Computer Security: A Hands-On Approach (電腦安全:實務操作指南)

Wenliang Du

買這商品的人也買了...

相關主題

商品描述

This book is for students, computer scientists, computer engineers, programmers, software developers, network and system administrators, and others who want to learn the principles of computer security and understand how various security attacks and countermeasures work. Equipped with the knowledge from this book, readers will be able to design and implement software systems and applications that are secure against attacks. They will also be able to evaluate the risks faced by computer and network systems, detect common vulnerabilities in software, use proper methods to protect their systems and networks, and more importantly, apply the learned security principles to solve real-world problems.

 

The author strongly believes in "learning by doing", so the book takes a hands-on approach. For each security principle, the book uses a series of hands-on activities to help explain the principle; readers can "touch", play with, and experiment with the principle, instead of just reading about it. For instance, if a security principle involves an attack, the book guides readers to actually launch the attack (in a contained environment). If a principle involves a security mechanism, such as firewall or Virtual Private Network (VPN), the book guides readers to implement a mini-firewall or mini-VPN. Readers can learn better from such hands-on activities.

 

All the hands-on activities are conducted in a virtual machine image provided by the author. They can be downloaded from this URL: http://www.cis.syr.edu/~wedu/seed/. Everything needed for the activities have already been set up; readers just need to download the VM (free), launch it using VirtualBox, and they can immediately work on the activities covered in the book. This book is based on the Ubuntu12.04 VM image. The author will regularly upgrade the VM image in every few years.

 

Most of the activities in the book are based on the author's SEED labs, which are widely used by instructors all over the world. These labs are the results of 15 years' research, development, and testing efforts conducted by the author and his students in a project called SEED, which has been funded by the National Science Foundation since 2002.

商品描述(中文翻譯)

這本書適合學生、電腦科學家、電腦工程師、程式設計師、軟體開發人員、網路和系統管理員以及其他想要學習電腦安全原則並了解各種安全攻擊和對策如何運作的人。讀者通過這本書所獲得的知識,將能夠設計和實施安全的軟體系統和應用程式,以防範攻擊。他們還能夠評估電腦和網路系統所面臨的風險,檢測軟體中的常見漏洞,使用適當的方法來保護他們的系統和網路,更重要的是,應用所學的安全原則來解決現實世界的問題。

作者堅信「學以致用」,因此本書採用實踐的方式。對於每個安全原則,本書使用一系列的實踐活動來幫助解釋原則;讀者可以「觸摸」、玩耍和實驗原則,而不僅僅是閱讀。例如,如果一個安全原則涉及攻擊,本書會引導讀者實際發動攻擊(在受控環境中)。如果一個原則涉及防火牆或虛擬私人網路(VPN)等安全機制,本書會引導讀者實施一個迷你防火牆或迷你VPN。讀者可以從這樣的實踐活動中更好地學習。

所有的實踐活動都在作者提供的虛擬機映像中進行。它們可以從以下網址下載:http://www.cis.syr.edu/~wedu/seed/。所有活動所需的一切都已經設定好;讀者只需下載虛擬機(免費),使用VirtualBox啟動它,就可以立即開始進行書中涵蓋的活動。本書基於Ubuntu12.04虛擬機映像。作者將定期在幾年內升級虛擬機映像。

本書中的大部分活動都基於作者的SEED實驗室,這些實驗室被全球各地的教師廣泛使用。這些實驗室是作者和他的學生在一個名為SEED的項目中進行了15年的研究、開發和測試的成果,該項目自2002年以來一直由國家科學基金會資助。