Securing Citrix XenApp Server in the Enterprise (Paperback)

Tariq Azad

  • 出版商: Syngress Media
  • 出版日期: 2008-06-24
  • 定價: $1,980
  • 售價: 5.0$990
  • 語言: 英文
  • 頁數: 528
  • 裝訂: Paperback
  • ISBN: 1597492817
  • ISBN-13: 9781597492812
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Citrix Presentation Server allows remote users to work off a network server as if they weren't remote. That means: Incredibly fast access to data and applications for users, no third party VPN connection, and no latency issues. All of these features make Citrix Presentation Server a great tool for increasing access and productivity for remote users. Unfortunately, these same features make Citrix just as dangerous to the network it's running on. By definition, Citrix is granting remote users direct access to corporate servers?..achieving this type of access is also the holy grail for malicious hackers. To compromise a server running Citrix Presentation Server, a hacker need not penetrate a heavily defended corporate or government server. They can simply compromise the far more vulnerable laptop, remote office, or home office of any computer connected to that server by Citrix Presentation Server.
All of this makes Citrix Presentation Server a high-value target for malicious hackers. And although it is a high-value target, Citrix Presentation Servers and remote workstations are often relatively easily hacked, because they are often times deployed by overworked system administrators who haven't even configured the most basic security features offered by Citrix. "The problem, in other words, isn't a lack of options for securing Citrix instances; the problem is that administrators aren't using them." (eWeek, October 2007). In support of this assertion Security researcher Petko D. Petkov, aka "pdp", said in an Oct. 4 posting that his recent testing of Citrix gateways led him to "tons" of "wide-open" Citrix instances, including 10 on government domains and four on military domains.

* The most comprehensive book published for system administrators providing step-by-step instructions for a secure Citrix Presentation Server.
* Special chapter by Security researcher Petko D. Petkov'aka "pdp detailing tactics used by malicious hackers to compromise Citrix Presentation Servers.
* Companion Web site contains custom Citrix scripts for administrators to install, configure, and troubleshoot Citrix Presentation Server.

商品描述(中文翻譯)

Citrix Presentation Server允許遠程用戶像在本地一樣在網絡服務器上工作。這意味著:用戶可以以極快的速度訪問數據和應用程序,無需第三方VPN連接,也不會有延遲問題。所有這些功能使得Citrix Presentation Server成為提高遠程用戶訪問和生產力的絕佳工具。不幸的是,這些功能同樣使得Citrix對運行的網絡具有危險性。根據定義,Citrix授予遠程用戶對企業服務器的直接訪問...實現這種訪問方式也是惡意黑客的終極目標。要破壞運行Citrix Presentation Server的服務器,黑客不需要入侵一個防禦嚴密的企業或政府服務器。他們只需破壞與Citrix Presentation Server連接的任何計算機的更易受攻擊的筆記本電腦、遠程辦公室或家庭辦公室即可。
所有這些使得Citrix Presentation Server成為惡意黑客的高價值目標。儘管如此,Citrix Presentation Server和遠程工作站通常相對容易被黑客入侵,因為它們通常由工作繁忙的系統管理員部署,他們甚至沒有配置Citrix提供的最基本的安全功能。"問題,換句話說,不是缺乏保護Citrix實例的選項,而是管理員沒有使用它們。"(eWeek,2007年10月)。支持這一觀點的安全研究人員Petko D. Petkov,又名“pdp”,在10月4日的帖子中表示,他最近對Citrix閘道進行的測試發現了“大量”“完全開放”的Citrix實例,其中包括10個政府域和4個軍事域。

* 這是為系統管理員編寫的最全面的書籍,提供了逐步指導,以確保Citrix Presentation Server的安全。
* 安全研究人員Petko D. Petkov(又名“pdp”)撰寫了一章,詳細介紹了惡意黑客用於破壞Citrix Presentation Server的策略。
* 附帶網站包含了供管理員安裝、配置和疑難排解Citrix Presentation Server的自定義Citrix腳本。