IT Security Basic Ch.4 Network Security
Ch.4 Network Security
Naming and Addressing Translation [IP 轉址]
Domain name service (DNS)
MAC address
Also called LAN address, Physical address
Having 48Bit
IP address - 把相應的封包帶到終點的 Network
MAC address - 把相應的封包帶到終點的 HOST
ARP - Address Resolution Protocol
Has a ARP table
把對應的IP address 換成 MAC address
一般的攻擊手法
Spoofing - 欺騙 Identity
-IP spoofing
-DNS spoofing
-ARP spoofing
Sniffing 偷聽
-Record traffic, E.g. Wireshark
-Hub vs bridge
So, who are not that secure??
Tampering 損害 with data
-修改/破壞資料
Repudiation - 拒絕
-令到系統拒絕所有服務
Information Disclosure 揭發
-Guess password
-unauthorized login
Denial of Service (DOS)
-發出大量 request/無用信息令到目標不能正常運作
-TCP sync flood
-Smurf Amplification
-Reflectors
-DDOS
-TCP Hijacking 騎劫
-Man in the middle attack
Elevation 提升 of privilege
-利用程式溜動,得到更高的權限
So how to counter those attacks??
