet firewalls and network security / Chris Hare, Karanjit
Siyan. -- 2nd ed.
p. cm.
Siyan's name appears first on the earlier edition.
Includes bibliographical references and index.
ISBN 1-56205-632-8
1. Computer networks--Security measures. 2. Internet (Computer
network)--Security measures. I. Siyan, Karanjit, 1954- .
II. Title.
TK5105.875.I57H36 1996
005.8--dc20
96-28232
CIP
Warning and Disclaimer
This book is designed to provide information about the Internet. Every effort has been
made to make this book as complete and as accurate as possible, but no warranty or
fitness is implied.
The information is provided on an “as is” basis. The author(s) and New Riders Pub-
lishing shall have neither liability nor responsibility to any person or entity with re-
spect to any loss or damages arising from the information contained in this book or
from the use of the disks or programs that may accompany it.
ii
P
UBLISHER
Don Fowley
P
UBLISHING
M
ANAGER
Emmett Dulaney
M
ARKETING
M
ANAGER
Mary Foote
M
ANAGING
E
DITOR
Carla Hall
I
NTERNET
F
IREWALLS
AND
N
ETWORK
S
ECURITY
,
SECOND
EDITION
A
BOUT
THE
A
UTHORS
Chris Hare
is a senior network security analyst for the System Security Consult-
ing Group at Northern Telecom Ltd. (Nortel), where his activities include policy
development, consulting, and secure electronic commerce. He started working
in computer-based technology in 1986, after studying health sciences. Since
that time he has worked in programming, system administration, quality assur-
ance, training, network management, consulting, and technical management
positions.
Chris became the first SCO-authorized instructor in Canada in 1988 and has
taught Unix courses all over the world. He also has taught system administra-
tion, shell and C programming, TCP/IP, and X Windows.
As a professional writer, Chris has authored almost twenty articles for
Sys Admin
magazine and coauthored several books for New Riders Publishing, including
Inside Unix
,
Internet Firewalls and Network Security
,
Building an Internet Server
with Linux
, and the
Internet Security Professional Reference
.
Chris lives in Ottawa, Canada with his wife Terri and their children Meagan and
Matthew.
Karanjit Siyan, Ph.D.
is president of Kinetics Corporation. He has authored
international seminars on Solaris & SunOS, TCP/IP networks, PC Network
Integration, Novell networks, Windows NT, and Expert Systems using Fuzzy
Logic. He teaches advanced technology seminars in the United States, Canada,
Europe, and the Far East. Dr. Siyan has published articles in
Dr. Dobbs Journal
,
The C Users Journal
, and
Databased Advisor
, and is actively involved in Internet
research. Dr. Siyan has been involved with Unix systems programming and ad-
ministration since his graduate days at the University of California at Berkeley
when BSD Unix was being developed. He holds a Ph.D. in computer science,
and his dissertation topic was “Fuzzy Logic and Neural Networks for Computer
Network Management.” Before working as an independent consultant, Karanjit
worked as a senior member of technical staff at ROLM Corporation. As part of
his consulting work, Karanjit has written a number of custom compiler and
operating system developmental tools. His other interests include Novell-based,
Windows NT-based, and OS/2 networks. He holds an ECNE certification for
Novell-based networks and Microsoft Certified Professional for Windows NT,
and has written a number of books for Macmillan Computer Publishing. Karanjit
Siyan is based in Montana where he lives with his wife, Dei.
iii
I
NTERNET
F
IREWALLS
AND
N
ETWORK
S
ECURITY
, S
ECOND
E
DITION
T
RADEMARK
A
CKNOWLEDGMENTS
All terms mentioned in this book that are known to
be trademarks or service marks have been appropri-
ately capitalized. New Riders Publishing cannot at-
test to the accuracy of this information. Use of a term
in this book should not be regarded as affecting the
validity of any trademark or service mark.
A
CQUISITIONS
E
DITOR
Karen Scott
S
ENIOR
E
DITOR
Sarah Kearns
D
EVELOPMENT
E
DITOR
Kristin Evan
P
ROJECT
E
DITOR
Lillian Duggan
C
OPY
E
DITOR
Susan Christopherson
T
ECHNICAL
E
DITOR
John Linn
A
SSOCIATE
M
ARKETING
M
ANAGER
Tamara Apple
A
CQUISITIONS
C
OORDINATOR
Stacia Mellinger
P
UBLISHER
’
S
A
SSISTANT
Karen Opal
C
OVER
D
ESIGNERS
Jay Corpus, Aren Howell
B
OOK
D
ESIGNER
Sandra Schroeder
P
RODUCTION
M
ANAGER
Kelly Dobbs
P
RODUCTION
T
EAM
S
UPERVISOR
Laurie Casey
G
RAPHICS
I
MAGE
S
PECIALISTS
Stephen Adams, Dan Harris, Clint
Lahnen, Laura Robbins
P
RODUCTION
A
NALYSTS
Jason Hand, Bobbi Satterfield,
SA Springer
P
RODUCTION
T
EAM
Angela Calvert, Kim Cofer, Terrie
Deemer, Tricia Flodder, Pamela
Volk, Karen Walsh
I
NDEXER
Erika Millen
iv
I
NTERNET
F
IREWALLS
AND
N
ETWORK
S
ECURITY
, S
ECOND
E
DITION
A
CKNOWLEDGMENTS
From Chris Hare
I would like to acknowledge the assistance of several people who have contrib-
uted to this second edition. To Mike Martineau of iSTAR Internet for providing
an ISDN connection and some computing equipment for the Internet connec-
tion; to David Cross and Frank Rosano of Milkyway Networks for providing
the Black Hole software and hardware. A special thank you to Steve Bourgeois
of Milkyway Networks who answered what seemed like an endless barrage of
questions and provided general all-around moral and technical support.
And to my wife Terri for her love and patience while I worked through many
nights—she only had to endure the grumpy mornings.
From Karanjit Siyan
One of the more pleasurable tasks of being an author is to thank the people
responsible for the success of a book. My heartfelt thanks to my wife Dei for her
love and support. I wish to thank my father Ahal Sing and my mother Tejinder,
my brothers Harjee and Jagjit, and my sisters Kookie and Dolly. Thanks also to
Margaret Cooper Scott, Cathryn and Bob Foley, Craig and Lydia Cooper, Rob-
ert and Janie Cooper, Heidi and Steve Bynum, Barbara and Edward L. Scott
(Scotty), and Jacquelyn McGregor for their love and support. Special thanks to
Mother, Saint Germain, El Morya, Babaji, and Bhagwan Krishna. Without their
spiritual support, this book would not have been possible.
Others who deserve credit are Bob Sanregret and Anders Amundson, who ini-
tially got me interested in writing teaching materials on computer networks. I
also wish to thank the many people at Learning Tree for their help and support
and permission to use some viewgraphs from the courses I have authored for
them. In particular I would like to thank John Moriarty, Rick Adamson, Dr.
David Collins, and Eric Garen. I wish to thank John Rutkai for his advice in
selecting server components that I needed for writing this book.
I wish to acknowledge the many people who have helped me along the way:
Harpreet Sandhu, Bill Duby, Angela, Michael Anaast, and Janice Culliford; my
students Lisa, Debi, Sheri, Rondi, and Linda; Edward and Mary Kramer, Daniel
Gottsegen, David Stanfield, Dr. Wagner, Bill Joy, Professor Ramamoorthy, Pro-
fessor G. S. Sanyal, Professor “M,” Professor Kumar Subramaniam, Professor
Mahabalipuram, Marti Lichtanski, Rex Cardinale, Dave Ford, mathematician
D. R. Kaprekar, Mr. Gadre, Mr. Misra, and Mr. Hoffmann.
v
[ Pobierz całość w formacie PDF ]