网路安全与异常之自动通告

ak74555
2 ℃
2019-10-01

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

網路安全與異常之自動通告中央大學電算中心楊素秋97年9月©2007SusanYang,ComputerCenter,NationalCentralUniversity.報告大綱1.網路入侵來源2.網路誤用(Abuse)Spam,infringement,portscanPktflooding3.網路誤用自動通告系統(AbNS)RwhoisdIP管理資訊查詢服務通告紀錄查詢網頁©2007SusanYang,ComputerCenter,NationalCentralUniversity.1.網路入侵來源系統弱點•Portscan-感染-埋後門-Zombie軍團太簡易的密碼•字典式crackinㄦ-猜中-Zombie軍團VirusMail•Socialengineering-讀信-感染-Zombie軍團Toxicwebpage•Userbrowsethetoxicwebpage-感染-Zombie軍團Spyware,Games,P2Pfilesharing,…©2007SusanYang,ComputerCenter,NationalCentralUniversity.1.網路入侵來源(cont.)太簡易的用戶密碼username=password12345654321abcdefg等等建議之密碼選定項(易記,易用為原則):$:如果你很愛錢的話&:如果你落單*:如果你看星星%:如果你愛統計{生年,生月,生日},電話號碼,luckyname©2007SusanYang,ComputerCenter,NationalCentralUniversity.1.網路入侵來源(cont.)容易被用來掩護駭客發動網路攻擊PC未安裝防毒(anti-virus)軟體不及時更新微軟視窗系統(WindowsUpdates)選用過於簡單的密碼的連網主機善用anti-virus/firewall工具扎實地做好網路防護措施維持良好的網路使用習慣根本阻截網路駭客與犯罪組織的橫行©2007SusanYang,ComputerCenter,NationalCentralUniversity.2.Abuse常見類型SpamPortScanPasswordcrackingPacketflooding©2007SusanYang,ComputerCenter,NationalCentralUniversity.2.Abuse(cont.)Spam行為特徵©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.2.Abuse(cont.)PortScan行為特徵©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.2.Abuse(cont.)Passwordcracking行為特徵©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.2.Abuse(cont.)Packetflooding行為特徵PacketFloodingSourceVictimVictimVictimVictimSingle-FlowFllodingMultiple-FlowFlooding©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.3.網路誤用通報系統RwhoisdIP管理資訊查詢服務Ipsegments所屬單位•~yang/rwhois.php–學校名稱,管理員–Email,Tel–Address,Updatedate單位管轄的IPsegments•~yang/Tyc_ip/ip_retriev.phtm©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.3.網路誤用通報系統(cont.)單月通告紀錄•~yang/Moe/index_spam.php通告紀錄查詢網頁Date(year-month)•97-08•97-01©2007SusanYang,ComputerCenter,NationalCentralUniversity.©2007SusanYang,ComputerCenter,NationalCentralUniversity.ThankYou!