信息安全管理:网络安全

Hacker_Nightrain2025-01-02 15:46

1 网络的定义和特征

1.1 网络的定义

(根本懒得说。。你们自己wiki吧)

网络的用处

  • What is a network...
  • Devices in a network...
  • LAN, WAN and Internetworks
  • What do networks do for you...
    • Sharing resources
    • Use/share applications

1.2 网络的特征 Characteristics of networks

-- Anonymity

-- Automation

-- Distance

-- Opaqueness

-- Routing diversity

1.3 Network Topology

2 TCP/IP

  • Protocols...
  • Open Systems
    • ANSI , IETF, ISO, IAB

2.1 ISO -- OSI Reference Model - 7 Layers

  • Application:End user processes like FTP, e-mail, etc.
  • Presentation:Format, Encrypt data to send across network
  • Session:Establishes, manages and terminates connections between applications
  • Transport:End-to-end error recovery, flow control, priority services
  • Network:Switching, Routing, Addressing, internetworking, error handling, congestion control and packet sequencing
  • Data-link:Encoding, decoding data packets into bits. Media Access Control Sub-layer : Data access/transmit permissions. Logical Link Sub-layer : Frame synchronisation, flow control, error checking.
  • Physical: Conveys the bit stream (electrical, light, radio)
    All People Seem To Need Data Protection
    People Do Not Trust Sales People Always

ISO-OSI七层结构

TCP/IP

2.2 相关协议

  • Application layer -- FTP, Telnet, DNS, DHCP, TFTP,RPC,NFS, SNMP..
  • Transport layer -- TCP, UDP
  • Internet Layer -- IP, ICMP, ARP, bootp...
  • Organisations / entities : ICANN, IETF, IAB, IRTF, ISOC, W3C
  • Other Protocols
    • IPX/SPX
    • ATM
    • DECnet
    • IEEE 802.11
    • AppleTalk
    • USB
    • SNA

3 网络的安全隐患

3.1 网络不安全的原因

What makes network vulnerable

  • Anonymity
  • Multiplicity of points of attack
  • Resource sharing
  • Complexity of system
  • Uncertain perimeter
  • Unknown path
  • Protocol flaws / protocol implementation flaws

3.2 网络攻击的动机

Motivations of network attacks

  • Challenge
  • Fame
  • Organised Crime
  • Ideology
  • Espionage / Intelligence

4 网络安全的威胁

Threats in Networks

4.1 侦察

Reconnaissance

  • Port Scan
  • Social Engineering
  • Intelligence gathering
  • O/S and Application fingerprinting
  • IRC Chat rooms
  • Available documentation and tools
  • Protocol flaws / protocol implementation flaws

4.2 网络传输过程中的威胁

Threats in Transit

  • Eavesdropping / Packet sniffing
  • Media tapping (Cable, Microwave, Satellite, Optical fibre, Wireless)

4.3 网络冒充

Impersonation

  • Password guessing
  • Avoiding authentication
  • Non-existent authentication
  • Well-known authentication
  • Masquerading
  • Session hijacking
  • Man-in-the-middle

4.4 信息私密性威胁

Message Confidentiality Threats

  • Mis-delivery
  • Exposure -- in various devices in the path
  • Traffic Flow analysis -- sometimes the knowledge of existence of message
    can be as important as message content

4.5 信息完整性威胁

Message Integrity Threats

  • Falsification
  • Noise
  • Protocol failures / misconfigurations

4.6 基于操作系统的威胁

Operating System based Threats

  • Buffer-Overflow
  • Virus , Trojans, rootkits
  • Password

4.7 基于应用程序的威胁

Application based Threats

  • Web-site defacement
  • DNS cache poisoning
  • XSS (Cross-site Scripting)
  • Active-code / Mobile-code
  • Cookie harvesting
  • Scripting

4.8 拒绝服务

Denial of service

  • Syn Flooding
  • Ping of death
  • Smurf
  • Teardrop
  • Traffic re-direction
  • Distributed Denial of Service
    • Bots and Botnets
    • Script Kiddies

5 网络安全控制

Network Security Controls

5.1 弱点和威胁分析

Vulnerability and Threat assessment

5.2 网络结构控制

Network Architecture

  • Network segmentation
  • Architect for availability
  • Avoid SPOF (single points of failure)
  • Encryption
    • Link encryption
    • End-to-end encryption
    • Secure Virtual Private Networks
    • Public Key Infrastructure and Certificates
    • SSL and SSH

5.3 增强加密系统

Strong Authentication

  • One Time Password
  • Challenge Response authentication
  • Kerberos

5.4 防火墙设置

Firewalls

  • Packet Filters
  • Stateful Packet Filters
  • Application proxies
  • Diodes
  • Firewall on end-points

5.5 入侵检查和防御系统

Intrusion Detection / Prevention Systems

  • Network based / host based
  • Signature based
  • Heuristics based / protocol anomaly based
  • Stealth mode

5.6 使用政策和规程

Policies and Procedures

  • Enterprise-wide Information Security Policy
  • Procedures
  • Buy-in (from Executives and employees)
  • Review, enhancement and modification

5.7 其他网络控制方式

  1. Data-Leakage Protection systems
    • Network based / host based
  2. Content scanning/Anti-Virus/Spyware Control systems
    • Network based / host based
  3. Secure e-mail Systems
  4. Design and implementation
  5. ACLs (Access Control Lists)
相关推荐
一口一个橘子7 小时前
[ctfshow web入门] web69
前端·web安全·网络安全
毒果8 小时前
网络安全:账号密码与诈骗防范
网络·安全·web安全
wangbaowo9 小时前
MySQL数据库下篇
数据库·经验分享·笔记·学习·mysql·安全
大刘讲IT12 小时前
IT/OT 融合架构下的工业控制系统安全攻防实战研究
经验分享·安全·web安全·架构·制造
hao_wujing12 小时前
基于LLM的6G空天地一体化网络自进化安全框架
网络·安全
中杯可乐多加冰12 小时前
【解决方案】CloudFront VPC Origins 实践流程深入解析 —— 安全高效架构的实战之道
安全·架构·安全架构·vpc·cloudfront
码农飞哥13 小时前
互联网大厂Java面试实战:从Spring Boot到微服务的技术问答与解析
java·数据库·spring boot·安全·微服务·面试·电商
MarkHD14 小时前
第五天 车载系统安全(入侵检测、OTA安全) 数据加密(TLS/SSL、国密算法)
安全·车载系统·ssl
路baby15 小时前
2025第九届御网杯网络安全大赛线上赛 区域赛WP (MISC和Crypto)(详解-思路-脚本)
安全·web安全·网络安全·视频编解码·misc·crypto·御网杯
small_white_robot15 小时前
OSCP备战-kioptrixvm3详细解法
网络·安全·web安全
热门推荐
01【分布式】Hadoop完全分布式的搭建(零基础)02从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑03KGG转MP3工具|非KGM文件|解密音频04YOLOv8入门 | 重要性能衡量指标、训练结果评价及分析及影响mAP的因素【发论文关注的指标】05【SpeedAI科研小助手】2分钟极速解决知网维普重复率、AIGC率过高,一键全文降!文件格式不变,公式都保留的!06Coze扣子平台完整体验和实践(附国内和国际版对比)07DeepSeek各版本说明与优缺点分析08苍穹外卖面试总结09西电B测-计算机网络综合实验(含验收问题)10最新 Kubernetes 集群部署 + flannel 网络插件(保姆级教程,最新 K8S 版本)