Professional Documents
Culture Documents
, . .
1.
2.
3.
1.
(Perry) (Wallich)
:
.
,
.
1.
: (operators), -
(programmers), -
(data entry), - (internal),
(out-side),
(intruders).
: (physical
destruction), - (information destruction),
- (data diddling), (theft
of service), (browsing) (theft of
information).
1.
. ,
.
Operators
Physical
Destruction
Bombing Short
circuits
Information
Destruction
Erasing Disks
,
-
(malicious softvare),
,
(command interface),
.
Programmers
Data Entry
Internal
Malicious software
Data Diddling
Malicious software
Theft of
Services
Theft as user
Outside
Intruders
Malicious
software
Via modem
False data
entry
Unauthorized
action
Via modem
2.
, ,
.
2.
(Stallings) .
, .
.
2.
2.
(interruption) -
2.
(2) Presretanje
(interception) -
2.
(modification) -
,
2.
(fabrication) -
2.
,
, , .
. , .
3.
,
, .
,
, ,
3.
3. -
. ""
,
.
.
3. -
. -
, ,
.
3. -
-
,
-
.
"".
,
.
-
( ) .
3. -
-
,
-
,
-
.
3. -
,
.
.
3. -
3. -
.
- , -
.
, -
- .
(DeMilitarized Zone) A middle ground
between an organization's trusted
internal network and an untrusted,
external network such as the Internet.
Also called a "perimeter network," the
DMZ is a subnetwork (subnet) that
may sit between firewalls or off one leg
of a firewall. Organizations typically
place
their
Web,
mail
and
authentication servers in the DMZ.
DMZ is a military term that refers to
the area between two enemies.
The DMZ All servers exposed to the
Internet (the bastion hosts) are located
in the DMZ, which is isolated from the
public Internet and the private LAN by
screening routers
3. -
.
-
3. -
-
UNIX -,
, sendmail .
, -
-
- .
3. -
.
,
.
3. -
Sendmail
,
,
. , (mail spam),
(denial-of-service).
3. -
.
"" ,
.
. default ()
, , .
3. -
.
,
, ,
-
.
:
3. -
()
.
-
;
-
;
3. -
,
;
3. -
.
:
3. -
.
.
(telnet)
-.
-
3. -
. -
. -
crack.
-
,
.
3. -
(Trojan Horse).
.
, -
,
-
- .
(Supervisory Control And
Data Acquisition) A process
control application that
collects data from sensors
and machines on the shop
floor or in remote locations
and sends them to a central
computer for management
and
control.
(Distributed Control System)
A process control system
that uses a network to
interconnect
sensors,
controllers,
operator
terminals and actuators. A
DCS typically contains a
single computer for control
and
uses
proprietary
interconnections.
3. -
.
, ,
,
.
. (Spafford)
: "... ,
200-4.000 , .
3. -
, "" ...".
, . (worm), . ,
.
,
.
3. -
(toolkit).
, , . rootkit ,
.
3. -
.
.
. (timers)
.
.
3. -
(data tap).
.
.
3. -
-
. -
.
, -
- .
. ,
, -
.
3. -
,
.
,
.
3. -
. ,
. .
3. -
,
.
3. -
.
.
3. -
.
.
3. -
, "", .
3. -
,
. .
3. -
,
. , .
3. -
.
(backup).
.
3. -
.
.
3. -
. ,
.