信息安全管理:网络安全

1 网络的定义和特征

1.1 网络的定义

(根本懒得说。。你们自己wiki吧)

网络的用处

  • What is a network...
  • Devices in a network...
  • LAN, WAN and Internetworks
  • What do networks do for you...
    • Sharing resources
    • Use/share applications

1.2 网络的特征 Characteristics of networks

-- Anonymity

-- Automation

-- Distance

-- Opaqueness

-- Routing diversity

1.3 Network Topology


2 TCP/IP

  • Protocols...
  • Open Systems
    • ANSI , IETF, ISO, IAB

2.1 ISO -- OSI Reference Model - 7 Layers

  • Application:End user processes like FTP, e-mail, etc.
  • Presentation:Format, Encrypt data to send across network
  • Session:Establishes, manages and terminates connections between applications
  • Transport:End-to-end error recovery, flow control, priority services
  • Network:Switching, Routing, Addressing, internetworking, error handling, congestion control and packet sequencing
  • Data-link:Encoding, decoding data packets into bits. Media Access Control Sub-layer : Data access/transmit permissions. Logical Link Sub-layer : Frame synchronisation, flow control, error checking.
  • Physical: Conveys the bit stream (electrical, light, radio)
    All People Seem To Need Data Protection
    People Do Not Trust Sales People Always

ISO-OSI七层结构

TCP/IP

2.2 相关协议

  • Application layer -- FTP, Telnet, DNS, DHCP, TFTP,RPC,NFS, SNMP..
  • Transport layer -- TCP, UDP
  • Internet Layer -- IP, ICMP, ARP, bootp...
  • Organisations / entities : ICANN, IETF, IAB, IRTF, ISOC, W3C
  • Other Protocols
    • IPX/SPX
    • ATM
    • DECnet
    • IEEE 802.11
    • AppleTalk
    • USB
    • SNA

3 网络的安全隐患

3.1 网络不安全的原因

What makes network vulnerable

  • Anonymity
  • Multiplicity of points of attack
  • Resource sharing
  • Complexity of system
  • Uncertain perimeter
  • Unknown path
  • Protocol flaws / protocol implementation flaws

3.2 网络攻击的动机

Motivations of network attacks

  • Challenge
  • Fame
  • Organised Crime
  • Ideology
  • Espionage / Intelligence

4 网络安全的威胁

Threats in Networks

4.1 侦察

Reconnaissance

  • Port Scan
  • Social Engineering
  • Intelligence gathering
  • O/S and Application fingerprinting
  • IRC Chat rooms
  • Available documentation and tools
  • Protocol flaws / protocol implementation flaws

4.2 网络传输过程中的威胁

Threats in Transit

  • Eavesdropping / Packet sniffing
  • Media tapping (Cable, Microwave, Satellite, Optical fibre, Wireless)

4.3 网络冒充

Impersonation

  • Password guessing
  • Avoiding authentication
  • Non-existent authentication
  • Well-known authentication
  • Masquerading
  • Session hijacking
  • Man-in-the-middle

4.4 信息私密性威胁

Message Confidentiality Threats

  • Mis-delivery
  • Exposure -- in various devices in the path
  • Traffic Flow analysis -- sometimes the knowledge of existence of message
    can be as important as message content

4.5 信息完整性威胁

Message Integrity Threats

  • Falsification
  • Noise
  • Protocol failures / misconfigurations

4.6 基于操作系统的威胁

Operating System based Threats

  • Buffer-Overflow
  • Virus , Trojans, rootkits
  • Password

4.7 基于应用程序的威胁

Application based Threats

  • Web-site defacement
  • DNS cache poisoning
  • XSS (Cross-site Scripting)
  • Active-code / Mobile-code
  • Cookie harvesting
  • Scripting

4.8 拒绝服务

Denial of service

  • Syn Flooding
  • Ping of death
  • Smurf
  • Teardrop
  • Traffic re-direction
  • Distributed Denial of Service
    • Bots and Botnets
    • Script Kiddies

5 网络安全控制

Network Security Controls

5.1 弱点和威胁分析

Vulnerability and Threat assessment

5.2 网络结构控制

Network Architecture

  • Network segmentation
  • Architect for availability
  • Avoid SPOF (single points of failure)
  • Encryption
    • Link encryption
    • End-to-end encryption
    • Secure Virtual Private Networks
    • Public Key Infrastructure and Certificates
    • SSL and SSH

5.3 增强加密系统

Strong Authentication

  • One Time Password
  • Challenge Response authentication
  • Kerberos

5.4 防火墙设置

Firewalls

  • Packet Filters
  • Stateful Packet Filters
  • Application proxies
  • Diodes
  • Firewall on end-points

5.5 入侵检查和防御系统

Intrusion Detection / Prevention Systems

  • Network based / host based
  • Signature based
  • Heuristics based / protocol anomaly based
  • Stealth mode

5.6 使用政策和规程

Policies and Procedures

  • Enterprise-wide Information Security Policy
  • Procedures
  • Buy-in (from Executives and employees)
  • Review, enhancement and modification

5.7 其他网络控制方式

  1. Data-Leakage Protection systems
    • Network based / host based
  2. Content scanning/Anti-Virus/Spyware Control systems
    • Network based / host based
  3. Secure e-mail Systems
  4. Design and implementation
  5. ACLs (Access Control Lists)
相关推荐
深盾安全17 小时前
Flutter框架编译Android程序全攻略:从入门到进阶
安全
房屋安全鉴定检测17 小时前
房屋安全鉴定报告有效期多久
安全·网络安全
心 一17 小时前
Web安全基石:深入理解与防御SQL注入漏洞
sql·安全·web安全
久绊A18 小时前
Hydra-SSH 破解安全防范
开发语言·php
黑白世界464818 小时前
开源分享: php-tools php gui的一次尝试
后端·php
房屋安全鉴定检测18 小时前
房屋安全鉴定需要什么条件
安全·网络安全
wanhengidc19 小时前
什么是云手机?
运维·网络·安全·游戏·智能手机
FLS16820 小时前
Kali搭建sqli-labs靶场
linux·sql·安全·网络安全
2503_9284115621 小时前
9.8 ajax+php基础语法
ajax·okhttp·php
KKKlucifer21 小时前
网络安全等级保护:等级保护工作、分级保护工作、密码管理工作三者之间的关系
网络·安全·web安全