Network Security Issues Include The Four Aspects (65 อ่าน)
28 ก.ย. 2566 18:24
September 15, 2011, "Internet on legal literacy activities" series of interviews invited to Beijing University of Posts and Telecommunications College of Humanities Dean Li Yuxiao guest Xinhua with friends to talk about network security.
To strengthen the legal knowledge education Internet, promote the healthy development of Internet sites, create a civilized and harmonious network environment, Beijing University of Posts and Telecommunications, Dean of Humanities and Xinhua Li Yuxiao invited guests, with the majority of users were talking about "network security."
[Moderator] network safety is now often referred to as a hot word, but many ordinary users of the network security concept, its connotation and extension is not very clear, you can not from a professional point of view for us to answer it?
[Li Yuxiao] because the use of networks is becoming increasingly popular, you will encounter all sorts of issues online, including many now say the concept of microblogging, spam, etc., and now there are cloud computing, networking, mobile Internet so, how to determine the network security problem? now the development of network security and traditional network security have changed. We consider more the four aspects. The first is physical security, and so the hardware stuff. The second is the operational safety, such as the Internet operating system, online applications provide network functionality to achieve a wide range of support equipment. The third is information security, including reliability, consistency, non-repudiation, the information is true. Fourth, content security, that we are now involved in a lot of information online, and some of the information is garbage, some violence, these things are in some of our laws and regulations which specifically prohi***ed or regulated.
With the development of networks, network behavior is more complex and diverse, there is now a web of abuse, such as online fraud, online this "human flesh" and other behaviors, and these acts are relying on the network exists. Before talking about the four kinds of behavior are relatively independent, so the scope of network security can be said that when you use the network, you own the device connected to a network, or use your personal network in all of them encountered security issues. Network of information and activities to bring life to your problems may be associated with network security.
ARP spoofing attacks are network attacks are quite common form of attack, the first ARP spoofing attacks by infected computers within the network can be disguised as a router, and then achieve the purpose of stealing passwords. But with the technology, ARP spoofing attacks can be hidden in the software among the users within the network to disrupt normal communication functions. So this article on the adoption of five methods, a brief look at the ARP spoofing attack solution.
As you may have a network of this experience - the network frequently dropped calls, slow down, you have no way to start. This ARP attacks may be subject to the performance of the network, here are five easy ways to help you quickly resolve it.
First, the establishment of MAC database, the Internet network card's MAC address of all record of each MAC and IP, geographic location were all into the database for filing timely fashion.
Second, the establishment of the DHCP server (recommended building at the gateway, because DHCP does not take up much CPU, and ARP spoofing attacks are generally always the first attack gateway, we are the gateway to make his first attack, because the gateway monitoring program here , recommended to choose the gateway address 192.168.10.2, 192.168.10.1 the blank, stupid things if criminal procedures allow him to attack an empty address bar), in addition to all the client's IP address and associated host information, only by the gateway here obtained, opening the gateway DHCP services here, but to give each card, the only fixed IP address binding. Must maintain the machines within the network IP / MAC-one correspondence relationship. Although this is a DHCP client to take the address, but each time the IP address of the boot are the same.
Third, the gateway monitor network security. Gateway to use TCPDUMP program intercepts above each ARP package, get a script analysis of the ARP protocol analysis software. ARP spoofing attack packets usually have the following two characteristics, to meet one of the packages can be regarded as an attack alarm: the first Ethernet packet header source address, destination address and protocol address of the ARP packet does not match. Or, ARP packets sent and the target network card MAC address is not in their database, or network with their MAC database MAC / IP do not match. These were all first alarm, check the data packets (Ethernet packet) source address (there may be forged), it is generally aware of that machine in the attack.
Fourth, the gateway machine to refresh the ARP dynamic process, static routing, this is the case, even if the suspect using ARP spoofing attack gateway, this gateway is no use for, to ensure host security.
Gateway to establish a static IP / MAC binding approach is: build / etc / ethers file, which contains the correct IP / MAC mapping, the following format:
Fifth, the sneaky come to that machine to see whether the intentional use of, or be appointed to put the Trojans what framing. If the latter, he quietly sent away the excuse, unplug the network cable (not shut down, especially to see the scheduled tasks in Win98) and see if the machine records the current use and operation, to determine whether it is in attacks.
Sixth, the use of protective software. ARP Firewall uses the system kernel level interception techniques and proactive technologies, including six function modules can solve most of deception, ARP attack to bring the issue to ensure communications security (to protect data communications network management software is not / malware monitor and control ), to ensure smooth network.