1.CA.B.C.D.2.CCCCA.,,,B.,,,C.,,,D.33.DA.B.C.D.4.HashCA.B.C.D.5.CA.B.C.D.6.AA.B.C.D.7.PKIAA.IDB.C.D.8.PKIDA.B.C.D.AS9.IKECA.B.C.D.10AHESPAA.B.C.D.11.CWebA.PEMSSLB.S-HTTPS/MIMEC.SSLS-HTTPD.S/MIMESSL12.CA.B.C.D.13.VPNCA.B.C.VPND.14BA.AccessVPNB.IntranetVPNC.ExtranetVPND.InternetVPN15CA.AccessVPNB.IntranetVPNC.ExtranetVPND.InternetVPN16.CA.B.C.D.17.CA.B.C.D.18.BA.B.C.D.DOS19ABBDA.B.C.D.20.ISO/OSIEA.B.C.D.E.21.KerberosAA.TicketGrantingticketB.C.D.22.DA.B.C.D.23.PKIBA.CAB.SSLC.RAD.CR24.AA.AHB.ESPC.GRED.25DA.SSLB.PGPC.PPTPD.IPSec26AIPA.AHB.ESPC.IPSecD.PPTP27.IPSecIPAA.ESPB.AHC.InternetIKED.28.SSLCA.B.C.D.29.InternetDA.WebB.C.InternetD.FTP30.InternetBA.InternetB.C.D.31.VPNBA.IPSecB.PPTPC.GRED.32CA.PPTPB.L2TPC.TCP/IPD.IPSec33.PPTPL2TPDA.B.C.D.34AKAKABKBKBABMMM=KBKAMBCA.KBKAMB.KAKAMC.KAKBMD.KBKAM35.BA.B.C.D.11AA.B.C.D.36.DISO/OSIA.B.C.D.E.37.CAISODA.B.C.D.38.AA.B.C.D.39.PKIDA.B.C.D.40.AHAA.HMAC-MD5HMAC-SHA1B.NULLC.HMAC-RIPEMD-160D.41.NATBA.B.C.64000NATD.42.GREDA.IPB.IPXC.AppleTalkD.43VPNA44IPSecVPNCIPIPIPTCP/IP45.5af5AA.B.C.D.46.AA.B.C.D.47BA.B.C.IPD.48.AA.B.C.D.49.BA.B.C.D.50.PKIACA.B.C.D.51.IKEAA.ISAKMPOakleySKEMEB.AHESPC.L2TPGRED.52.InternetCA.B.C.D.53.VPNBA.VisualProtocolNetworkB.VirtualPrivateNetworkC.VirtualProtocolNetworkD.VisualPrivateNetwork54L2TPVPNAA.CHAPB.SSLC.KerberosD.55.DA.B.C.D.356.ISOBA.B.C.D.57.KerberosBA.B.C.D.58.IPSecCVPNA.PPTPB.L2TPC.GRED.59.AAA.SSLB.S-HTTPC.S-HTTPD.SSL60.DA.IPB.IPC.TCPD.61.BA.VPNB.VPNC.VPND.VPN62.AAAAA.,,,B.,,,C.,,,D.,,,63CDESKDCA.TACACSB.RADIUSC.KerberosD.PKI64.AIPSecA.TCPUDPIPB.ARPC.RARPD.65DAHESPIKEA.PPTPB.L2TPC.L2FD.IPSec66.PPTPL2TPL2FBA.B.C.D.67.DA.B.C.D.368.VPNCA.B.C.D.69.AA.AccessVPNB.IntranetVPNC.ExtranetVPND.InternetVPN70.EA.B.C.D.E.71.VPNAA.AccessVPNB.IntranetVPNC.ExtranetVPND.142DE34DES64565RSA678Hash9101112KDC131415161718IDS195202122124.5.6.MD5MDRivestHashMD551285121.51FootprintingWhoisFingerNslookupPingIP2ScanningNmap3StackFingerprintingOSIPOSOS4SnifferingPromiscuousARP5SessionHijacking2.512)IPIPLinuxUNIXIP3)DNSDNSDNSIPIP4)Replay5)TrojanHorse4.UDPFloodFraggleAttack1UDPFloodEchoTCP7UDP7ChargenTCP19UDP19ChargenTCP19UDPChargenEchoChargenEcho2FraggleAttackSmurfAttackUDPICMP345SocialEngineering6.1.ISO/OSI5123452.1.2.3.VPN4.5.OSWeb6.9Windows2000ServerWindows2000ServerC25KDCKDCKDCKDCKDCKDC1.????2.(1)(MessageDigest)(2)(3)(4)3.RSA(1)(2)4.(1)(2)(3)(4)1.2.123DNA4.H?H?H?xH(x)?hxH(x)=h?xxyH(y)=H(x)WeakCollisionResistance?(x,y)H(y)=H(x)StrongCollisionResistance12.Kerberos(1)Kerberos(2)Kerberos(3)(4)1.2.1OwnAuthorizeRevoke2CapabilitiesACL3AccessControlList4AuthorizationRelations8.MACMACMACPKI2.(CA)(CA)X.509V3X.509X.509IPSec(IP)SSLSETS/MIME3.X.509ABPKIX.509ABAABPKICACA4.41.(CA)PKICACA(RootCA)(TrustAnchor)2.CAACA1BCA2CACAPKICA3.WebWebCACACA4.9.CA??CA??(CA)???CRL??CAIP1.IPSecIPVPNIPSecIETFIPIPSecIPv6IPv4IPSecVPNIP2.IPSec33IPSecRFCAHESPIKE1AHIP3MD5AH2ESPIPAH3IPIPIPSecIPIPAHESP3IKEIKE(SA)AHESP(DOI)IKESA1.1234VBScript2.InternetPGPS/MIME3.PGPWeb1.CGIWebCGICGI()3.SSLSSLX.509NetscapeWeb()SSLSSLSSLWebInternetTCP/IPSSLTCPSSLSSLSSLSSLSSLSSLSSL(TCP)SSL4.SETSET()()SETSET9.SSLSSLTCPSSLSSLSSL1./InternetInternetInternet(Internet)2.(1)(2)(3)(Penetration)3.(1)(2)(3)NATNATIPIP(4)Internet(5)IPSec(6)VPN1.VPNVPNVirtualPrivateNetworkInternetVirtualVPNPrivateVPN3.VPN1VPNVPNVPNVPNIPVPNVPNVPNVPN2SKIPISAKMP3VPN4.VPN1.AccessVPNVPNISPVPNISPInternetVPNVPNISDNADSLIPInternet2.IntranetVPNIntranetVPNVPNVPNVPN3.ExtranetVPNExtranetVPNVPN5.1IPPPPSLIP2L2FPPTPL2TPGRE3UDP8.GREGRERIP2OSPFIPIPIPXNetBEUIGREGREIPGREGREXoverYIPIPIPIPIPIPIPInternetVPNNATIPIPGREVPN1.11)FootprintingWhoisDNS(Windows/UNIXnslookup)IPDNStraceroute2)Scanning(Ping)()3)Enumeration2GainingAccess3EscalatingPrivilege(L0phtcrackNTSAM)4StealingWindowsUNIXrhost5CoveringTracksrootkits6CreatingBookdoor91.12)1.1232.13.4.126.12BIOS345910