Professional Documents
Culture Documents
ti:
Nghin cu cc l hng bo mt GVHD: Ths Nguyn c Bnh Thnh vin:ng Ngc Hng Ng Vn Khnh
Cc l hng bo mt
Khi Nim L Hng Bo Mt: L hng bo mt l nhng li phn mm-li trong c im k thut v thit k, nhng a s l li trong lp trnh. Bt k gi phn mm ln no cng c hng ngn li. y l nhng l hng nm mnh trong h thng phn mm ca chng ta, i n khi b pht hin. Khi , chng c th c dng tn cng cc h thng.
Cc l hng bo mt
Cc l hng bo mt trn mt h thng l cc im yu c th to nn s ngng tr ca dch v, thm quyn i vi ngi s dng hoc cho php truy cp bt hp php vo h thng.
Cc l hng bo mt c th nm ngay cc dch v cung cp nh web, mail, ftp, Ngoi ra cc chng trnh ng dng hay dng cng cha cc l hng bo mt nh Word, cc h c s d liu,
i vi cc Web Server chy trn h iu hnh Novell. Cc Web server ny c mt scripts l convert.bas. Khi ngi tn cng chy file ny, c th c c ton b ni dung cc file trn h thng.
Nhng l hng loi ny tn ti trn cc phn mm s dng. Cc chng trnh thng hay c s dng nh FTP, Telnet, Gopher, SendMail, nht l cc phin bn c thng cha cc l hng bo mt loi A.
Kt Lun
Tm li, l hng bo mt kh nguy him. Ngi tn cng c th li dng nhng l hng ny trc li hay ph hoi. Khng nhng th, h c th s dng cc l hng bo mt ny to ra cc l hng mi v to ra mt chui mc xch cc l hng bo mt. Nu l mt qun tr vin, bn nn tham gia mt s nhm tin thng tho lun v cc ch lin quan n cc l hng bo mt,
- CERT (Computer Emergency Response Team) : c hnh thnh sau khi c phng thc tn cng Worm xut hin trn mng Internet. a ch : http://www.cert.org/. - CIAC (Department of Energy Computer Incident Advisory Capability) : t chc ny xy dng mt c s d liu lin quan n bo mt cho b nng lng Hoa K. a ch : http://ciac.lnll.org/. - FIRST (The Forum of Incident Response and Security Teams) : y l mt din n lin kt nhiu t chc x hi v t nhn, lm vic tnh nguyn gii quyt cc vn an ninh ca mng Internet. a ch : http://www.first.org.