网络安全培训课程
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Network traffic is visible
➢ Network addresses, e-mail, Web page URLs, Web page content, data files, password forms
➢ Passive collection leads to database tracking
➢ Outbound restrictions, too
➢ End system filtering with IPSec ➢ Perimeter filtering
➢ Insecure systems ➢ Used by trusted users ➢ Users are local administrators ➢ Little central control over security ➢ Users install untrusted, possibly infected software ➢ Mobile – connect to many public networks, then
Send personal data to attackers
➢ Identity theft of user ID and password ➢ Sensitive data theft
Send malicious data to attack others Open holes for access from Internet
防范
Principle of least privilege (POLP)
➢ Users aren’t local administrators ➢ Trust those who are admins, though ➢ Configure trust relationships only where
➢ Run scripts scanning for known weaknesses ➢ Steal your data, passwords ➢ Infect your computer with trojans to
spread infection ➢ Backups won’t help if not “clean”
back to business network
企业网络客户端
“Our firewall will protect us” Wrong!
➢ No protection from internal systems ➢ Where’s the defense in depth? ➢ Infected e-mail spreads easily within ➢ Back-door Trojans leap from machine
to machine ➢ Often connected to public
networks directly
Trojans And Virii
Delivered through e-mail or infected programs Run as logged on user
➢ Very bad if it’s a corp-trusted user! ➢ Deadly if user is local admin
Port Scan
防范
Defense in depth
➢ Network ➢ Platform ➢ Application ➢ Users
Define policies
➢ Without these, everything else is useless
Test enforcement Monitor adherence
there is a business need ➢ Appropriate access lists and rights, again
following business needs
防范
Trusted platform for trusted users
➢ Anti-virus programs ➢ Up-to-date patches and services packs ➢ Administrator-managed and secured
➢ Client machines joined to Windows 2000 or Windows XP Domain makes client admin scalable
➢ Users are power users and maybe network operators (Windows XP), don’t login with administrator rights
➢ Enable attacker to control your PC ➢ Enable your machine to store and serve “bad” data
系源自文库安全危机
Attacker access from Internet
➢ Port scan isn’t an attack, but probing for weaknesses, once in:
SEC400:
Windows® 2000/ Windows XP 网络安全
大纲
企业网络客户端 威胁和防范 Internet connection firewall IP security
企业网络客户端
Large groups of trusted users and computers Typically…
防范
防止不必要的网络访问
➢ Perimeter protection (firewalls, routers) ➢ End-system firewall ➢ Authenticated, authorized
network connections
➢ To use network – 802.1x (see wireless talk) ➢ IP security
➢ Network addresses, e-mail, Web page URLs, Web page content, data files, password forms
➢ Passive collection leads to database tracking
➢ Outbound restrictions, too
➢ End system filtering with IPSec ➢ Perimeter filtering
➢ Insecure systems ➢ Used by trusted users ➢ Users are local administrators ➢ Little central control over security ➢ Users install untrusted, possibly infected software ➢ Mobile – connect to many public networks, then
Send personal data to attackers
➢ Identity theft of user ID and password ➢ Sensitive data theft
Send malicious data to attack others Open holes for access from Internet
防范
Principle of least privilege (POLP)
➢ Users aren’t local administrators ➢ Trust those who are admins, though ➢ Configure trust relationships only where
➢ Run scripts scanning for known weaknesses ➢ Steal your data, passwords ➢ Infect your computer with trojans to
spread infection ➢ Backups won’t help if not “clean”
back to business network
企业网络客户端
“Our firewall will protect us” Wrong!
➢ No protection from internal systems ➢ Where’s the defense in depth? ➢ Infected e-mail spreads easily within ➢ Back-door Trojans leap from machine
to machine ➢ Often connected to public
networks directly
Trojans And Virii
Delivered through e-mail or infected programs Run as logged on user
➢ Very bad if it’s a corp-trusted user! ➢ Deadly if user is local admin
Port Scan
防范
Defense in depth
➢ Network ➢ Platform ➢ Application ➢ Users
Define policies
➢ Without these, everything else is useless
Test enforcement Monitor adherence
there is a business need ➢ Appropriate access lists and rights, again
following business needs
防范
Trusted platform for trusted users
➢ Anti-virus programs ➢ Up-to-date patches and services packs ➢ Administrator-managed and secured
➢ Client machines joined to Windows 2000 or Windows XP Domain makes client admin scalable
➢ Users are power users and maybe network operators (Windows XP), don’t login with administrator rights
➢ Enable attacker to control your PC ➢ Enable your machine to store and serve “bad” data
系源自文库安全危机
Attacker access from Internet
➢ Port scan isn’t an attack, but probing for weaknesses, once in:
SEC400:
Windows® 2000/ Windows XP 网络安全
大纲
企业网络客户端 威胁和防范 Internet connection firewall IP security
企业网络客户端
Large groups of trusted users and computers Typically…
防范
防止不必要的网络访问
➢ Perimeter protection (firewalls, routers) ➢ End-system firewall ➢ Authenticated, authorized
network connections
➢ To use network – 802.1x (see wireless talk) ➢ IP security