企业网安全设计准则

蛋打鸡飞
1 ℃
2019-09-30

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

1©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c12©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c13©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1(I)SessionSEC-200444©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1“ITCisco()(Sec-201)”555©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1•ScottDaniels,“scriptkiddie”Netgames.com666©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1•Netgames.comWeb,IT777©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1PublicHosts()•WAN•FWInternalNetInternetNetgames.comNetgames.com888©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1()••Webbind•Rootlog,rootkit•“”InternalNetInternetScottScott999©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1101010©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1SANSUNIX#3:BIND111111©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1SANS#1:121212©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1RootKits—t0rnkit•2Unixt0rnkit:1.syslogd2./etc/ttyhash3.sshd4.rootkit5.:/bin/login,/sbin/ifconfig,/bin/ps,/usr/bin/du,/bin/ls,/bin/netstat,/usr/sbin/in.fingerd,/usr/bin/find,/usr/bin/top6.sniffer,loglog7./etc/inetd.conftelnet,shellfinger8./usr/sbin/inetd9.syslogd.--.l$$$$l------[designbyj0hnny7/zho-d0h]----l$$$$l.-..-..-.l$$$$l.,g%T$$b%g,..,g%T$$$T%y,..,g%T$T%y,.l$$$l.-.l$$$l.glS$$$$Slyl$$$$''$$$$lg$$$T''$$$$ll$$$$''$$$$l$$$l.,gdT$'l$$$l,gl$$$lp,.l$$$$$$$$$$l$$$$$$$$l$$$$$'---'l$$$$$$$$l$$$$T~''l$$$llll$$$lllll'lT$$$$Tll$$$$$$$$l$$$$$l$$$$$$$$l$$$$Tbg.l$$$l'l$$$l'l$$$$ll$$$$.,$$$$l$$$$$l$$$$$$$$l$$$l~$Tp._l$$$ll$$$ll$$$$l~$TbggdT$~'---''---'`------''------'l$$$ll$$$$l.,.::'thereisnostopping,whatcan'tbestopped...''---'`$$$$Tbg.gdT$`--------'LionWormin2001LionWormin2001©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1•(rootkit)patch••FWInternalNetInternetNetgames.comNetgames.com141414©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1RootKitDetects:lrk3,lrk4,lrk5,lrk6(andsomevariants);Solarisrootkit;FreeBSDrootkit;t0rn(includingsomevariantsandt0rnv8);Ambient'sRootkitforLinux(ARK);RamenWorm;rh[67]-shaper;RSHA;Romanianrootkit;RK17;LionWorm;AdoreWorm;LPDWorm;kenny-rk;AdoreLKM;ShitCWorm;OmegaWorm;WormkitWorm;Maniac-RK;dsc-rootkit;Ducocirootkit;x.cWorm;RST.btrojan;duarawkz;knarkLKM;Monkit;Hidrootkit;Bobkit;Pizdakit.©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1,?•“”•patch•“”(…)InternalNetInternetScottScott161616©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1171717©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1“.”“OracleCEOLarryEllison,Oracle9Oracle‘s‘’Oracle”“Oracle9i.Unbreakable.Can'tbreakit.Can'tbreakin.”“Oracle9i.Unbreakable.Can'tbreakit.Can'tbreakin.”Oracle11/2001BruceSchneier,CTOCounterpaneInternetSecurityDavidLitchfieldauthorofHackproofingOracleApplicationServer181818©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1•()•rootkit,logs•••InternalNetInternetScottScott191919©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1•••NIDS•shunningTCPACLInternetInternalNetNetgames.comNetgames.com202020©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1NIDS7100he#showaccess-listExtendedIPaccesslist197permitiphost10.1.1.20anydenyiphost112.70.126.43anydenyiphost96.193.155.79anydenyiphost40.232.39.97anydenyiphost220.64.150.28anydenyiphost50.19.117.109anydenyiphost176.82.33.85anydenyiphost196.161.217.4anydenyiphost111.100.101.15anydenyiphost130.234.112.89anydenyiphost243.68.1.8anydenyiphost59.93.177.47anydenyiphost239.213.208.158anydenyiphost204.170.43.113any212121©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1?•,••Ping•“”•…?InternetInternalNetScottScott222222©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1!••ShunningInternetInternalNetNetgames.comNetgames.com232323©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1StickIDS•,NIDSshunning•NIDSshunning—Stick•stick,•:SnotandFragroute~dugsong/fragroute/InternalNetInternetScottScott242424©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1Stick[root@sconvery-lnxstick]#./stick-hUsage:stick[sHip_source][sCip_class_C_spoof][sRstart_spoof_ipend_spoof_ip][dHip_target][dCip_class_C_target][dRstarttargetipend_target_ip]-------------------------------------------------------------------------defaultsdestinationto10.0.0.1andsourcedefaultis0.0.0.0-255.255.255.255SoftwareDesignforlimittedStressTestcapablity.[root@sconvery-lnxstick]#./stickdH12.1.1.1Destinationtargetvalueof:101010cStressTest-Sourcetargetissettoall2^32possiblitiessendingrule496sendingrule979sendingrule896sendingrule554sendingrule735sendingrule428252525©2002,CiscoSystems,Inc.Allrightsreserved.SEC-2005200_05_2002_c1•2FWNIDSshun