信息安全管理:网络安全

1 网络的定义和特征

1.1 网络的定义

(根本懒得说。。你们自己wiki吧)

网络的用处

  • What is a network...
  • Devices in a network...
  • LAN, WAN and Internetworks
  • What do networks do for you...
    • Sharing resources
    • Use/share applications

1.2 网络的特征 Characteristics of networks

-- Anonymity

-- Automation

-- Distance

-- Opaqueness

-- Routing diversity

1.3 Network Topology


2 TCP/IP

  • Protocols...
  • Open Systems
    • ANSI , IETF, ISO, IAB

2.1 ISO -- OSI Reference Model - 7 Layers

  • Application:End user processes like FTP, e-mail, etc.
  • Presentation:Format, Encrypt data to send across network
  • Session:Establishes, manages and terminates connections between applications
  • Transport:End-to-end error recovery, flow control, priority services
  • Network:Switching, Routing, Addressing, internetworking, error handling, congestion control and packet sequencing
  • Data-link:Encoding, decoding data packets into bits. Media Access Control Sub-layer : Data access/transmit permissions. Logical Link Sub-layer : Frame synchronisation, flow control, error checking.
  • Physical: Conveys the bit stream (electrical, light, radio)
    All People Seem To Need Data Protection
    People Do Not Trust Sales People Always

ISO-OSI七层结构

TCP/IP

2.2 相关协议

  • Application layer -- FTP, Telnet, DNS, DHCP, TFTP,RPC,NFS, SNMP..
  • Transport layer -- TCP, UDP
  • Internet Layer -- IP, ICMP, ARP, bootp...
  • Organisations / entities : ICANN, IETF, IAB, IRTF, ISOC, W3C
  • Other Protocols
    • IPX/SPX
    • ATM
    • DECnet
    • IEEE 802.11
    • AppleTalk
    • USB
    • SNA

3 网络的安全隐患

3.1 网络不安全的原因

What makes network vulnerable

  • Anonymity
  • Multiplicity of points of attack
  • Resource sharing
  • Complexity of system
  • Uncertain perimeter
  • Unknown path
  • Protocol flaws / protocol implementation flaws

3.2 网络攻击的动机

Motivations of network attacks

  • Challenge
  • Fame
  • Organised Crime
  • Ideology
  • Espionage / Intelligence

4 网络安全的威胁

Threats in Networks

4.1 侦察

Reconnaissance

  • Port Scan
  • Social Engineering
  • Intelligence gathering
  • O/S and Application fingerprinting
  • IRC Chat rooms
  • Available documentation and tools
  • Protocol flaws / protocol implementation flaws

4.2 网络传输过程中的威胁

Threats in Transit

  • Eavesdropping / Packet sniffing
  • Media tapping (Cable, Microwave, Satellite, Optical fibre, Wireless)

4.3 网络冒充

Impersonation

  • Password guessing
  • Avoiding authentication
  • Non-existent authentication
  • Well-known authentication
  • Masquerading
  • Session hijacking
  • Man-in-the-middle

4.4 信息私密性威胁

Message Confidentiality Threats

  • Mis-delivery
  • Exposure -- in various devices in the path
  • Traffic Flow analysis -- sometimes the knowledge of existence of message
    can be as important as message content

4.5 信息完整性威胁

Message Integrity Threats

  • Falsification
  • Noise
  • Protocol failures / misconfigurations

4.6 基于操作系统的威胁

Operating System based Threats

  • Buffer-Overflow
  • Virus , Trojans, rootkits
  • Password

4.7 基于应用程序的威胁

Application based Threats

  • Web-site defacement
  • DNS cache poisoning
  • XSS (Cross-site Scripting)
  • Active-code / Mobile-code
  • Cookie harvesting
  • Scripting

4.8 拒绝服务

Denial of service

  • Syn Flooding
  • Ping of death
  • Smurf
  • Teardrop
  • Traffic re-direction
  • Distributed Denial of Service
    • Bots and Botnets
    • Script Kiddies

5 网络安全控制

Network Security Controls

5.1 弱点和威胁分析

Vulnerability and Threat assessment

5.2 网络结构控制

Network Architecture

  • Network segmentation
  • Architect for availability
  • Avoid SPOF (single points of failure)
  • Encryption
    • Link encryption
    • End-to-end encryption
    • Secure Virtual Private Networks
    • Public Key Infrastructure and Certificates
    • SSL and SSH

5.3 增强加密系统

Strong Authentication

  • One Time Password
  • Challenge Response authentication
  • Kerberos

5.4 防火墙设置

Firewalls

  • Packet Filters
  • Stateful Packet Filters
  • Application proxies
  • Diodes
  • Firewall on end-points

5.5 入侵检查和防御系统

Intrusion Detection / Prevention Systems

  • Network based / host based
  • Signature based
  • Heuristics based / protocol anomaly based
  • Stealth mode

5.6 使用政策和规程

Policies and Procedures

  • Enterprise-wide Information Security Policy
  • Procedures
  • Buy-in (from Executives and employees)
  • Review, enhancement and modification

5.7 其他网络控制方式

  1. Data-Leakage Protection systems
    • Network based / host based
  2. Content scanning/Anti-Virus/Spyware Control systems
    • Network based / host based
  3. Secure e-mail Systems
  4. Design and implementation
  5. ACLs (Access Control Lists)
相关推荐
你的人类朋友5 小时前
“签名”这个概念是非对称加密独有的吗?
前端·后端·安全
一只代码狗6 小时前
Docker Desktop在MAC上无法强制关闭的命令清理方式
macos·docker·php
携欢6 小时前
PortSwigger靶场之CSRF where token validation depends on request method通关秘籍
安全·web安全·csrf
周杰伦_Jay7 小时前
【计算机网络表格图表解析】网络体系结构、数据链路层、网络层、传输层、应用层、网络安全、故障排查
计算机网络·安全·web安全
CRMEB系统商城8 小时前
CRMEB多商户系统(PHP)v3.3正式发布,同城配送上线[特殊字符]
java·开发语言·小程序·php
黄金旺铺10 小时前
从 FinalShell 迁移到 WindTerm:一次安全、高效、开源的终端升级之旅
安全·开源·windterm·finalshell
心 一11 小时前
接口安全测试实战:从数据库错误泄露看如何构建安全防线
数据库·安全
独行soc12 小时前
2025年渗透测试面试题总结-106(题目+回答)
网络·python·安全·web安全·adb·渗透测试·安全狮
A Runner for leave12 小时前
网络与通信安全课程复习汇总1——课程导入
网络·安全·web安全
胡耀超12 小时前
数据安全工具手册——便捷实用的安全工具集-20251014
python·安全·数据安全·加密·数据库安全·脱敏·开源工具