經典技術文章翻譯(3):IIS7協議偵聽器(IntroducingIIS7>IISProtocolListeners)
搜尋IIS WAS相關繫結問題,遇到這本書,翻譯其中兩端,給大家參考,關於IIS偵聽協議的描述,會給在IIS7+內託管非http繫結的WCF服務的開發一些參考和提示吧。原書:《WINDOWS VISTA™ SECURITY: Securing Vista Against Malicious Attacks 》by Roger A. Grimes; Jesper M. Johansson 。中文名稱應該是《WINDOWS VISTA安全:保護Vista不受惡意攻擊》。有興趣的朋友,可以線上閱讀:http://my.safaribooksonline.com/9780470101551。有不妥之處,請批評指正。謝謝。
【1】英文原文:
9.6. IIS Protocol Listeners
A protocol listener is a software routine that listens on a predefined communication channel (and port), and passes transmitted data (called messages) to and from the participating server service and communicating client. IIS 7 includes five default protocol listeners: Http.sys, Net.tcp, Net.pipe, Net.p2p and Net.msmq; and additional custom listeners can be created and used. IIS 6 had only one — Http.sys. The other new protocol listeners support Microsoft`s new Windows Communication Foundation web services. With the exception of Http.sys, the other listeners require .NET Framework installation and the Windows Process Activation Service (WAS), which runs in the same Svchost process as the WWW service. However, protocol listeners can be implemented using WAS and not require IIS.
Each listener runs in kernel mode, directly interacting with the operating system. Microsoft has thoroughly tested each protocol listener for security vulnerabilities, trying their best to ensure they are not susceptible to buffer overflows and other common security mistakes. Although finding every security vulnerability is almost impossible, Microsoft successfully defended IIS 6`s Http.sys against every attacker for over 4 years, so they have a leading example to follow. Protocol listeners can be activated in an XML configuration file called ApplicationHost.config. To minimize possible attack vectors, only the protocol listeners needed should be activated. The follow sections summarize each protocol listener.
【2】中文翻譯:
9.6 IIS 協議偵聽器:
協議偵聽器是一個可以偵聽預定義通訊通道(埠),傳遞資料(請求的資料)和參與服務和客戶端通訊的程式。IIS7包含5個預設的協議偵聽器:Http.sys, Net.tcp, Net.pipe, Net.p2p 和 Net.msmq; 此外,也可以穿件和使用自定義偵聽器。IIS6只有一個:Http.sys。其它的新的偵聽器用來支援微軟新的Windows Communication Foundation服務。除了Http.sys,其它偵聽器需要安裝.NET Framework和Windows啟用服務(Windows Process Activation Service ,簡稱WAS),它們和WWW服務一樣執行在相同的服務宿主程式。但是,協議偵聽器可以通過WAS託管而不需要使用IIS。
每個偵聽器,執行在核心模式,直接與作業系統互動。微軟為了安全隱患考慮已經充分測試過每個偵聽器,盡全力保證他們不會快取溢位和出現其它安全問題。儘管微軟知道發生安全問題的可能性很小,但是還是在過去的4年裡一直防禦II6的Http.sys抵禦每次攻擊,所以他們樹立了良好的榜樣。協議偵聽器可以在一個叫做ApplicationHost.config的XML 配置檔案裡啟用。為了減少可能的攻擊,只有需要的偵聽器才會被啟用。下面幾段總結了各個協議偵聽器。
【3】作者簡介英文原文:
Roger A. Grimes, CPA, CISSP, four-time MVP, is a 20-year industry veteran and author of seven books and over 200 articles on Windows security. Currently working for Microsoft as an ACE Team senior security consultant, Roger previously taught Windows and Linux security for Foundstone and is a highly requested industry speaker.
Jesper M. Johansson is currently working on application security and developer security training on large software projects. Prior to his current work he was a senior security strategist at Microsoft Corporation and is a well known authority on Windows operating system security. He holds a Ph.D. in Management Information Systems.
【4】作者簡介中文翻譯:
Roger A. Grimes, CPA, CISSP, 4屆MVP,是一個有著20年行業經驗的專家,並且出版關於Windows 安全的7本書和超過200篇文章。目前就職於微軟ACE團隊,作為高階安全顧問。Roger 以前教授Windows 和Linux安全,是廣受歡迎的行業專家。
Jesper M. Johansson目前工作於安全和大型軟體專案的安全培訓上。此前他是微軟高階策略專家並且是著名的Windows作業系統安全的權威。他擁有管理資訊系統的博士學位。
本文轉自 frankxulei 51CTO部落格,原文連結:http://blog.51cto.com/frankxulei/320514,如需轉載請自行聯絡原作者
相關文章
- MQTT 3.1.1協議[翻譯]MQQT協議
- BitTorrent DHT 協議中文翻譯協議
- [翻譯]汽車CAN協議hacking協議
- WebSocket 協議 RFC 文件(全中文翻譯)Web協議
- 深入理解Vue 3:計算屬性與偵聽器的藝術Vue
- 淺談技術翻譯
- 翻譯經典之《Cisco Lan Switching》:前言
- 從規則到神經網路:機器翻譯技術的演化之路神經網路
- HTTP協議詳解(真的很經典)HTTP協議
- 【原始碼系列#04】Vue3偵聽器原理(Watch)原始碼Vue
- 文章經典總結
- 詞典翻譯 英譯漢
- 頁面滾動偵聽器
- 2015年在微信熱傳的100+經典技術文章
- 神經機器翻譯實戰
- ARP協議:網路世界的地址翻譯官協議
- WiFi協議技術詳解概述WiFi協議
- 有道雲詞典--翻譯/螢幕取詞翻譯
- IIS7 經典模式和整合模式的區別模式
- 活動 | INTERFACE#4 解讀搜狗機器翻譯技術,體驗搜狗旅行翻譯寶產品
- 原型繼承(翻譯 vjeux 文章)原型繼承UX
- Vue計算屬性和偵聽器Vue
- HTTP 是不是應該翻譯成超文字傳輸協議HTTP協議
- 理論經典:TCP協議的3次握手與4次揮手過程詳解TCP協議
- 10g bug 偵聽掛起 兩個偵聽程式
- 專案管理經典技術簡介(轉)專案管理
- 術語翻譯
- Vue中計算屬性和偵聽器Vue
- 眾成翻譯-國外前端文章前端
- 谷歌揭祕自家翻譯系統:如何利用AI技術提高翻譯質量谷歌AI
- 跨越專業翻譯的語言之牆:百度翻譯的技術攀登
- 前端技術演進(二):前端與協議前端協議
- PHP phar:協議物件注入技術介紹PHP協議物件
- 流媒體技術之傳輸協議協議
- WiFi協議的調製技術介紹WiFi協議
- [譯]如何撰寫精彩的技術部落格文章
- NServiceBus翻譯之持久化技術(一):Persistence In NServiceBus持久化
- MFC 技術注意第62條的翻譯 (轉)