Sanakäsitteet
Perusselitys
1.[reikä;vuoto;vuoto]:Pienet reiät tai tulpat pysäyttävät vuodot.
2.[vika;heikkoudet;reikä;porsaanreikä]:Sääntöjä, asetuksia, sopimuksia tai sopimuksia ei ole muotoiltu hyvin, vikojen pitäisi tukkia lainsäädännön ilmeiset porsaanreiät.
Lainauksen selitys
1.Aukkoja;pieniä reikiä.MingLushenin"OteStoppingRecordsista":"VasemmallaGuanilla on liukas ja hidas pulssi,neljäsosa vuotaa ja alaosa on kytketty."ZhaoZi,"SecondPairofYoucaningtotheveteen":."
2.Haavoittuvuudet,epätarkat kohdat.MaoDunin"FrostyLeavesAre RedLike FebruaryFlowers"5:"WangBox on erittäin älykäs, kun hän haluaa tulla.Hänellä on oltava toinen järjestely tälle asialle.
Tietotekniikan merkitys
VulnerabilityreferstotheweaknessordefectofasystemthatattacksorisdangeroustoaspecificthreatThesensitivityoftheincident,orthepossibilityofthethreatofanattack.Vulnerabilitiesmaycomefromdefectsinthedesignofapplicationsoftwareoroperatingsystemsorerrorsincoding,orfromdesigndefectsintheinteractiveprocessingofthebusinessorunreasonablelogicflow.Thesedefects,errorsorunreasonablepointsmaybeintentionallyorunintentionallyexploited,whichwilladverselyaffectanorganization’sassetsoroperations.Forexample,theinformationsystemisattackedorcontrolled,importantinformationisstolen,userdataistamperedwith,andthesystemisusedasAspringboardtoinvadeotherhostsystems.Judgingfromthevulnerabilitiesfoundsofar,therearefarmorevulnerabilitiesinapplicationsoftwarethanvulnerabilitiesinoperatingsystems,andvulnerabilitiesinWEBapplicationsystemsaccountforthevastmajorityofvulnerabilitiesininformationsystems.
1.Therelationshipbetweenthevulnerabilityandthespecificsystemenvironmentanditstime-relatedcharacteristics
Thevulnerabilitywillaffectawiderangeofhardwareandsoftwaredevices,includingTheoperatingsystemitselfanditssupportingsoftware,networkclientandserversoftware,networkroutersandsecurityfirewalls,etc.Inotherwords,theremaybedifferentsecurityvulnerabilitiesinthesedifferenthardwareandsoftwaredevices.Differenttypesofsoftwareandhardwaredevices,differentversionsofthesamedevice,differentsystemscomposedofdifferentdevices,andthesamesystemunderdifferentsettingconditionswillhavetheirowndifferentsecurityvulnerabilities.
Theissueofvulnerabilitiesiscloselyrelatedtotime.Fromthedayasystemisreleased,asusersdeepenitsuse,thevulnerabilitiesinthesystemwillcontinuetobeexposed,andthesevulnerabilitiesdiscoveredearlierwillalsobeconstantlypatchedbythepatchsoftwarereleasedbythesystemvendor,orreleasedinthefuture.Becorrectedinthenewversionofthesystem.Whilethenewversionofthesystemcorrectstheloopholesintheoldversion,itwillalsointroducesomenewloopholesanderrors.Soovertime,oldloopholeswillcontinuetodisappear,andnewloopholeswillcontinuetoappear.Vulnerabilitieswillalsoexistforalongtime.
Therefore,itismeaninglesstodiscussthevulnerabilitieswithoutthespecifictimeandspecificsystemenvironment.Wecanonlydiscussthepossiblevulnerabilitiesandfeasiblesolutionsfortheactualenvironmentsuchastheoperatingsystemversionofthetargetsystem,thesoftwareversionrunningonit,andtheserviceoperationsettings.
Atthesametime,itshouldbenotedthattheresearchonvulnerabilitiesmusttrackthelatestdevelopmentsinthecurrentcomputersystemanditssecurityissues.Thisissimilartotheresearchonthedevelopmentofcomputerviruses.Ifyoucan'tkeeptrackofnewtechnologiesinyourwork,youwon'thavetherighttotalkaboutsystemsecurityvulnerabilities,andeventheworkdonebeforewillgraduallylosevalue.
2.Lääke ja haavoittuvuuksien ehkäisy
Theexistenceofvulnerabilitiescaneasilyleadtohackers’intrusionandthepresenceofviruses,whichcanleadtodatalossandtampering,Privacydisclosureandevenmonetaryloss,suchas:thewebsiteishackedduetoloopholes,websiteuserdatawillbeleaked,websitefunctionsmaybedisruptedandsuspended,ortheserveritselfiscontrolledbytheintruder.Inthecurrentdevelopmentofdigitalproducts,vulnerabilitieshavebeenextendedfromcomputersascarrierstodigitalplatforms,suchasmobilephoneQRcodevulnerabilities,Androidapplicationvulnerabilities,etc...
Järjestelmän haavoittuvuudet
Yleiskatsaus
Järjestelmän haavoittuvuudetrefertoflawsinthelogicdesignofapplicationsoftwareoroperatingsystemsoftwareorerrorsinwriting.ThisflaworerrorcanbeexploitedbycriminalsorcomputerhackersbyplantingTrojanhorsesorviruses.Attackorcontroltheentirecomputerbyothermeans,therebystealingimportantdataandinformationinyourcomputer,orevendestroyingyoursystem.
Periaate
Theproblemofwindowssystemvulnerabilitiesiscloselyrelatedtotime.Fromthedayawindowssystemisreleased,asusersdeepenuse,thevulnerabilitiesinthesystemwillcontinuetobeexposed,andthesevulnerabilitiesdiscoveredearlierwillalsobeconstantlypatchedbythesystemvendor:Microsoft’spatchsoftware.Oritwillbecorrectedinanewversionofthesystemthatwillbereleasedlater.Whilethenewversionofthesystemcorrectstheloopholesintheoldversion,itwillalsointroducesomenewloopholesanderrors.
Soovertime,oldsystemvulnerabilitieswillcontinuetodisappear,andnewsystemvulnerabilitieswillcontinuetoappear.Järjestelmän haavoittuvuudetwillalsoexistforalongtime.
MicrosoftSecurityBulletin
Helmikuun 12. päivän aamuna 2014 Microsoft julkaisi 7 haavoittuvuuskorjausta, mukaan lukien 4 "kriittistä" tasokorjausta ja 3 "kriittistä" tason haavoittuvuutta. Korjattiin useita InternetExplorerin, .Netin ja Windowsin haavoittuvuuksia sekä Windows8:n tiettyjä haavoittuvuuksia.
OnJanuary16,2014,theJanuarysecuritybulletinwasreleased.Thepatchlevelsofthe4vulnerabilitiesareall"important".TheyfixtheMSOfficeWord,Windows7kernelandtheoldversionoftheWindowskerneldriver.Therearemultipleremotecodeexecutionandprivilegeescalationvulnerabilities.AlsopushedaretheversionupdateinstallationpackageofAdobeFlashPlayer12andthesecurityupdateofAdobeReader.
MicrosoftgenerallyreleasessecuritybulletinsonthesecondTuesdayofeachmonth,whichiscalled"PatchTuesday."
Taso
Haavoittuvuudet luokitellaan neljään tyyppiin niiden vakavuuden mukaan: "Kiireellinen", "Tärkeä", "Varoitus" ja "Varoitus". Yleisesti ottaen se, mikä on määritelty Microsoft-sivustossa tärkeäksi, tulisi päivittää ajoissa.
Haavoittuvuuden korjaus
ThesystemautomaticallyupdatesUpdate,orautomaticallyrepairsitwithsecuritysoftwaresuchasComputerManager.
Luokittelu
Fliesdonotstareatseamlesseggs.Intruderscaneasilybreakintothesystemaslongastheyfindacrackinthecomplexcomputernetwork.Soknowingwheretheseseamsarelikelytobeiscrucialtorepairingthem.Usuallycracksaremainlymanifestedinsoftwarecompilationbugs,impropersystemconfiguration,passwordtheft,cleartextcommunicationinformationbeingmonitored,anddefectsintheinitialdesign.
Ohjelmistokirjoituksessa on virheitä
Whetheritisserverprogram,clientsoftwareoroperatingsystem,aslongasitiswrittenincode,therewillbevariousdegreesofbugs.Bugsaremainlydividedintothefollowingcategories:
(1)Bufferoverflow:Referstotheintruderenteringastringofmorethanthespecifiedlengthintherelevantinputitemsoftheprogram,andtheexcesspartisusuallywhattheintruderwantsTheattackcodetobeexecuted,andtheprogramwriterdidnotchecktheinputlength,whicheventuallycausedtheextraattackcodetooccupythememorybehindtheinputbufferandbeexecuted.Don'tthinkthat200charactersareenoughfortheloginusernameandnolongercheckthelength.Theso-calledanti-littlebutnotgentleman,theintruderwilltryeverymeanstotrytheattack.
(2).Unexpectedjointuseproblem:Aprogramisoftencomposedofmultiplelayersofcodewithdifferentfunctions,eveninvolvingthelowestoperatingsystemlevel.Intrudersusuallyusethisfeaturetoinputdifferentcontentfordifferentlayersinordertoachievethepurposeofstealinginformation.Forexample:ForaprogramwrittenbyPerl,theintrudercanentersomethinglike"mailoperatingsystemtocallthemailprogram,andsendanimportantpasswordfiletotheintruder.Borrowaknifetokillsomeone,borrowaMailtosenda"letter",itistrueHigh!
(3)Noexpectedcheckofinputcontent:Someprogrammersareafraidoftroubleanddonotperformexpectedmatchingcheckoninputcontent,whichmakesthejobofintruderdeliveringbombseasyandsimple.
(4)Raceconditions:Therearemoreandmoremulti-taskingandmulti-threadedprograms.Whileimprovingtheefficiencyofoperation,wemustalsopayattentiontotheproblemsofRaceconditions.Forexample:ProgramAandProgramBareinaccordancewith"Read/Modify/Write"Operateafileintheorderof.WhenAfinishesreadingandmodifying,Bstartstoimmediatelyexecuteallthe“read/modify/write”tasks.Atthistime,Acontinuestoperformthewritingwork,andtheresultisthatB’soperationhasnoperformance!Intrudersmayusethisvulnerabilityintheprocessingsequencetorewritesomeimportantfilestoachievethepurposeofbreakingintothesystem.Therefore,programmersshouldpayattentiontothesequenceoffileoperationsandlockingissues.
Virheellinen järjestelmäkokoonpano
(1)Insufficientdefaultconfiguration:Manysystemshavedefaultsecurityconfigurationinformationafterinstallation,whichisusuallycalledeasytouse.Unfortunately,easytousealsomeanseasytobreakin.Therefore,thedefaultconfigurationmustbeabandoned.
(2).Administratorlaziness:Oneofthemanifestationsoflazinessistokeeptheadministratorpasswordemptyafterthesystemisinstalledandnotmodifyitafterwards.Youknow,thefirstthingtheintruderhastodoistosearchthenetworkforsuchmachineswithanemptypasswordfortheadministrator.
(3)Temporaryport:sometimesfortestingpurposes,theadministratorwillOpenatemporaryportonthemachine,butforgottoprohibititafterthetest,thiswillgivetheintruderaholetofindandaleaktodrill.Theusualsolutionis:unlessaportismandatory,itisprohibitedIt!Ingeneral,securityauditdatapacketscanbeusedtodiscoversuchportsandnotifytheadministrator.
(4),trustrelationship:systemsbetweennetworksoftenestablishtrustrelationshipstofacilitateresourcesharing,butthisItalsogivesintrudersthepossibilityofindirectattacks.Forexample,aslongasonemachineinthetrustgroupiscompromised,itispossibletofurtherattackothermachines.Therefore,thetrustrelationshipmustbestrictlyreviewedtoensureatruesecurityalliance.
Salasanavarkaus
(1)Heikko salasana: se tarkoittaa, että vaikkapa salasanat, on niin yksinkertainen, että se ei voi olla helpompaa tunkeutuneelle.
(2)Dictionaryattack:referstotheintruderusingaprogramthatusesadictionarydatabasecontainingusernamesandpasswordstocontinuouslytrytologintothesystemuntilitsuccessfullyenters.ThereisnodoubtthatthisThekeytothiswayItliesinhavingagooddictionary.
(3)Bruteforceattack:similartodictionaryattack,butthisdictionaryisdynamic,thatis,thedictionarycontainsallpossiblecharactercombinations.Forexample,a4-characterpasswordcontaininguppercaseandlowercasehasabout500,000combinations,anda7-characterpasswordcontaininguppercaseandlowercaseandpunctuationhasabout10trillioncombinations.Forthelatter,ittakesaboutafewmonthsforageneralcomputertotestitagain.Seethebenefitsoflongpasswords,it’sreallyalotofmoney!
Snaffingensalatut viestintätiedot
(1),sharedmedia:thetraditionalEthernetstructureisveryItisconvenientforanintrudertoplaceasnifferonthenetworktoviewthecommunicationdataonthenetworksegment,butifaswitchedEthernetstructureisadopted,thesniffingbehaviorwillbecomeverydifficult.
(2)Serversniffing:Switchednetworksalsohaveanobviousshortcoming.Intruderscaninstallasniffersoftwareontheserver,especiallytheserverthatservesasaroutingfunction,andthenpassitThecollectedinformationbreaksintoclientmachinesandtrustedmachines.Forexample,althoughtheuser'spasswordisnotknown,whentheuserlogsinusingTelnetsoftware,hecansniffthepasswordheentered.
(3)Remotesniffing:ManydeviceshaveRMON(Remotemonitor,remotemonitoring)functionsothatmanagerscanusepubliccommunitystringsforremotedebugging.Withthecontinuouspopularizationofbroadband,intrudersarebecomingmoreandmoreinterestedinthisbackdoor.
Suunnitteluvirheitä
(1),TCP/IPprotocolflaws:TCP/IPprotocolisnowwidelyused,butitwasdesignedtoberampantbyintrudersItwasdesignedlongagotoday.Therefore,therearemanydeficienciesthatcausesecurityvulnerabilities,suchassmurfattacks,ICMPUnreachablepacketdisconnection,IPaddressspoofing,andSYNflood.However,thebiggestproblemisthattheIPprotocolisveryeasyto"trust",thatis,intruderscanforgeandmodifyIPdatapacketsatwillwithoutbeingdiscovered.Ipsecprotocolhasbeendevelopedtoovercomethisshortcoming,butithasnotbeenwidelyused.
Järjestelmähyökkäys
Järjestelmähyökkäysreferstoaperson'sillegaluseordestructionofresourcesinaninformationsystem,aswellasunauthorizedactsthatcausethesystemtolosepartorallofitsservicefunctions.
Theattackactivitycangenerallyberoughlydividedintotwotypes:remoteattackandinternalattack.NowwiththeprogressoftheInternet,theremoteattacktechnologyamongthemhasbeengreatlydeveloped,andthethreatsaregettingbiggerandbigger,andtherearemoresystemvulnerabilitiesandrelatedknowledgeinvolved,soithasimportantresearchvalue.