Administrating Web Servers, Security, & Maintenance (The Foundations of Web Site Architecture Series) / Edition 1

Paperback (Print)
Buy New
Buy New from BN.com
$55.71
Buy Used
Buy Used from BN.com
$39.19
(Save 40%)
Item is in good condition but packaging may have signs of shelf wear/aging or torn packaging.
Condition: Used – Good details
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 96%)
Other sellers (Paperback)
  • All (26) from $1.99   
  • New (8) from $53.28   
  • Used (18) from $1.99   

Overview

2253D-2

The Nuts and Bolts of Internet Security.

This interactive workbook will get you started right away with real-world applications for Web server security and maintenance. Demand for these skills is sky-high, as businesses everywhere are moving toward e-commerce and full online presence.

Learn from the experts in easy, step-by-step lessons. Every section includes reviews to help you check your work and assess your progress at every stage, and practical labs to reinforce what you're learning as you go along. Administrating Web Servers, Security, and Maintenance helps you master:

  • Building a new website
  • Networks, Web servers and Web clients
  • Configuration and maintenance of your site
  • CGI security
  • Secure online transactions

Suitable for classroom use or self-paced learning, Administrating Web Servers, Security, and Maintenance is the fast, easy, certified way to master Web server administration and security.

About the Foundations of Web Site Architecture Series.

Endorsed by WOW, the World Organization of Webmasters, these fully interactive workbooks-and their companion websites at www.phptr.com/phptrinteractive —give you the core skills you need to manage content, business, and technology on the World Wide Web. They are building blocks in Prentice Hall's comprehensive curriculum for professional Webmaster certification.

About WOW

The World Organization of Webmasters is a professional organization with thousands of members and affiliates worldwide. Started as a non-profit organization, WOW was created to enhance the role and position of those individual who create, manage, maintain and market Web sites. This support is provided through membership in WOW. For more information on becoming a member, please visit www.joinwow.org

Read More Show Less

Product Details

  • ISBN-13: 9780130225344
  • Publisher: Prentice Hall
  • Publication date: 12/30/1999
  • Series: Foundations of Website Architecture Series
  • Edition description: New Edition
  • Edition number: 1
  • Pages: 567
  • Product dimensions: 6.70 (w) x 9.10 (h) x 1.40 (d)

Meet the Author

Eric Larson is Staff Engineer at Sun Microsystems in Burlington, MA, currently performing technical research and software development for Sun's Enterprise Services division. He also teaches several courses in the Webmaster curriculum at Merrimack College.

Brian Stephens works for Sun Microsystems, Inc., as a backline network support engineer. In addition to handling escalated network issues, he also serves as a member of Sun's CCC Security Team, and teaches classes on Web security and internetworking at Merrimack College.

Read More Show Less

Read an Excerpt

Introduction

The goal of this book is to give you a solid understanding of what is going on behind the scenes of a Web site. We try to give you the tools and skills you need to start your own Web site and keep things running smoothly. This book is broken down into two parts: Web server administration and Web security. Although the book is written for new webmasters, there is plenty of information here to satisfy even seasoned Web veterans.

This book is an attempt to bridge the gap between textbook and reference manual. Reference manuals tend to be frustrating to new students unfamiliar with the content, and the typical textbook may not engage readers to try real-world exercises. This book is certainly not the definitive reference for all things server and security related, but it is a general overview of many technical skills required of a webmaster. Since there are so many different companies selling products related to Web servers and security, we try to stay as "platform neutral" as possible. We attempt to show you important basic techniques, not lots of small details. Most of the exercises can be done with freely available software. Even if you don't have a huge lab full of expensive equipment, the exercises will be useful.

This book can be used by anyone starting or administrating a Web site or anyone interested in computer security. Aspiring webmasters and managers alike will find plenty of information here to help you "talk the talk" and learn how to "walk the walk" of the webmaster.

The numerous exercises and questions are meant to help you learn by experimenting. The self-review questions are not meant to be a test—getting the wrong answers doesn't mean you fail. They are meant to make you think. Although most of the questions will have obvious answers made apparent from the reading, there are many trick questions, so think carefully about the questions and answers.

Although the exercises are not harmful, it is wise to save all of your work or have a backup before trying them. This is especially the case with the exercises dealing with Web security. Make every attempt to try them on a test machine or one of less importance and never on a production host critical to your business.

What You Will Need

You should have a networked computer with access to the Internet. Access to a server (either Windows NT or UNIX) is most ideal. Many of the exercises require you to run commands and install software as the super-user or administrator. If it is not possible to have a dedicated machine to experiment with, that's OK, you should still be able to do most of the exercises. You might consider installing Linux (http://www.redhat.com/ download/) on a PC if you don't currently have NT Server or a UNIX machine.

You should also install a web browser for viewing online documentation and examples.

How This Book Is Organized

In this book and the others in this series you are presented with a series of interactive labs. Each lab begins with learning objectives that define what exercises (or tasks) are covered in that lab. This is followed by an overview of the concepts that will be further explored through the exercises, which are the heart of each lab.

Each exercise consists of either a series of steps that you will follow to perform a specific task or a presentation of a particular scenario. Questions that are designed to help you discover the important things on your own are then asked of you. The answers to these questions are given at the end of the exercises, along with more in-depth discussion of the concepts explored.

At the end of each lab is a series of multiple-choice self-review questions, which are designed to bolster your learning experience by providing opportunities to check your absorption of important material. The answers to these questions appear in Appendix A. There are also additional self-review questions at this book's companion Web site, found at

http://www.phptr.com/phptrinteractive/architecture/index.html

Finally, at the end of each chapter you will find a "Test Your Thinking" section, which consists of a series of projects designed to solidify all the skills you have learned in the chapter. If you have completed all the labs successfully, you should be able to tackle these projects with few problems. There are not always answers to these projects, but where appropriate, you will find guidance and/or solutions at the companion Web site.

The final element of this book actually doesn't appear in the book at all. It is the companion Web site, and it is located at:

http://www.phptr.com/larson_stephens/

This companion Web site is closely integrated with the content of this book, and we encourage you to visit often. It is designed to provide a unique interactive online experience that will enhance your education. As mentioned, you will find guidance and solutions that will help you complete the projects found in the "Test Your Thinking" section of each chapter.

You will also find additional self-review questions for each chapter, which are meant to give you more opportunities to become familiar with terminology and concepts presented in the publications. In the Author's Corner, you will find additional information that we think will interest you, including updates to the information presented in these publications, and discussion about the constantly changing technology that webmasters must stay involved in.

Finally, you will find a Message Board, which you can think of as a virtual study lounge. Here, you can interact with other Foundations of Website Architecture Series readers, sharing and discussing your projects.

Notes to the Student

This publication and the others in the Foundations of Website Architecture series are endorsed by the World Organization of Webmasters. The series comprises a training curriculum designed to provide aspiring webmasters with the skills they need to perform in the marketplace. The skill sets included in the series were collected and defined by this international trade association to create a set of core competencies for students, professionals, trainers, and employers to utilize.

Notes to the Instructor

Chances are that you are a pioneer in the education field whether you want to be one or not. Due to the explosive nature of the Internet's growth, very few webmaster training programs are currently in existence. But while you read this, many colleges, community colleges, technical institutes, corporate, and commercial training environments will be introducing the material into curriculums worldwide.

Chances are, however, that you are instructing new material in a new program. But don't fret, this publication and series are designed as a comprehensive introductory curriculum in this field. Students completing this program of study successfully will be fully prepared to assume the responsibilities of a webmaster in the field or to engage in further training and certification in the Internet communications field.

Each chapter in the book is broken down into sections. All questions and projects have answers and discussions associated with them. The labs and question/answer formats used in the book provide excellent opportunities for group discussions and dialog among and between students, instructors, and each other. In addition, many answers and their discussions are abbreviated because of limitations of space. Any comments, ideas, or suggestions regarding this text or series will be greatly appreciated.

We hope you enjoy this book. If you would like to send us e-mail, drop us a note at

ericl@webmaster.merrimack.edubrians@webmaster.merrimack.edu

Best regards,
Eric and Brian

About the Authors

Eric Larson is currently a research engineer at Sun Microsystems in Burlington, Massachusetts. He is currently doing technical research and software development for Sun's Enterprise Services Division. When he's not experimenting with the latest Java technologies at Sun, he teaches several courses in the webmaster curriculum at Merrimack College.

Eric received a B.S. in computer science from Rensselaer Polytechnic Institute in Troy, New York. He has been working with Internet-related technologies for nearly ten years and has been doing WWW development since 1993. In addition to playing with the latest high-tech toys, Eric also enjoys traveling and writing, recording, and performing his own music.

Brian Stephens currently works for Sun Microsystems, Inc. as a backline network support engineer. In addition to handling escalated network issues, he serves as a member of Sun Microsystems' CCC Security Team. When he is not troubleshooting TCP/IP-related problems for Sun, Brian teaches classes on Web security and internetworking at Merrimack College. Brian holds a B.S. in computer science from the University of Massachusetts, Amherst and has been working with computers all his life. In his free time, when not obsessed by computers, Brian enjoys driving fast and jumping out of perfectly good airplanes.

Read More Show Less

Table of Contents

From the Editor.

Executive Foreword.

Introduction.

About the Authors.

I. WEB SERVER ADMINISTRATION.

1. What Is a Web Server?

Client/Server Basics. Electronic Publishing. HTTP Overview. Other Web-Related Servers.

2. Planning Your Server.

Hosting Your Site. Hosting Your Own Server. UNIX vs. NT. Sizing Your Server. Domain Names.

3. Users and Documents.

Server Users and Directories. Server Administrators. Document Hierarchy. Directory Indexing. File and Directory Names. Transferring Files.

4. Server Configuration.

Choosing Web Server Software. Customizing Your Web Server. Controlling Access. Secure Sockets Layer Configuration. Virtual Hosts.

5. Server-Side Programming.

Dynamic Documents. CGI and Forms. Server-Side Includes. Active Server Pages. Servlets and Java Server Pages.

6. Log Files.

Log File Formats. Referrers. Being Proactive. Statistics.

7. Search Engines, Robots, and Automation.

Search Engines. Publicizing Your Site. Robots and Spiders. Automation.

II. WEB SECURITY.

8. Introduction to Security.

Why We Need Security. Types of Attacks and Vulnerabilities. Security Resources. Security Basics.

9. Network Security.

Networking Basics. Packet Sniffing. Other Network Vulnerabilities. Firewalls and Proxies.

10. Web Server Security.

Host/OS Hardening. Who to Run a Web Server As. File Permissions and Ownership. Other Configuration Concerns.

11. CGI Security.

Who to Run CGI As. Poor CGI Programming. Tainted CGI Variables. Buffer Overflows. Other CGI Risks.

12. Web Client Security.

Java Applets. ActiveX. JavaScript. Cookies.

13. Secure Online Transactions.

Encryption. Secure Socket Layer. Certificate Authorities. Access Control Lists.

14. Intrusion Detection and Recovery.

Detecting an Attack. Recovering from an Attack.

Appendix A: Answers to Self-Review Questions.

Appendix B: ASCII Values.

Appendix C: Well-Know Port Numbers.

Appendix D: Base Conversion.

Appendix E: Packet Formats.

Index.

Read More Show Less

Preface

Introduction

The goal of this book is to give you a solid understanding of what is going on behind the scenes of a Web site. We try to give you the tools and skills you need to start your own Web site and keep things running smoothly. This book is broken down into two parts: Web server administration and Web security. Although the book is written for new webmasters, there is plenty of information here to satisfy even seasoned Web veterans.

This book is an attempt to bridge the gap between textbook and reference manual. Reference manuals tend to be frustrating to new students unfamiliar with the content, and the typical textbook may not engage readers to try real-world exercises. This book is certainly not the definitive reference for all things server and security related, but it is a general overview of many technical skills required of a webmaster. Since there are so many different companies selling products related to Web servers and security, we try to stay as "platform neutral" as possible. We attempt to show you important basic techniques, not lots of small details. Most of the exercises can be done with freely available software. Even if you don't have a huge lab full of expensive equipment, the exercises will be useful.

This book can be used by anyone starting or administrating a Web site or anyone interested in computer security. Aspiring webmasters and managers alike will find plenty of information here to help you "talk the talk" and learn how to "walk the walk" of the webmaster.

The numerous exercises and questions are meant to help you learn by experimenting. The self-review questions are not meant to be a test—getting the wrong answers doesn't mean you fail. They are meant to make you think. Although most of the questions will have obvious answers made apparent from the reading, there are many trick questions, so think carefully about the questions and answers.

Although the exercises are not harmful, it is wise to save all of your work or have a backup before trying them. This is especially the case with the exercises dealing with Web security. Make every attempt to try them on a test machine or one of less importance and never on a production host critical to your business.

What You Will Need

You should have a networked computer with access to the Internet. Access to a server (either Windows NT or UNIX) is most ideal. Many of the exercises require you to run commands and install software as the super-user or administrator. If it is not possible to have a dedicated machine to experiment with, that's OK, you should still be able to do most of the exercises. You might consider installing Linux (http://www.redhat.com/ download/) on a PC if you don't currently have NT Server or a UNIX machine.

You should also install a web browser for viewing online documentation and examples.

How This Book Is Organized

In this book and the others in this series you are presented with a series of interactive labs. Each lab begins with learning objectives that define what exercises (or tasks) are covered in that lab. This is followed by an overview of the concepts that will be further explored through the exercises, which are the heart of each lab.

Each exercise consists of either a series of steps that you will follow to perform a specific task or a presentation of a particular scenario. Questions that are designed to help you discover the important things on your own are then asked of you. The answers to these questions are given at the end of the exercises, along with more in-depth discussion of the concepts explored.

At the end of each lab is a series of multiple-choice self-review questions, which are designed to bolster your learning experience by providing opportunities to check your absorption of important material. The answers to these questions appear in Appendix A. There are also additional self-review questions at this book's companion Web site, found at

http://www.phptr.com/phptrinteractive/architecture/index.html

Finally, at the end of each chapter you will find a "Test Your Thinking" section, which consists of a series of projects designed to solidify all the skills you have learned in the chapter. If you have completed all the labs successfully, you should be able to tackle these projects with few problems. There are not always answers to these projects, but where appropriate, you will find guidance and/or solutions at the companion Web site.

The final element of this book actually doesn't appear in the book at all. It is the companion Web site, and it is located at:

http://www.phptr.com/larson_stephens/

This companion Web site is closely integrated with the content of this book, and we encourage you to visit often. It is designed to provide a unique interactive online experience that will enhance your education. As mentioned, you will find guidance and solutions that will help you complete the projects found in the "Test Your Thinking" section of each chapter.

You will also find additional self-review questions for each chapter, which are meant to give you more opportunities to become familiar with terminology and concepts presented in the publications. In the Author's Corner, you will find additional information that we think will interest you, including updates to the information presented in these publications, and discussion about the constantly changing technology that webmasters must stay involved in.

Finally, you will find a Message Board, which you can think of as a virtual study lounge. Here, you can interact with other Foundations of Website Architecture Series readers, sharing and discussing your projects.

Notes to the Student

This publication and the others in the Foundations of Website Architecture series are endorsed by the World Organization of Webmasters. The series comprises a training curriculum designed to provide aspiring webmasters with the skills they need to perform in the marketplace. The skill sets included in the series were collected and defined by this international trade association to create a set of core competencies for students, professionals, trainers, and employers to utilize.

Notes to the Instructor

Chances are that you are a pioneer in the education field whether you want to be one or not. Due to the explosive nature of the Internet's growth, very few webmaster training programs are currently in existence. But while you read this, many colleges, community colleges, technical institutes, corporate, and commercial training environments will be introducing the material into curriculums worldwide.

Chances are, however, that you are instructing new material in a new program. But don't fret, this publication and series are designed as a comprehensive introductory curriculum in this field. Students completing this program of study successfully will be fully prepared to assume the responsibilities of a webmaster in the field or to engage in further training and certification in the Internet communications field.

Each chapter in the book is broken down into sections. All questions and projects have answers and discussions associated with them. The labs and question/answer formats used in the book provide excellent opportunities for group discussions and dialog among and between students, instructors, and each other. In addition, many answers and their discussions are abbreviated because of limitations of space. Any comments, ideas, or suggestions regarding this text or series will be greatly appreciated.

We hope you enjoy this book. If you would like to send us e-mail, drop us a note at

ericl@webmaster.merrimack.edubrians@webmaster.merrimack.edu

Best regards,
Eric and Brian

About the Authors

Eric Larson is currently a research engineer at Sun Microsystems in Burlington, Massachusetts. He is currently doing technical research and software development for Sun's Enterprise Services Division. When he's not experimenting with the latest Java technologies at Sun, he teaches several courses in the webmaster curriculum at Merrimack College.

Eric received a B.S. in computer science from Rensselaer Polytechnic Institute in Troy, New York. He has been working with Internet-related technologies for nearly ten years and has been doing WWW development since 1993. In addition to playing with the latest high-tech toys, Eric also enjoys traveling and writing, recording, and performing his own music.

Brian Stephens currently works for Sun Microsystems, Inc. as a backline network support engineer. In addition to handling escalated network issues, he serves as a member of Sun Microsystems' CCC Security Team. When he is not troubleshooting TCP/IP-related problems for Sun, Brian teaches classes on Web security and internetworking at Merrimack College. Brian holds a B.S. in computer science from the University of Massachusetts, Amherst and has been working with computers all his life. In his free time, when not obsessed by computers, Brian enjoys driving fast and jumping out of perfectly good airplanes.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted February 14, 2000

    Best Internet Security Book in Print

    This book is the best volume I have read on Internet security. It belongs in any consultant's technology library. As the e-Business director of my firm I have made this book required reading for all of my practicioners.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)