信息安全管理（3）：网络安全

1 网络的定义和特征 1.1 网络的定义

（根本懒得说。。你们自己wiki吧） 网络的用处

What is a network…Devices in a network…LAN, WAN and InternetworksWhat do networks do for you… Sharing resourcesUse/share applications 1.2 网络的特征 Characteristics of networks

– Anonymity – Automation – Distance – Opaqueness – Routing diversity

1.3 Network Topology

---

2 TCP/IP Protocols…Open Systems ANSI , IETF, ISO, IAB 2.1 ISO – OSI Reference Model - 7 Layers Application：End user processes like FTP, e-mail, etc.Presentation：Format, Encrypt data to send across networkSession：Establishes, manages and terminates connections between applicationsTransport：End-to-end error recovery, flow control, priority servicesNetwork：Switching, Routing, Addressing, internetworking, error handling, congestion control and packet sequencingData-link：Encoding, decoding data packets into bits. Media Access Control Sub-layer : Data access/transmit permissions. Logical Link Sub-layer : Frame synchronisation, flow control, error checking.Physical: Conveys the bit stream (electrical, light, radio) All People Seem To Need Data Protection People Do Not Trust Sales People Always

ISO-OSI七层结构

TCP/IP

2.2 相关协议 Application layer – FTP, Telnet, DNS, DHCP, TFTP,RPC,NFS, SNMP..Transport layer – TCP, UDPInternet Layer – IP, ICMP, ARP, bootp…Organisations / entities : ICANN, IETF, IAB, IRTF, ISOC, W3COther Protocols IPX/SPXATMDECnetIEEE 802.11AppleTalkUSBSNA

---

3 网络的安全隐患 3.1 网络不安全的原因

What makes network vulnerable

AnonymityMultiplicity of points of attackResource sharingComplexity of systemUncertain perimeterUnknown pathProtocol flaws / protocol implementation flaws 3.2 网络攻击的动机

Motivations of network attacks

ChallengeFameOrganised CrimeIdeologyEspionage / Intelligence

---

4 网络安全的威胁

Threats in Networks

4.1 侦察

Reconnaissance

Port ScanSocial EngineeringIntelligence gatheringO/S and Application fingerprintingIRC Chat roomsAvailable documentation and toolsProtocol flaws / protocol implementation flaws 4.2 网络传输过程中的威胁

Threats in Transit

Eavesdropping / Packet sniffingMedia tapping (Cable, Microwave, Satellite, Optical fibre, Wireless) 4.3 网络冒充

Impersonation

Password guessingAvoiding authenticationNon-existent authenticationWell-known authenticationMasqueradingSession hijackingMan-in-the-middle 4.4 信息私密性威胁

Message Confidentiality Threats

Mis-deliveryExposure – in various devices in the pathTraffic Flow analysis – sometimes the knowledge of existence of message can be as important as message content 4.5 信息完整性威胁

Message Integrity Threats

FalsificationNoiseProtocol failures / misconfigurations 4.6 基于操作系统的威胁

Operating System based Threats

Buffer-OverflowVirus , Trojans, rootkitsPassword 4.7 基于应用程序的威胁

Application based Threats

Web-site defacementDNS cache poisoningXSS (Cross-site Scripting)Active-code / Mobile-codeCookie harvestingScripting 4.8 拒绝服务

Denial of service

Syn FloodingPing of deathSmurfTeardropTraffic re-directionDistributed Denial of Service Bots and BotnetsScript Kiddies

---

5 网络安全控制

Network Security Controls

5.1 弱点和威胁分析

Vulnerability and Threat assessment

5.2 网络结构控制

Network Architecture

Network segmentationArchitect for availabilityAvoid SPOF (single points of failure)Encryption Link encryptionEnd-to-end encryptionSecure Virtual Private NetworksPublic Key Infrastructure and CertificatesSSL and SSH 5.3 增强加密系统

Strong Authentication

One Time PasswordChallenge Response authenticationKerberos 5.4 防火墙设置

Firewalls

Packet FiltersStateful Packet FiltersApplication proxiesDiodesFirewall on end-points 5.5 入侵检查和防御系统

Intrusion Detection / Prevention Systems

Network based / host basedSignature basedHeuristics based / protocol anomaly basedStealth mode 5.6 使用政策和规程

Policies and Procedures

Enterprise-wide Information Security PolicyProceduresBuy-in (from Executives and employees)Review, enhancement and modification 5.7 其他网络控制方式 Data-Leakage Protection systems Network based / host based Content scanning/Anti-Virus/Spyware Control systems Network based / host based Secure e-mail SystemsDesign and implementationACLs (Access Control Lists)

 

网络安全学习路线

对于从来没有接触过网络安全的同学，我们帮你准备了详细的学习成长路线图。可以说是最科学最系统的学习路线，大家跟着这个大的方向学习准没问题。

同时每个成长路线对应的板块都有配套的视频提供：

需要网络安全学习路线和视频教程的可以在评论区留言哦~

最后 如果你确实想自学的话，我可以把我自己整理收藏的这些教程分享给你，里面不仅有web安全，还有渗透测试等等内容，包含电子书、面试题、pdf文档、视频以及相关的课件笔记，我都已经学过了，都可以免费分享给大家！

给小伙伴们的意见是想清楚，自学网络安全没有捷径，相比而言系统的网络安全是最节省成本的方式，因为能够帮你节省大量的时间和精力成本。坚持住，既然已经走到这条路上，虽然前途看似困难重重，只要咬牙坚持，最终会收到你想要的效果。

黑客工具&SRC技术文档&PDF书籍&web安全等（可分享）

结语

网络安全产业就像一个江湖，各色人等聚集。相对于欧美国家基础扎实（懂加密、会防护、能挖洞、擅工程）的众多名门正派，我国的人才更多的属于旁门左道（很多白帽子可能会不服气），因此在未来的人才培养和建设上，需要调整结构，鼓励更多的人去做“正向”的、结合“业务”与“数据”、“自动化”的“体系、建设”，才能解人才之渴，真正的为社会全面互联网化提供安全保障。

特别声明： 此教程为纯技术分享！本教程的目的决不是为那些怀有不良动机的人提供及技术支持！也不承担因为技术被滥用所产生的连带责任！本教程的目的在于最大限度地唤醒大家对网络安全的重视，并采取相应的安全措施，从而减少由网络安全而带来的经济损失