信息安全管理(3):网络安全
1 网络的定义和特征
1.1 网络的定义
(根本懒得说。。你们自己wiki吧)
网络的用处
- What is a network…
- Devices in a network…
- LAN, WAN and Internetworks
- What do networks do for you…
- Sharing resources
- Use/share applications
1.2 网络的特征 Characteristics of networks
– Anonymity
– Automation
– Distance
– Opaqueness
– Routing diversity
1.3 Network Topology
2 TCP/IP
- Protocols…
- Open Systems
- ANSI , IETF, ISO, IAB
2.1 ISO – OSI Reference Model - 7 Layers
- Application:End user processes like FTP, e-mail, etc.
- Presentation:Format, Encrypt data to send across network
- Session:Establishes, manages and terminates connections between applications
- Transport:End-to-end error recovery, flow control, priority services
- Network:Switching, Routing, Addressing, internetworking, error handling, congestion control and packet sequencing
- Data-link:Encoding, decoding data packets into bits. Media Access Control Sub-layer : Data access/transmit permissions. Logical Link Sub-layer : Frame synchronisation, flow control, error checking.
- Physical: Conveys the bit stream (electrical, light, radio)
All People Seem To Need Data Protection
People Do Not Trust Sales People Always
ISO-OSI七层结构
TCP/IP
2.2 相关协议
- Application layer – FTP, Telnet, DNS, DHCP, TFTP,RPC,NFS, SNMP..
- Transport layer – TCP, UDP
- Internet Layer – IP, ICMP, ARP, bootp…
- Organisations / entities : ICANN, IETF, IAB, IRTF, ISOC, W3C
- Other Protocols
- IPX/SPX
- ATM
- DECnet
- IEEE 802.11
- AppleTalk
- USB
- SNA
3 网络的安全隐患
3.1 网络不安全的原因
What makes network vulnerable
- Anonymity
- Multiplicity of points of attack
- Resource sharing
- Complexity of system
- Uncertain perimeter
- Unknown path
- Protocol flaws / protocol implementation flaws
3.2 网络攻击的动机
Motivations of network attacks
- Challenge
- Fame
- Organised Crime
- Ideology
- Espionage / Intelligence
4 网络安全的威胁
Threats in Networks
4.1 侦察
Reconnaissance
- Port Scan
- Social Engineering
- Intelligence gathering
- O/S and Application fingerprinting
- IRC Chat rooms
- Available documentation and tools
- Protocol flaws / protocol implementation flaws
4.2 网络传输过程中的威胁
Threats in Transit
- Eavesdropping / Packet sniffing
- Media tapping (Cable, Microwave, Satellite, Optical fibre, Wireless)
4.3 网络冒充
Impersonation
- Password guessing
- Avoiding authentication
- Non-existent authentication
- Well-known authentication
- Masquerading
- Session hijacking
- Man-in-the-middle
4.4 信息私密性威胁
Message Confidentiality Threats
- Mis-delivery
- Exposure – in various devices in the path
- Traffic Flow analysis – sometimes the knowledge of existence of message
can be as important as message content
4.5 信息完整性威胁
Message Integrity Threats
- Falsification
- Noise
- Protocol failures / misconfigurations
4.6 基于操作系统的威胁
Operating System based Threats
- Buffer-Overflow
- Virus , Trojans, rootkits
- Password
4.7 基于应用程序的威胁
Application based Threats
- Web-site defacement
- DNS cache poisoning
- XSS (Cross-site Scripting)
- Active-code / Mobile-code
- Cookie harvesting
- Scripting
4.8 拒绝服务
Denial of service
- Syn Flooding
- Ping of death
- Smurf
- Teardrop
- Traffic re-direction
- Distributed Denial of Service
- Bots and Botnets
- Script Kiddies
5 网络安全控制
Network Security Controls
5.1 弱点和威胁分析
Vulnerability and Threat assessment
5.2 网络结构控制
Network Architecture
- Network segmentation
- Architect for availability
- Avoid SPOF (single points of failure)
- Encryption
- Link encryption
- End-to-end encryption
- Secure Virtual Private Networks
- Public Key Infrastructure and Certificates
- SSL and SSH
5.3 增强加密系统
Strong Authentication
- One Time Password
- Challenge Response authentication
- Kerberos
5.4 防火墙设置
Firewalls
- Packet Filters
- Stateful Packet Filters
- Application proxies
- Diodes
- Firewall on end-points
5.5 入侵检查和防御系统
Intrusion Detection / Prevention Systems
- Network based / host based
- Signature based
- Heuristics based / protocol anomaly based
- Stealth mode
5.6 使用政策和规程
Policies and Procedures
- Enterprise-wide Information Security Policy
- Procedures
- Buy-in (from Executives and employees)
- Review, enhancement and modification
5.7 其他网络控制方式
- Data-Leakage Protection systems
- Network based / host based
- Content scanning/Anti-Virus/Spyware Control systems
- Network based / host based
- Secure e-mail Systems
- Design and implementation
- ACLs (Access Control Lists)
网络安全学习路线
对于从来没有接触过网络安全的同学,我们帮你准备了详细的学习成长路线图。可以说是最科学最系统的学习路线,大家跟着这个大的方向学习准没问题。
同时每个成长路线对应的板块都有配套的视频提供:
需要网络安全学习路线和视频教程的可以在评论区留言哦~
最后
- 如果你确实想自学的话,我可以把我自己整理收藏的这些教程分享给你,里面不仅有web安全,还有渗透测试等等内容,包含电子书、面试题、pdf文档、视频以及相关的课件笔记,我都已经学过了,都可以免费分享给大家!
给小伙伴们的意见是想清楚,自学网络安全没有捷径,相比而言系统的网络安全是最节省成本的方式,因为能够帮你节省大量的时间和精力成本。坚持住,既然已经走到这条路上,虽然前途看似困难重重,只要咬牙坚持,最终会收到你想要的效果。
黑客工具&SRC技术文档&PDF书籍&web安全等(可分享)
结语
网络安全产业就像一个江湖,各色人等聚集。相对于欧美国家基础扎实(懂加密、会防护、能挖洞、擅工程)的众多名门正派,我国的人才更多的属于旁门左道(很多白帽子可能会不服气),因此在未来的人才培养和建设上,需要调整结构,鼓励更多的人去做“正向”的、结合“业务”与“数据”、“自动化”的“体系、建设”,才能解人才之渴,真正的为社会全面互联网化提供安全保障。
特别声明:
此教程为纯技术分享!本教程的目的决不是为那些怀有不良动机的人提供及技术支持!也不承担因为技术被滥用所产生的连带责任!本教程的目的在于最大限度地唤醒大家对网络安全的重视,并采取相应的安全措施,从而减少由网络安全而带来的经济损失
