信息安全管理:网络安全

Hacker_Nightrain2025-01-02 15:46

1 网络的定义和特征

1.1 网络的定义

(根本懒得说。。你们自己wiki吧)

网络的用处

  • What is a network...
  • Devices in a network...
  • LAN, WAN and Internetworks
  • What do networks do for you...
    • Sharing resources
    • Use/share applications

1.2 网络的特征 Characteristics of networks

-- Anonymity

-- Automation

-- Distance

-- Opaqueness

-- Routing diversity

1.3 Network Topology

2 TCP/IP

  • Protocols...
  • Open Systems
    • ANSI , IETF, ISO, IAB

2.1 ISO -- OSI Reference Model - 7 Layers

  • Application:End user processes like FTP, e-mail, etc.
  • Presentation:Format, Encrypt data to send across network
  • Session:Establishes, manages and terminates connections between applications
  • Transport:End-to-end error recovery, flow control, priority services
  • Network:Switching, Routing, Addressing, internetworking, error handling, congestion control and packet sequencing
  • Data-link:Encoding, decoding data packets into bits. Media Access Control Sub-layer : Data access/transmit permissions. Logical Link Sub-layer : Frame synchronisation, flow control, error checking.
  • Physical: Conveys the bit stream (electrical, light, radio)
    All People Seem To Need Data Protection
    People Do Not Trust Sales People Always

ISO-OSI七层结构

TCP/IP

2.2 相关协议

  • Application layer -- FTP, Telnet, DNS, DHCP, TFTP,RPC,NFS, SNMP..
  • Transport layer -- TCP, UDP
  • Internet Layer -- IP, ICMP, ARP, bootp...
  • Organisations / entities : ICANN, IETF, IAB, IRTF, ISOC, W3C
  • Other Protocols
    • IPX/SPX
    • ATM
    • DECnet
    • IEEE 802.11
    • AppleTalk
    • USB
    • SNA

3 网络的安全隐患

3.1 网络不安全的原因

What makes network vulnerable

  • Anonymity
  • Multiplicity of points of attack
  • Resource sharing
  • Complexity of system
  • Uncertain perimeter
  • Unknown path
  • Protocol flaws / protocol implementation flaws

3.2 网络攻击的动机

Motivations of network attacks

  • Challenge
  • Fame
  • Organised Crime
  • Ideology
  • Espionage / Intelligence

4 网络安全的威胁

Threats in Networks

4.1 侦察

Reconnaissance

  • Port Scan
  • Social Engineering
  • Intelligence gathering
  • O/S and Application fingerprinting
  • IRC Chat rooms
  • Available documentation and tools
  • Protocol flaws / protocol implementation flaws

4.2 网络传输过程中的威胁

Threats in Transit

  • Eavesdropping / Packet sniffing
  • Media tapping (Cable, Microwave, Satellite, Optical fibre, Wireless)

4.3 网络冒充

Impersonation

  • Password guessing
  • Avoiding authentication
  • Non-existent authentication
  • Well-known authentication
  • Masquerading
  • Session hijacking
  • Man-in-the-middle

4.4 信息私密性威胁

Message Confidentiality Threats

  • Mis-delivery
  • Exposure -- in various devices in the path
  • Traffic Flow analysis -- sometimes the knowledge of existence of message
    can be as important as message content

4.5 信息完整性威胁

Message Integrity Threats

  • Falsification
  • Noise
  • Protocol failures / misconfigurations

4.6 基于操作系统的威胁

Operating System based Threats

  • Buffer-Overflow
  • Virus , Trojans, rootkits
  • Password

4.7 基于应用程序的威胁

Application based Threats

  • Web-site defacement
  • DNS cache poisoning
  • XSS (Cross-site Scripting)
  • Active-code / Mobile-code
  • Cookie harvesting
  • Scripting

4.8 拒绝服务

Denial of service

  • Syn Flooding
  • Ping of death
  • Smurf
  • Teardrop
  • Traffic re-direction
  • Distributed Denial of Service
    • Bots and Botnets
    • Script Kiddies

5 网络安全控制

Network Security Controls

5.1 弱点和威胁分析

Vulnerability and Threat assessment

5.2 网络结构控制

Network Architecture

  • Network segmentation
  • Architect for availability
  • Avoid SPOF (single points of failure)
  • Encryption
    • Link encryption
    • End-to-end encryption
    • Secure Virtual Private Networks
    • Public Key Infrastructure and Certificates
    • SSL and SSH

5.3 增强加密系统

Strong Authentication

  • One Time Password
  • Challenge Response authentication
  • Kerberos

5.4 防火墙设置

Firewalls

  • Packet Filters
  • Stateful Packet Filters
  • Application proxies
  • Diodes
  • Firewall on end-points

5.5 入侵检查和防御系统

Intrusion Detection / Prevention Systems

  • Network based / host based
  • Signature based
  • Heuristics based / protocol anomaly based
  • Stealth mode

5.6 使用政策和规程

Policies and Procedures

  • Enterprise-wide Information Security Policy
  • Procedures
  • Buy-in (from Executives and employees)
  • Review, enhancement and modification

5.7 其他网络控制方式

  1. Data-Leakage Protection systems
    • Network based / host based
  2. Content scanning/Anti-Virus/Spyware Control systems
    • Network based / host based
  3. Secure e-mail Systems
  4. Design and implementation
  5. ACLs (Access Control Lists)
相关推荐
☞无能盖世♛逞何英雄☜3 小时前
Upload-labs 靶场搭建 及一句话木马的原理与运用
php
Doris Liu.4 小时前
如何检测代码注入(Part 2)
windows·python·安全·网络安全·网络攻击模型
秋说6 小时前
【区块链安全 | 第八篇】多签机制及恶意多签
安全·区块链
68岁扶墙肾透6 小时前
Java安全-FastJson反序列化分析
java·安全·web安全·网络安全·网络攻击模型·安全架构·fastjson
nington019 小时前
为Splunk登录开启OTP二次验证,增强访问安全
安全
技术小丁10 小时前
使用PHP+HTML,实现流式输出效果(仿DeepSeek等对话式AI)
php
智联视频超融合平台11 小时前
视频联网平台智慧运维系统:智能时代的城市视觉中枢
运维·网络协议·安全·音视频·智慧城市·视频编解码
cainiao08060512 小时前
脑机交互安全:如何防止恶意脑电波指令注入
安全
XMYX-013 小时前
如何加强 SSH 安全:内网和专用网络环境下的防护策略
网络·安全·ssh
神经毒素13 小时前
WEB安全--SQL注入--无列名注入
sql·安全·web安全
热门推荐
01我决定放弃搞 Java 了02DeepSeek各版本说明与优缺点分析03如何在WPS和Word/Excel中直接使用DeepSeek功能04从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑05苍穹外卖面试总结06DeepSeek R1本地化部署 Ollama + Chatbox 打造最强 AI 工具07论文笔记:交替单模态适应的多模态表征学习08RAG 实践- Ollama+RagFlow 部署本地知识库09如何本地部署AI智能体平台,带你手搓一个AI Agent10三次握手内部实现原理