Tai Lieu-An Toan Thong Tin So

An ton thng tin s
Trung Tm Tin Hc - HKHTN Trang 1

CHNG 1
G H
NG QAN AN NNH MNG

Khi h thng mng c ra i, nhu cu cn trao i ti nguyn
c t ra v nhng ngi s dng h thng mng c trao i ti
nguyn vi nhau. Sau mt khong thi gian s dng, h thng mng
ngy cng c m rng v s lng ngi tham gia vo mng ngy
cng gia tng, do vic thc hin cc chnh sch bo mt, thit lp cc
chnh sch trong vic truy xut ti nguyn mng c t ra. Thut ng
AAA ra i.
AAA c vit tt t: Access Control, Authentication v Auditing
AAA l mt qui trnh c dng bo v d liu, thit b v bo
m tnh b mt ca thng tin.
AAA l khi nim c bn ca an ninh my tnh v an ninh mng.
Nhng khi nim ny c dng bo m cc tnh nng bo mt
thng tin, ton vn d liu v tnh sn sng ca h thng.
I. KHN RY CP
L mt chnh sch, phn mm hay phn cng c dng cho
php hay t chi truy cp n ti nguyn.
Qui nh mc truy xut n ti nguyn.
C 3 m hnh c s dng gii thch cho m hnh iu khin
truy cp:
MAC (Mandatory Access Control)
DAC (Discretionary Access Control)
RBAC (Role-based access control)
MAC (Mandatory Access Control)
M hnh MAC lm mt m hnh tnh c s dng nh ngha
trc nhng quyn hn truy cp files trn h thng. Ngi qun tr h
thng thit lp cc quyn hn ny v kt hp chng vi ti khon, tp tin,
ti nguyn. M hnh MAC rt hn ch. Trong m hnh MAC ny, ngi
qun tr l ngi thit lp quyn truy cp, ngi qun tr cng ch l
An ton thng tin s

ngi c th thay i quyn truy cp. Ngi dng khng th t thay i
quyn chia s ti nguyn ca mnh khi mi quan h tnh (quyn hn
c xy dng tnh) ny vn cn tn ti.
V d:
Quyn tp tin, th mc trn windows 2000 (Full control, Write, Read,
List folder content)
DAC (Discretionary Access Control)
L tp cc quyn hn truy cp trn mt i tng m mt ngi
dng hay mt ng dng nh ngha. M hnh DAC cho php ngi dng
chia s tp tin v s dng tp tin do ngi khc chia s. M hnh DAC
thit lp mt ACL (Access Control List) dng nhn ra ngi dng no
c quyn truy cp n ti nguyn no. iu ny cho php ngi dng
gn hay loi b quyn truy cp n mi c nhn hay nhm da trn tng
trng hp c th.
Ngi s hu c th cung cp quyn iu khin cho ngi khc.
RBAC (Role-based access control)
Quyn hn da trn cng vic v phn nhm ngi dng
Kh nng cho php cu hnh phc tp
II. XC HC
Qu trnh dng xc nhn mt my tnh hay mt ngi dng c
gng truy cp n ti nguyn.
Ngoi ra qu trnh ny cn c th s dng cc cng ngh tin tin
nh th thng minh, thit b sinh hc, hay cc phn cng iu khin truy
cp mng nh Routers, remote access...
Username/Password
y l phng php xc nhn c in v c s dng rt ph
bin (do tnh nng n gin v d qun l)
Mi ngi dng s c xc nhn bng mt tn truy cp v mt
khu.
Mt khu thng thng c lu di dng m ha
Mt khu d dng b on bng cc phng php vt cn
Chnh sch mt khu:
Mc khng an ton: t hn 6 k t
An ton thng tin s

Mc an ton trung bnh: 8 n 13 k t
Mc an ton cao: 14 k t
Ngoi ra mt khu cn tun theo mt s yu cu sau:
Kt hp gia cc k t hoa v thng
S dng s, k t c bit, khng s dng cc t c trong
t in
Khng s dng cc thng tin c nhn t mt khu (ngy
sinh, s in thoi, tn ngi thn)

Kerberos
Kerberos l mt dch v xc nhn bo m cc tnh nng an ton,
xc nhn mt ln, xc nhn ln nhau, v da vo thnh phn tin cy th
3.
An ton: s dng ticket, dng thng ip m ha c thi gian,
chng minh s hp l ca ngi dng. V th mt khu ca ngi dng
c th c bo v tt do khng cn gi qua mng hay lu trn b nh
my tnh cc b.
Xc nhn truy cp 1 ln: ngi dng ch cn ng nhp 1 ln v c
th truy cp n tt c cc ti nguyn trn mt h thng hay my ch
khc h tr nghi thc Kerberos.
Thnh phn tin cy th 3: lm vic thng qua mt my ch xc nhn
trung tm m tt c cc th thng trong mng tin cy.
Xc nhn ln nhau: khng ch xc nhn ngi dng i vi h thng
m cn xc nhn s hp l ca h thng i vi ngi dng.
An ton thng tin s

CHAP
y l nghi thc xc nhn truy cp t xa m khng cn gi mt
khu qua mng.
Chap thng c dng bo v cc thng tin xc nhn v kim
tra kt ni n ti nguyn hp l
S dng mt dy cc thch thc v tr li c m ha
Chap c s dng xc nh s hp l bng cch s dng c
ch bt tay 3-way. C ch ny c s dng khi kt ni c khi to
v c s dng nhiu ln duy tr kt ni.
Ni cn xc nhn s gi mt thng ip challenge
Bn nhn s s dng mt hm bm 1 chiu tnh ra kt qu v tr
li cho bn cn xc nhn
Bn cn xc nhn s tnh ton hm bm tng ng v i chiu vi
gi tr tr v. Nu gi tr l ng th vic xc nhn hp l, ngc li kt
ni s kt thc.
An ton thng tin s

Vo mt thi im ngu nhin, bn cn xc nhn s gi mt
challenge mi kim tra s hp l ca kt ni.
Thng tin b mt c chia s gia 2 bn c th c lu di
dng k t r nn rt d b pht hin v tn cng.
Chng ch (Certificates)
Chng ch in t l mt dng d liu s cha cc thng tin xc
nh mt thc th (thc th c th l mt c nhn, mt server, mt thit
b hay phn mm)
Trong cuc sng chng ta s dng CMND hay h chiu. Trong my
tnh chng ta s dng chng ch s.
An ton thng tin s

Mutual authentication
Mi thnh phn trong mt giao tip in t c th xc nhn thnh
phn kia
Khng ch xc nhn ngi dng vi h thng m cn xc nhn tnh
hp l ca h thng i vi ngi dng.
Biosmetrics
Cc thit b sinh hc c th cung cp mt c ch xc nhn an ton
rt cao bng cch s dng cc c tnh v vt l v hnh vi ca mi c
nhn chng thc.
c s dng cc khu vc cn s an ton cao
Chi ph cao
Cch thc hot ng ca Biometric:
Ghi nhn c im nhn dng sinh hc
Cc c im nhn dng ca i tng c qut v kim
tra
An ton thng tin s

Cc thng tin v sinh hc c phn tch v lu li thnh
cc mu
Kim tra
i tng cn c kim tra s c qut
My tnh s phn tnh d liu qut vo v i chiu vi d
liu mu
Nu d liu i chiu ph hp th ngi dng c xc
nh hp l v c quyn truy xut vo h thng.
Mt s dng:
Cc c im vt l (physical cha..)
Du vn tay
Hand geometry
Qut khun mt
Qut vng mc mt
Qut trng en mt
Cc c tnh v hnh vi:
Ch k tay
Ging ni
An ton thng tin s

Multi-factor
Khi mt h thng s dng 2 hay nhiu phng php chng thc
khc nhau kim tra vic user ng nhp hp l hay khng th c
gi l multi-factor. Mt h thng va s dng smart card va s dng
phng php chng thc bng username v password th c gi l
mt h thng chng thc two-factor.
An ton thng tin s

Ch danh ca mt c nhn c xc nh s dng t nht 2 trong
cc factors xc nhn sau:
Bn bit g (mt mt khu hay s PIN)
Bn c g (smart card hay token)
Bn l ai (du vn tay, vng mc)
Bn lm g (ging ni hay ch k)
III. KM ON (Auditing)
Ghi nhn cc s kin, cc li v qu trnh xc nhn ca ngi
dng..
Dng kim tra, theo di, lu vt cc hat ng ca ngi dng
i vi h thng
Auditing system
Thit lp mt h thng lu vt nhm lu tr cc s kin cho php
chng ta truy hi li cc vic truy xut, c hp l v khng hp l.
Logging: T chc vin lu tr cc thng tin: cha u, dng
format no, backup ra sao
System scanning: c dng kim tra v sa cha cc im
yu ca h thng. Qu trnh ny bao gm vic s dng cc cng c
nh gi nhng tim nng im yu ca h thng:
Kim tra vic s dng mt khu
nh gi kh nng truy cp mng t mt h thng bn
ngoi
An ton thng tin s

Theo di, nm bt cc thng tin im yu c h iu hnh
v thit b phn cng
Kim tra kh nng phn ng ca thit b bng cch thit lp cc
cuc tn cng gi.
An ton thng tin s

Chng 2
CC HNH HC
N CNG MNG PH BN
An ninh mng lun pht trin bi vn bo mt d liu lc no
cng l nhu cu thit yu v cc k thut tn cng ngy cng a dng v
phong ph. Tuy c rt nhiu phng thc tn cng nhng c th tm
xp chng vo nhng nhm nh sau :
Theo mc tiu tn cng : ng dng, Mng hay c hai
Theo cch thc tn cng : ch ng (active) hay th ng
(passive)
Theo phng php tn cng : c nhiu loi v d nh b
kha, khai thc li phn mm hay h thng, m nguy him
...
Tuy nhin ranh gii gia cc nhm ny dn kh nhn ra v nhng
cch tn cng ngy nay ngy cng phc tp, tng hp.
I. Minh ha khi qut mt kch bn tn cng
Ty thuc vo mc tiu tn cng m Hacker s c nhng kch bn
tn cng khc nhau. y chng ta ch minh ha mt dng kch bn
tng qut tn cng vo h thng.

An ton thng tin s

Bc 1: Tin hnh thm d v nh gi h thng
Bc 2: Thc hin bc thm nhp vo h thng. Sau
c th quay li bc 1 tip tc thm d, tm thm cc
im yu ca h thng.
Bc 3: Tm mi cch gia tng quyn hn. Sau c th
quay li bc 1 tip tc thm d, tm thm cc im yu
ca h thng hoc sang bc 4 hay buc 5.
Bc 4: Duy tr truy cp, theo di hot ng ca h thng
Bc 5: Thc hin cc cuc tn cng (v d t chi dch
v,)
II. n cng ch ng
L nhng dng tn cng m k tn cng trc tip gy nguy hi ti
h thng, mng v ng dng (khng ch my ch, tt cc dch v) ch
khng ch nghe ln, hay thu thp thng tin.
Nhng dng tn cng ph bin nh DoS, DDoS, Buffer overflow, IP
spoofing ...
Dos
Tn cng t chi dch v, vit tt l DoS (Denial of Service), l thut
ng gi chung cho nhng cch tn cng khc nhau v c bn lm cho
h thng no b qu ti khng th cung cp dch v, hoc phi ngng
hot ng. Kiu tn cng ny ch lm gin on hot ng ch rt t kh
nng nh cp thng tin hay d liu.
Thng thng mc tiu ca tn cng t chi dch v l my ch
(FTP, Web, Mail) tuy nhin cng c th l router, switch.
Tn cng t chi dch v khng ch l tn cng qua mng m cn c
th l tn cng my cc b, hay trong mng cc b cn gi l local
DoS against hosts (da vo NetBIOS, fork() bomb).
Ban u tn cng t chi dch v xut hin khai thc s yu km
ca giao thc TCP l DoS, sau pht trin thnh tn cng t chi dch
v phn tn DDoS (Distributed DoS) v mi xut hin l phng php
tn cng t chi dch v phn tn phn x DRDoS (Distributed Reflection
DoS).
Chng ta cng c th phn nh tn cng t chi dch v ra thnh
cch dng Broadcast storm, SYN, Finger, Ping, Flooding ...
Hai vn ca tn cng t chi dch v l :
An ton thng tin s

Vic s dng ti nguyn (resource consumption attacks) ca
s lng ln yu cu lm h thng qu ti. Cc ti nguyn
l mc tiu ca tn cng t chi dch v bao gm:
Bandwidth (thng b tn cng nht), Hard disk (mc tiu
ca bomb mail), RAM, CPU ...
C li trong vic x l i vi cc string, input, packet c
bit c attacker xy dng (malformed packet attack).
Thng thng dng tn cng ny s c p dng vi
router hay switch. Khi nhn nhng packet hay string dng
ny, do phn mm hay h thng b li dn n router hay
switch b crash
Tn cng t chi dch v khng em li cho attacker quyn kim
sot h thng nhng n l mt dng tn cng v cng nguy him c
bit l vi nhng giao dch in t hay thng mi in t. Nhng thit
hai v tin v danh d, uy tn l kh c th tnh c. Nguy him tip
theo l rt kh phng dng tn cng ny. Thng thng chng ta ch
bit khi b tn cng.
i vi nhng h thng bo mt tt tn cng t chi dch v c
coi l phng php cui cng c attacker p dng trit h h
thng.
DDoS
Tn cng t chi dch v phn tn thc hin vi s tham gia ca
nhiu my tnh. So vi DoS mc nguy him ca DDoS cao hn rt
nhiu. Tn cng DDoS bao gm hai thnh phn :
Thnh phn th nht l cc my tnh gi l zombie(thng
thng trn Internet) b hacker ci vo mt phn mm
dng thc hin tn cng di nhiu dng nh UDP
flood, hay SYN flood ... Attacker c th s dng kt hp vi
spoofing tng mc nguy him. Phn mm tn cng
thng di dng cc daemon.
Thnh phn th hai l cc my tnh khc c ci chng
trnh client. Cc my tnh ny cng nh cc zombie tuy
nhin attacker nm quyn kim sot cao hn. Chng trnh
client cho php attacker gi cc ch th n daemon trn cc
zombie.
Khi tn cng attacker s dng chng trnh client trn master gi tn
hiu tn cng ng lot ti cc zombie. Daemon process trn zombie s
thc hin tn cng ti mc tiu xc nh. C th attacker khng trc tip
thc hin hnh ng trn master m t mt my khc v sau khi pht
ng tn cng s ct kt ni vi cc master phng b pht hin.
An ton thng tin s

Thng thng mc tiu ca DDoS l chim dng bandwidth gy
nghn mng.
Cc cng c thc hin c th tm thy nh Tri00 (WinTrinoo), Tribe
Flood Network (TFN hay TFN2k), Shaft ...
Hin nay cn pht trin cc dng virus, worm c kh nng thc hin
DDoS.
Buffer Overflows
y l mt dng tn cng lm trn b m ca my victim. Buffer
Overflows xut hin khi mt ng dng nhn nhiu d liu hn chng
trnh chp nhn. Trong trng hp ny, ng dng c th b ngt. Khi
chng trnh b ngt c th cho php h thng gi d liu vi quyn truy
cp tm thi n nhng mc c c quyn cao hn vo h thng b tn
cng. Nguyn nhn ca vic b trn b m ny l do li chng trnh.
SYN Attacks
L mt trong nhng dng tn cng kinh in nht. Li dng im
yu ca bt tay ba bc TCP. Vic bt tay ba bc nh sau :
Bc 1 : client gi packet cha c SYN
Bc 2 : server gi tr client packet chc SYN/ACK thng bo sn
sng chp nhn kt ni ng thi chun b ti nguyn phc v kt ni,
ghi nhn li cc thng tin v client.
An ton thng tin s

Bc 3 : client gi tr server ACK v hon thnh th tc kt ni.

Khai thc li ca c ch bt tay 3 bc ca TCP/IP. Vn y l
client khng gi tr cho server packet cha ACK vic ny gi l half-
open connection (client ch m kt ni mt na). V vi nhiu packet
nh th server s qu ti do ti nguyn c hn. Khi c th cc yu
cu hp l s khng c p ng. Vic ny tng t vic my tnh b
treo do m qu nhiu chng trnh cng mt lc.
My tnh khi to kt ni s gi mt thng ip Syn
My nhn c s tr li li SYN v mt ACK
My tnh khi to khng tr li thng ip cui dng ACK
ca hon qui trnh to kt ni
Do vy my nhn c s i mt khong thi gian di
trc khi xa kt ni
Khi s lng to kt ni SYN ny qu nhiu s lm cho
hng i to kt ni b y v khng th phc v cc yu
cu kt ni khc

An ton thng tin s

nhn bit tn cng SYN c th dng lnh netstat -n -p tcp.

Chng ta s ch trng thi SYN_RECEIVED ca cc
connection. Tuy nhin tn cng SYN thng i chung vi IP
spoofing. Cch attacker thng s dng l random source
IP, khi server thng khng nhn c ACK t cc my
c IP khng tht, ng thi server c khi cn phi gi li
SYN/ACK v ngh rng client khng nhn c SYN/ACK.
L do tip theo l trnh b pht hin source IP, khi nhn
vin qun tr s block source IP ny.
Gii php:
Gim thi gian ch i khi to kt ni. Vic ny c th sinh
ra li t chi dch v i vi my t xa c bng thng thp
truy xut n.
Tng s lng cc c gng kt ni
S dng tng la gi gi ACK cho my nhn
chuyn kt ni ang thc hin sang dng kt ni thnh
cng.
Spoofing
Truy cp vo h thng bng cch gi danh (s dng ch danh nh
cp ca ngi khc, gi a ch MAC, IP)
L phng php tn cng m attacker cung cp thng tin chng
thc hoc gi dng mt user hp l truy cp bt hp l vo h thng.
Tuy nhin trong vi trng hp vic cu hnh h thng sai cng c th
gy hu qu tng t. V d cu hnh h thng c li cho user c quyn
cao hn quyn c php m user ny khng h c gi mo.
C nhiu loi tn cng bng spoofing. Trong c "blind spoofing"
attacker ch gi thng tin gi mo i v on kt qu tr v. V d IP
spoofing sau khi gi packet gi mo a i attacker khng nhn c tr
li. Dng th hai cn quan tm l "informed spoofing" attacker kim sot
truyn thng c hai hng.
An ton thng tin s

Vic n cp thng tin chng thc (user, password) v sau s
dng li thc cht khng phi l spoofing tuy nhin c cng kt qu
tng t.
Tn cng bng cch gi mo thng c nhc n nht l IP
spoofing v ARP spoofing hay cn gi l ARP poisoning.
Vic gi mo IP xy ra do im yu ca giao thc TCP/IP. Giao
thc TCP/IP khng h c tnh nng chng thc a ch packet nhn
c c phi l a ch ng hay l a ch gi mo. Mt IP address c
coi nh l mt my tnh (thit b) duy nht kt ni vo mng. V do
cch my tnh c th giao tip vi nhau m khng cn kim tra. Tuy
nhin chng ta c th khc phc bng cch s dng firewall, router, cc
giao thc v thut ton chng thc ... Vic thc hin gi mo IP c th
bng cch s dng Raw IP.
ARP poisoning cch tn cng nhm thay i ARP entries trong ARP
table nh c th thay i c ni nhn thng ip. Cc tn cng ny
p dng vi LAN switch.
Man in the Middle Attacks
K tn cng s ng gia knh truyn thng ca 2 my tnh xem
trm thng tin v thm ch c th thay i ni dung trao i gia 2 my
tnh.
Trong khi c 2 my tnh u ngh rng mnh ang kt ni trc
tip vi my tnh kia

Cch tn cng Man in the Middle
Tn cng ARP
ICMP Redirect
An ton thng tin s

Chnh thng tin trong DNS
Relay Attacks
S dng cng c ghi nhn tt c thng tin trao i khi mt my
tnh no truy xut n Server.
Sau s dng cc thng tin bt c trn mng kt ni li n
Server .
L k thut m attacker khi nm c mt s lng packet s s
dng li nhng packet ny sau . V d attacker c c packet cha
password ca mt user. Password ny c m ha v attacker
khng bit c. Tuy nhin h thng chng thc khng c chc nng
kim tra session time hay h thng c TCP Sequence number km.
Attacker s thc hin bypass authenticate bng cch gi packet mt ln
na hay cn gi l replay.
Dumpster diving
Dumpster diving l thut ng m t vic tn cng bng cch thu
lm thng tin t nhng th tng nh khng cn gi tr. V d attacker
c th c c nhiu thng tin t "Recycle bin", t giy t chng b i ...
Social Engineering

S dng cch tn cng bng cch lng gc ngi khc thay v s
dng cc cng c my tnh.
Khai khc s tin cy hay nh d ca con ngi tm ra cc thng
tin quan trng
Gii php: o to, hng dn ngi dng nn cnh gic
III. n cng th ng
D tm l hng(Vulnerability Scanning)
K thut dng cc cng c qut tm ra im yu tn cng
S dng cc cng c qut cng thm d v pht hin cc thng
tin ca h thng nh h iu hnh, phin bn, cc ng dng trin khai
Attacker s kim tra hy vng tm ra mt ca no khng kha
hoc d dng ph m khng b pht hin.
An ton thng tin s

Gii thiu mt s cng c d tm l hng:
Nmap
NMAP l vit tt ca Network MAPper. Ban u NMAP c thit
k ch yu dnh cho system admin nhm scan nhng mng c nhiu
my tnh bit my no ang hot ng, cc service n ang chy v
h iu hnh ang s dng.
NMAP h tr nhiu k thut scan bao gm UDP, TCP, TCP SYN
(half open), FTP proxy (bounce attack), ICMP (ping sweep), FIN, ACK
sweep, Xmas tree, SYN sweep, IP protocol ... C th dng xc nh cc
thng tin ca my xa v d nh OS qua TCP/IP fingerprinting.
Cng c NMAP c th d dng tm trn Internet v c ci t
mc nh trong cc h iu hnh Unix.
Mt s chng trnh c giao din ho nhng y ch ch vo
vic s dng dng command line.
C php chun nh sau :
nmap [Scan Type(s)] [Options] <host or net #1 ... [#N]>

Scan type bao gm :
-sS : TCP SYN
-sT : TCP connect()
-sU : UDP scans
-sO :IP protocol
-sF -sX -sN : stealth FIN, Xmas tree, Null scan
-sP : ping scanning
-sV : version detection

Cc option chnh nh sau :
-PA [portlist] s dng TCP ACK ping xem danh sch cch
host ang hot ng
-PS [portlist] tng t -PA nhng dng SYN (connection
request)
-PU [portlist] dng UDP
-p port/range of ports

An ton thng tin s

Xc nh mc tiu : c th l IP, danh sch IP, domain name, a ch
mng ... hoc nhp vo t file vi option -i
nmap 172.29.8.1, nmap 172.29.8.1 -255, nmap 172.29.8.1/24
nmap www.microsoft.com/24

Ping scaning v port scaning : mc nh NMAP dng cch qut
ICMP (ICM sweep) v TCP port 80 ACK sweep. Dng loi scan l -sP
cho ping scaning. b ping sweep dng -PO, dng ICMP ping sweep
dng option -PI. Thng thng nu dng ICMP ping sweep s b chn
bi firewall v th chng ta s phi dng ACK sweep kim tra host c
hot ng hay khng vi thng s -PT. xc nh port c th v d -
PT32453.
Vi port scaning c th dng vi v d nh sau :
nmap -sS -p 22, 53, 80, 110, 143 192.168.*.1 -127 dng scan port

OS scaning : dng kim tra h iu hnh.
nmap -sS -O www.microsoft.com/24 dng kim tra OS
DumpACL/DumpSec
L mt chng trnh Windows NT ca Somarsoft cho php xem cc
quyn v thng tin cu hnh ca file system, registry, printers nh c
th pht hin cc l hng bo mt.

V d dump policies nh sau :
An ton thng tin s

Essnetial NetTools
L mt b cng c bao gm netstat, nslookup, tracert, ping ...
Cch s dng tng i d, hng dn y .

Gii php:
Loi b nhng dch v khng cn thit
S dng tng la hay IPSec lc khng tin khng cn
thit
S dng IDS pht hin cc thm d v thng bo cc
truy cp kh nghi

Nghe ln(Sniffing)
K nghe ln phi nm trong cng ng mng hoc c t cc
v tr cng truy cp c cc thng tin c truyn trn mng
An ton thng tin s

S dng phn mm n bt cc thng tin quan trng (v d tn
truy cp, mt khu, cookie) truyn trn mng m khng c m ha
hoc ch s dng nhng c ch m ha n gin.
Cc qun tr mng c th s dng cc cng c sniff xem xt v
nh gi lu thng mng (**)
Mt s cng c ph bin :
Gii thiu cng c Ethereal
L mt trong nhng cng c "phn tch giao thc" protocol analyzer
mi nht hin nay, pht trin nm 1998. Ethereal c c phin bn cho
Unix/Linux v Windows. Mt khi thc hin bt gi tin, packet s c
c gi trong buffer v sau c hin th ln mn hnh. Mt tnh
nng ca Ethereal l live decodes kh khc vi cc chng trnh khc.
Hu ht cc chng trnh bt gi tin khng th decode ngay packet cho
n khi dng vic bt gi tin. Chng ta c th thy iu ny qua Network
monitor ca Windows s trnh by sau. Tuy nhin y cng l tnh nng
khng tt lm nu lu lng mng kh nhiu 10000 packet chng hn
m khng thc hin bin php lc gi no. Khi chng ta khng th
no theo di kp cc thng tin trnh by.

An ton thng tin s

Gii thiu cng c Network monitor ca
Windows
Ci t Start/Setting/Control panel/AddRemove
program/AddRemove Windows components/Managenent and Monitoring
tools.
Chy chng trnh :

Sau khi chn Network interface nhn start capture bt gi tin.
Nhn biu tng Stop and View capture xem cc gi tin bt c.
Ngay sau khi bt c chng ta ang panel u l panel lit k tm
tt.
An ton thng tin s

B chn Zoom panel (thanh toolbar hnh knh lp) xem c 3
panel ca cc gi tin b capture nh sau :

Panel th hai l thng tin chi tit v panel cui cng biu din di
dng hex. Dng Edit/Diplay filter (thanh toolbar hnh ci phu) lc cc
gi tin.
An ton thng tin s

Gii thiu cng c TCPDump
L cng c phn tch mng ph bin trong mi trng Unix hay
Linux. TCPDump h tr cc giao thc TCP, UDP, IPv ICMP. Ngoi ra
cn h tr cc dng d liu ca cc ng dng ph bin. Hu ht chng
trnh TCPDump phi chy vi quyn root hay c setuid l root.
C php TCPDump nh sau :
Tcpdump [-adeflnNOpqRStuvxX] [-c count] [-C file_size] [-F file]
[-i interface] [-m module] [-r file] [-s snaplen] [-T type] [-U user] [-w
file] [ -E algo:secret ] [ expression ]
Cc lu :
-c s dng khi bt s gi tin.
-C trc khi save raw packet vo file s kim tra file hin ti c kch
thc ln hn file_size hay khng. Nu c th m mt file mi vi tn ch
nh l -w cng vi kch thc pha sau. n v ca file_size l 1000000
bytes.
Xem thm hng dn s dng.
Password Attacks
L phng php tn cng nhm on ra password cn gi l
pasword guessing. Chng ta c th ngh ngay n vic on password
t nhng thng tin lin quan n user s dng n : ngy sinh, tn ....
C hai cch tn cng chnh l brute-force attack v dictionary-based
attack.
Brute Force Attacks
S dng cc cng c on mt khu bng cc vt cn
Kh nng tm ra mt khu s rt cao nu mt khu n
gin
Dictionary-Based Attacks
Cc mt khu c trong cc t trong t in rt d b ph mt
khu
Cch ph mt khu s dng mt danh sch cc t nm
trong t in c tnh gi tr bm trc.
Danh sch cc t v gi tr bm c th tm thy trn Internet
Malicious code attack
Virus
An ton thng tin s

Virus, Worm v Trojan horse c gi chung l nhng on m
nguy him. N c th chim dng ti nguyn lm chm h thng, hoc
lm h h thng.
Virus l nhng chng trnh c thit k ph hoi h thng
c mc h iu hnh v ng dng
Trojan Horses
Trojan horse l mt loi chng trnh c v an ton v hu ch
nhng thc s bn trong ca n li c nhng nhng on m nguy
him.
Logic Bombs
Nhng on m c tch hp vo cc ng dng v c th c
thc hin tn cng khi tha mn mt s iu kin no (v d cc
Script hay ActiveX c tnh hp trong cc trang Web).
L mt loi malware thng c attacker li trong h thng c
tnh nng tng t "bom hn gi". Logic bomb khi gp nhng iu kin
nht nh s pht huy tnh nng ph hoi ca n. Mt trong nhng logic
bomb ni ting l Chernobyl pht huy tnh nng ph hoi ca n vo
ngy 26/4. Mt cch dng ca logic bomb m attacker hay dng l
hy cc chng c ca t tn cng khi admin h thng bt u pht hin
t nhp
Worms
Worm cng l mt dng virus nhng n c kh nng to ra cc bn
sao pht tn, ly lan qua mng.
Mt chng trnh c lp c th t nhn bn, ly lan qua mng
bng nhiu cch nhng thng thng nht vn l e-mail v chat. Worm
cng c th thc hin cc ph hoi nguy him
Back door
Mt chng trnh, mt on m hay nhng cu hnh c bit trn
h thng m chng ta khng bit cho php attacker c th truy cp m
khng cn chng thc hay logon.
An ton thng tin s

Chng 3
K H KHA HC
WEBSITE
I. BO M WEB
Bo mt trn WEB Server
I.1.1 iu khin truy cp (Access Control)
Khi ngi dng bt k (anonymous) truy cp vo Web
Server, Web Server s s dng mt ti khon
IUSER_<computername> truy xut ti nguyn.
Cc ngi dng truy cp vo Web Server vi ti khon
ring th c quyn hn tng ng vi quyn hn ca ti khon
c cp trn Web Server.
V th vic qun l iu khin truy cp rt quan trng v cn
c c bit quan tm. Thng thng ta ch nn cp nhng
quyn hn thp nht c th c truy xut n ti nguyn trn
Web Server.
I.1.2 Qun l an ton d liu Web
Cu trc th mc v d liu web rt quan trng trong vic
bo v mt Web Server.
Thng thng ta c th s dng mt th mc o hay nh
x cha d liu Web trn mt my khc. Vic s dng th mc
o hay nh x a trn mt my khc c th to iu kin cho
ngi thm nhp tn cng vo cc phn khc ca h thng khi
h tn cng c Web Server.
Trong trng hp ngi dng phi truy cp cc ti nguyn
trn mt h thng khc t Web, chng hn mt c s d liu, th
tt nht l nn c mt bn sao mt my ch CSDL v c t
trong vng DMZ.
An ton thng tin s

I.1.3 Loi b cc on m c th gy nguy him
Cn bo m rng cc kch bn v cc ng dng Web
c trin khai trn web server khng l cc Trojans, cc
chng trnh ca sau, hoc cc on m khng ng tin cy.
I.1.4 Lu vt truy cp Web (Logging)
Vic lu tr, theo di v gim st cc hot ng ca Web
Server v cng quan trng pht hin kp thi cc tn cng vo
Web Server.
Lu li cc d liu:
Thi hnh cc kch bn
Ghi thng tin vo cc tp tin
Truy cp d liu khng nm trong th mc, d liu c
cung cp bi Web
Tuy nhin vn kh khn y l vic theo di v gim
st hot ng ny rt mt thi gian. V th ta c th s dng h
thng pht hin thm nhp t ng IDS pht hin v thng
bo kp thi khi c s c xy ra.
I.1.5 Backup d liu Web v bo m tnh nht qun ca
thng tin
Mc tiu ca dch d Web l cung cp thng tin, v vy d
liu Web cn c bo v trnh vic b ph hng, sao chp, hay
thay i ni dung.
D liu Web cn c backup thng xuyn (c online v
offline) bo m kh nng phc hi nhanh chng khi c s c
xy ra vi my ch Web.
Ngoi ra cn bo m s ton vn v khng b thay i bt
hp php ca thng tin Web.
Kim tra cc hnh vi ghi d liu ln Web server.
nh k kim tra v ghi nhn khi c s thay i thng tin.
Qun l, phn quyn cc truy xut (t mng cc b, t
internet, dng ng dng, ngi dng)
Thng xuyn cp nht cc bn v li.
I.1.6 Pht hin v tt cc dch v Web khng mong mun
An ton thng tin s

i khi mt my tnh c ci t tnh nng phc v web m
ngi dng khng bit (c th do c ch ci t mc nh ca h
iu hnh). y s l l hng rt ln cho php k tn cng thm
nhp vo, khai thc v s dng tn cng vo cc h thng
khc.
C nhiu cch pht hin:
Ti bt k mt my ny, vo trnh duyt v bm:
http://localhost, hay http://127.0.0.1. Sau xem thng tin
xut hin trn trnh duyt.
Trn Windows ta cng c th tm xem c tin trnh
Inetinfo.exe trong cng c Task Manager hay khong? Nu
c l Web server ang tn ti v hot ng.
Tm trong phn Service
Thi hnh netstat na v kim tra xem c chng trnh no
lng nghe trn cng 80.
Bo mt trn WEB Client
Client truy cp cc trang web bng cc cng c Browser.
Mt s Browser ph bin: Internet explorer, Netscape, Opera,
Mozilla,
Phn mm browser c th truy xut thng tin ca ngi
dng v my tnh ngi dng s dng gi cho Web server.
Vic gi thng tin ny c th do ngi dng t thc hin hoc
bng cc on m t Web Server (client khng h hay bit).
Cc browser thng lu cc cookies (thng tin dng text
c m ha cha cc thng tin ngi dng truy cp n
Server, Client s dng cookie truy xut ) do Server gi
Ngoi ra cc trang web gi mo cc web site c uy tn m
ngi dng thng s dng an cp c thng tin cc nhn m
ngi dng khai bo khi truy cp. V d trang web
http://www.bank.vn l trang web chnh, v http://www.banks.vn l
trang web m hacker to ra la ngi dng (khi ngi dng
khng nh r tn trang web hay khng ch v tn ca 2 trang
web c khc bit rt nh).
Cch gi mo khc s dng k t @, bng cch gi cc
email vi kt ni:
http://www.bank.com@%77%77%77.%61%7A.%72%75/%7
0%70%64
lin kt ny trong c v kt ni n www.bank.com nhng
th ra l ni ni n a ch IP: V th qun tr mng nn thng
An ton thng tin s

bo vi ngi dng nn cn thn khi nhn c cc email cha
lin kt Web m URL c cha k t @.
Mt cc khc l dng cc chng trnh Trojan theo di khi
ngi s dng web truy cp vo nhng a ch ngn hng,
thng mi trc tuyn hp l ri b mt ghi li qu trnh giao dch
n cp thng tin
Giao thc SSL v HTTPS
SSL c thit k bi cng ty Netscape v hin nay tr
thnh chun truyn thng an ton ca IETF.
Mc tiu ca SSL dng thit lp mt knh truyn thng
d liu an ton, b mt v ng tin cy gia Client v Server.
SSL rt thnh cng trong vic bo v thng tin trang Web.
Nghi thc SSL c s dng bo v cc trang web truyn
qua mng cn c gi l nghi thc HTTPS (hot ng trn
cng TCP 443)
SSL cho php cc nh pht trin ng p dng c ch bo
mt cho cc dch v khc nh mail, Telnet, FTP

I.1.7 Nghi thc SSL
Nghi thc SSL hot ng trn h tng kha cng khai PKI.
V th SSL i hi my ch c s dng dch v SSL cn ci t
chng ch xc nhn client c th xc nhn s hp l ca
Server.
Nghi thc SSL l mt nghi thc cp ng dng v nm
tng trn cng ca m hnh lp TCP/IP.
SSL c lp vi nghi thc ng dng m n bo v, v th
bt k nghi thc cp cao hn SSL c th c t trn nghi thc
SSL. V th cc ng dng, nghi thc khc nhau c th s dng
cc tnh nng h tr bo mt ca SSL.
SSL gm 2 phn: nghi thc bt tay SSL v nghi thc SSL
Record
An ton thng tin s

I.1.8 SSL Record
Phn mnh thng ip ti ni gi v sp xp li ti ni nhn
Kim tra v kim chng s ton vn ca thng ip
Cho php (chn la) nn hay khng nn thng ip ni
gi v gii nn thng ip ni nhn
M ha bn gi v gii m bn nhn

Hnh trn m t hot ng ca SSL:
D liu t tng ng dng a xung s c chia nh
thnh nhng khi d liu nh.
Sau khi d liu nh s c nn li gim kch
thc.
An ton thng tin s

Tip theo khi d liu nn s c m ha. ng thi khi
d liu n s c bm to ra mt gi tr MAC dnh
xc nh tnh ton vn ca thng tin.
Sau khi liu c m ha v MAC c gi xung tng
dui ng gi thnh cc gi TCP.
Khi bn nhn s lm thao tc ngc li xc nh tnh
ton vn ca thng tin v nhn c ni dung thng tin.
I.1.9 Nghi thc bt tay SSL
Mc tiu ca nghi thc bt tay:
Xc nhn s hp l ca cc thnh phn tham gia vo knh
an ton SSL.
m phn thut ton m ha v nghi thc xc nhn tnh
ton vn ca thng tin ,
Khi to v ng kha trung gian m ha knh an ton
C 2 nghi thc bt tay xc nhn chnh:
Xc nhn mt chiu: Client xc nhn s hp l ca Server
Xc nhn ln nhau: c client v Sever cn xc nhn ln
nhau
Ty theo nhu cu ca ng dng m chng ta s c cch
chn la nghi thc xc nhn ph hp.
Hnh di y s m t qui trnh ca nghi thc bt tay xc
nhn ln nhau:
An ton thng tin s

Client gi yu cu kt ni n Server
Server nhn yu cu v gi thng ip tr li cho Client.
Bn cnh Server s gi chng ch ca mnh cho Client,
ng thi yu cu client cung cp chng ch ca Client.
Khi nhn c thng tin phn hi t Server, client s kim
tra xem chng ch ca Server c hp l hay khng. Nu hp
l client s:
Trch kha cng khai ca Server ly trong chng ch Server
gi n
Gi chng ch ca mnh cho Server.
Tip theo Client s gi km cc thng tin cn thit v kha
trung gian s dng m ha, thut ton m ha, cch thc
chng nhn thng tin (cc thng tin ny s c m ha
bng kha cng khai ca Server)
Server nhn c thng ip Client gi, Server s kim tra
chng ch ca client c hp l hay khng. Nu hp l
Server s :
Trch kha cng khai ca Client trong chng ch
S dng kha b mt ca mnh gii m thng tin Client
gi bit c kha trung gian truyn thng v cc thng
tin khc v thut ton m ha, cch thc chng nhn thng
tin m Client yu cu
An ton thng tin s

Nu Server ng s gi tr v thng ip trn v m ha
bng kha cng khai ly t trong chng ch ca Client.
Sau tt c cc thng tin trao i gia Client v Server
c m ha v bo m tnh bo mt v ton vn thng
tin.
I.1.10 Ci t v cu hnh SSL trn S 6.0
Bc 1: Ci t v cu hnh CA Server trn mt h thng
my tnh, ng k Web Browser Certificate. (xem chng 4)
Bc 2: Thit lp Certifiate trn website.
Kch hot Web Server:
Start Programs Administrative Tools Internet
Information Services Manager. Nhp phi chut ti mc Default
Web Site chn Properties.

Ti hp thoi Properties, chn mc Tab Directory Security
Server Certificate.
An ton thng tin s

Chn Next tip tc.

Ti ca s Server Certificate, chn mc Create a new
certificate.
An ton thng tin s

Ti ca s Delayed or Immediate Request, chn mc
Prepare the request now, but send it later.

Ti ca s Name and Security Settings, nhp vo tn cho
chng ch mi, chn chiu di bit dng m ha ca chng ch.
Nhp Next tip tc.
An ton thng tin s

Ti ca s Organization Information, nhp vo tn t chc
v n v ca t chc, nhp Next tip tc.

Ti ca s Your Sites Common Name, nhp vo tn
Website cn thit lp SSL, nu server c tn ti trn Internet,
chng ta s nhp vo mt tn DNS hp l.
An ton thng tin s

Ti ca s Geographical Information, nhp vo nhng
thng tin v quc gia, thnh ph,

Ti ca s Certificate Request File Name, nhp vo v tr v
tn tp tin c s dng lu tr nhng thng tin v vic yu
cu chng ch. Tp tin ny s c chuyn ln cho CA Server
v Import vo thc hin vic cp chng ch dng offline. Nhp
Next tip tc.
An ton thng tin s

Ca s Request File Summary tm tt li nhng thao tc
thc hin. Chng ta c th quay tr li sa i hoc nhp
Next thc hin vic ng k.

Chn Finish kt thc qu trnh ng k.
Bc 3: Import Website Certificate vo CA Server
Start Programs Adminitrative Tools Certificate
Authority. Nhp phi chut trn Certificate Server All Tasks
Submit new request.

An ton thng tin s

Chn tp tin c to ra ti bc 2 Open.

Khi chng ch c Import vo, chng ch s c lu ti
mc Pending. kch hot chng ch, chng ta nhp phi chut
trn chng ch All Task Issue.

Bc 4: Export chng ch cp pht t CA Server v ci
t chng ch ti Website cn thit lp SSL.
Export chng ch:
Chn CA Server Issued Certificates. Nhp phi chut ti
chng ch c cp All Tasks Export Binary Data.
An ton thng tin s

Lu chng ch theo dng Binary.

Chn ng dn lu tp tin c Export chn Save.

Khi chng ch c Export, Import chng ch vo
Website cn thit lp SSL, chng ta thc hin cc bc sau:
Information Services. Nhp phi chut ti Website cn thit lp
SSL Properties Chn tab Directory Security Server
Certificate.
An ton thng tin s

Nhp Next tip tc.

Ti ca s Pending Certificate Request, chn mc Process
the pending request and install the certificate.
An ton thng tin s

Ti ca s Process a Pending Request, chn tp tin
c Export t CA Server. Nhp Next tip tc.

Chn cng dch v SSL, mc nh l 443. Nhp Next tip
tc.
An ton thng tin s

Ca s Certificate Summary tm tt li nhng thao tc
thc hin. Nhp Next tip tc hon tt qu trnh ci t chng
ch.

Chn Finish kt thc qu trnh ng k chng ch.
Bc 5: Thit lp SSL v kim tra.
Information Services. Nhp phi chut trn Website cn thit lp
SSL Properties Chn Tab Directory Security Edit.
An ton thng tin s

Ti hp thoi Secure Communication, chn mc Require
secure channel (SSL).
Kim tra:
Truy cp website theo a ch qui nh
(https://172.29.14.153). Hp thoi Security Alert s cnh bo mi
thng tin khi trao i gia Web Client v Web Server s khng b
nhn thy. Chn OK tip tc.

Hp thoi Security Alert tip tc cnh bo v chng ch
c ng k cn hp l v cn thi gian s dng. Nhp Yes
tip tc.
An ton thng tin s

Trang web c hin th trn Browser thng qua vic truyn
thng SSL.

Cc l hng bo mt lin quan n WEB v cch phng chng
I.1.11 JavaScript
Ngn ng c pht trin bi Netscape cho php thi
hnh cc on m thi hnh c nhng trong trang web.
Cc chng trnh c th thi hnh cc chc nng ngoi kh
nng kim sot ca ngi dng
Theo di duyt trang web
c mt khu v cc tp tin h thng
c cc tham s ca browser
I.1.12 ActiveX
Cng ngh c Microsoft pht trin thay th cng ngh
OLE (Object Linking and Embedding) v COM (Component
Object Model).
An ton thng tin s

Cung cp kh nng lin kt cc ng dng trn my tnh vi
ni dung ca trang web
Cho php thi hnh cc on m Visual Basic c tch hp
trong trang web thi hnh trn my cc b
ActiveX khng thi hnh trong mt khng gian gii hn
(Sandbox) nh Java applet, v vy ActiveX a ra nhiu nguy c
cho ng dng.
Gim bt nguy c nh hng ca ActiveX
I.1.13 CGI
M t cc lut cho php Web Server giao tip vi cc phn
mm khc trn my ch v ngc li
Thng c dng cho php Web Server truy xut v
trnh by thng tin trong CSDL ln trang web hay cho php
ngi dng nhp thng tin t trang web v lu vo CSDL.
I.1.14 Cookies
c thit k m rng kh nng truy cp web ca
Browser- cung cp trng thi cho web
Thng ip m Web Servers cung cp cho Web Browsers:
Browser lu tr thng ip trong mt tp tin dng Text
Thng ip ny c gi li cho Server mi ln browser yu
cu 1 trang t server
Web server xc nh mt phin lm vic ca ngi dng
Cc im yu ca cookie:
Cookies c th d dng b li dng cung cp cc thng
tin v ngi dng m khng c s ng .
Attacker convinces user to follow malicious hyperlink to
targeted server to obtain the cookie through error handling
process on the server
User must be logged on during time of attack
Cookies c th c dng tm hiu cc thi quen duyt
web, ly i thng tin ti khon
An ton thng tin s

Chng 4
CC K H KHA HC
L HNG MNG KHNG Y
I. BO M RN H HNG MNG KHNG Y
Gii thiu
Mng khng dy da trn mi trng sng truyn d liu nn
cc tin tc rt d nghe ln v tn cng, do vn bo mt trong mng
khng dy l quan trng. u tin mng khng dy ni b theo chun
IEEE 802.11 bo mt dng thng s cu hnh SSID (Service Set ID).
SSID c th hiu l tn ca mng khng dy, k thut ny hot ng
theo hai ch . Ch khng bo mt th theo chu k thi gian Access
Point gi broadcast SSID ca mnh n cc my trm khng dy, my
trm nhn cc tn hiu ny t quyt nh chn Access Point kt ni
thng qua SSID. Ch th hai l ch bo mt th Access Point
khng gi thng tin SSID ca mnh, m my trm mun kt ni vo
mng phi c cng gi tr SSID vi Access Point.

Hnh 3.23: Qu trnh trao i SSID
Cc chun bo mt trn h thng mng khng dy
I.1.1 WEP
Chun IEEE 802.11b nh ngha mt protocol bo mt WEP (Wired
Equivalent Privacy) cho mng khng dy ni b. WEP c thit k cng
tng bo mt vi mng c dy, protocol ny bo mt bng cch m ha
An ton thng tin s

d liu khi truyn t im ny n im khc. WEP lm vic ti hai tng
thp nht trong m hnh tham chiu OSI, s ng gi ca WEP bao gm
nhng ni dung chnh sau:
- Thut ton m ha: RC4.
- Kha m ha trn mi packet: 24bit IV (Initialization Vector) ni
vo kha chia s.
- WEP cho php IV (Initialization Vector) c dng li trn bt k
Frame no.
- Tnh nguyn vn d liu c cung cp bi CRC-32.
I.1.2 WPA
Khi trin khai mt h thng mng Wireless, ngi ta a ra
nhiu gii php gip bo mt trn h thng mng. Vi k thut bo mt
s dng WEP vi nhiu tnh nng khng m bo an ton (d dng b
mt key), do Wifi Alliance a ra mt phng thc khc nhm
tng tnh nng bo mt trn mng khng dy, l WPA (Wifi Protected
Access). WPA a ra mt phng thc m ha mnh m hn gi l
TKIP (Temporal Key Integrity Protocol). WPA cng cho php ty chn s
dng AES (Advanced Encryption Standard) m ha. WPA c hai ch
khc nhau:
- WPA-Enterprise: S dng c ch chng thc 802.1X c thit
k cho h thng mng Infrastructure va v ln.
- WPA-Personal: S dng Preshared Key (PSK) chng thc v
s dng cho h thng mng Infrastructure nh (SOHO Small
Office/Home Office)

An ton thng tin s

Chng 5
CC K H S NG
TROJAN, WORM
I. K thut s dng roan
I.1 Khi nim roan
Trojan Horse: y l loi chng trnh cng c tc hi tng t nh
virus ch khc l n khng t nhn bn ra. Nh th, cch lan truyn duy
nht l thng qua cc th dy chuyn tr loi ny ngi ch my ch
vic tm ra tp tin Trojan horse ri xa n i l xong. Tuy nhin, khng c
ngha l khng th c hai con Trojan horse trn cng mt h thng.
Chnh nhng k to ra cc phn mm ny s s dng k nng lp trnh
ca mnh sao lu tht nhiu con trc khi pht tn ln mng. y
cng l loi virus cc k nguy him. N c th hy cng, hy d liu.
I.2 M hnh trin khai
M hnh sau:

To Trojan
iu khin Trojan:
Truy xut file hay th mc trn my Victim
Tt Firewall
An ton thng tin s

Qun l cc ng dng, dch v, trn my Victim
Xem mn hnh my Victim
Hng dn thc hin:
To Trojan:
Thc thi Beast Trojan

Chn Build Server
An ton thng tin s

Trong phn Server Setting, thit lp cc thng s trong cc
phn Basic, Notification, AV-FW Kill, v chn Save
Server:

An ton thng tin s

Nhng Trojan va to vo file:
Ti giao din Beast, ta chn Binder

Trong phn binder, Add Trojan v chng trnh (cn nhng
Firefox) vo, sau chn Binder Files

An ton thng tin s

Phn phi Trojan: Chia s cc chng trnh nhng Trojan, ci
chng trnh Firefox lm trn vo my Victim

iu khin Trojan:
S dng Beast, kt ni n Trojan trn my Victim

Truy xut file (hoc th mc trn my Victim)
o Ti phn giao din Beast, chn Managers Files
An ton thng tin s

Qun l cc ng dng, dch v trn my Victim
o Ti phn giao din Beast, chn Managers Apps
(qun l ng dng)

An ton thng tin s

o Ti phn giao din Beast, chn Managers Services
(qun l dch v)

o Ti phn giao din Beast, chn Managers
Processes (qun l tin trnh)
An ton thng tin s

Xem mn hnh my Victim
o Ti phn giao din Beast, chn Managers Screen
An ton thng tin s

II. Cc k thut dng orm:
II.1 Khi nim Worm
Su my tnh (worm) l mt chng trnh my tnh c kh nng
t nhn bn ging nh virus my tnh.
Trong khi virus my tnh bm vo v tr thnh mt phn ca m
my tnh c th thi hnh th su my tnh l mt chng trnh c
lp khng nht thit phi l mt phn ca mt chng trnh my tnh
khc c th ly nhim. Su my tnh thng c thit k
khai thc kh nng truyn thng tin c trn nhng my tnh c cc
c im chung - cng h iu hnh hoc cng chy mt phn mm
mng - v c ni mng vi nhau.

II.2 C ch Worm ly lan v pht tn
Tt c cc virus khng th pht tn tr khi bn m hoc chy 1
chng trnh ang b nhim virus.
An ton thng tin s

Nhiu virus nguy him nht ch yu pht tn qua cc tp tin nh
km vi th in t cc tp tin gi km vi cc tp tin in t.

An ton thng tin s

CHNG 6
CC PHNG PHP
PHNG CHNG
I. G H
CC NGUY C
Theo thng k ca cc hang bo mt mng ln trn th gii th tc
hi , hu qu do Virus my tnh gy ra i vi h thng mng l rt ln.
Mt s nguy c in hnh:
Lm gim hiu sut lm vic do virus gy ra lm tc nghn bng
thng mng (Gi email lin tc lm tc nghn mng, gi cc gi tin
broadcast,, chim dng ti nguyn (CPU, RAM,) ca my tnh, lm
gim tc my, thm ch c th lm dng hot ng ca c mt h
thng mng hoc cc my ch, my trm quan trng. Nguy c ny c
nh gi l gy ra mc thit hi ln nht.
Thay i, xa ni dung d liu. Mc thit hi ca nguy c ny
ph thuc vo tm quan trng ca d liu b sa, xa.
nh cp d liu, account. Virus my tnh c kh nng ly cp, ghi
lai mt khu, username quan trng, d liu quan trng ri gi n a ch
ca hacker.
To cc back-door. Vic virus my tnh t ng m cc cng trn
h thng khng cn xa l, n c th m cng nhm thc hin cc hnh
vi tri php, gy nguy him cho h thng hoc s dng lm cng c
tn cng lm hng h thng khc.
LA CHN GII PHP
Mt doanh nghip ln vi nhiu my tnh kt ni internet lun cn
mt gii php phng chng virus mt cch hiu qu nht. i vi cc
mng doanh nhip ny, vic xy dng mt h thng antivirus duy nht
cho c mt h thng my tnh, gip ngi qun tr n gin hn trong
vic qun tr h thng, tit kim bng thng, nng cao bo mt cho h
thng.
Thng thng, mt doanh nghip c kt ni internet, virus c th
thng qua mt s con ng chnh sau ly nhim v tn cng vo h
thng: thng qua vic truy cp internet; Email; vic truyn thng trong
An ton thng tin s

mng; cc ng dng trn my ch, my trm; cc thit b lu tr: CD,
USB, HDD,
bo v phng chng virus c hiu qu cho h thng mng trong
ton b doanh nghip, cn phng chng virus trn tt c cc con ng
m virus c th ly nhim, tn cng vo h thng. C th cn phng
chng virus cho: ng kt ni internet, Mail Server, lung mail POP3 ti
cc my trm, cc my ch,
Phng chng virus cho ng kt ni internet: phng chng
virus cho ng kt ni internet, c th cn lm sch virus cho cc lung
HTTP, FTP, SMTP, khi kt ni vi mi trng internet, ta c th s
dng cc sn phm web security v mail security. V d: phng
chng virus trn lung HTTP v FTP c th s dng sn phm Symantec
Web Security. chng virus v lc spam mail trn lung SMTP c th
s dng sn phm Symantec Mail Security for SMTP.
i cc lung POP3 ti cc my trm: phng chng virus cho
lung mail POP3 th cn phi s dng kt hp vi gii php phng
chng virus trn cc my trm.
Phng chng virus cho my ch: phng chng virus cho cc my
ch th trn my ch s dng cc chng trnh antivirus cho my ch.
Hu ht cc sn phm antivirus u c nhng c im sau:
Qun tr theo m hnh tp trung: iu ny cho php ngi qun
tr t mt im c th qun l tt c cc my c ci t
chng trnh antivirus.
Qun tr t xa theo m hnh a lp: Hu ht cc sn phm loi
ny u cho php qun tr t xa thng qua kin trc a lp gm
cc thnh phn:
+ Primary Server: c ci trn mt Server vi mc ch
qun l tp trung cc Secondary Server. Cc chnh sch v
qun l v cp nht definition ca virus s c thit lp
trn my Primary Server v sau c phn tn xung
cc my trm thng qua cc Secondary Server.
+ Secondary Server: c ci t trn cc server c qun
l bi Primary Server. y l thnh phn qun l trc tip
cc my cn bo v.
+ Protected Machine: y l thnh phn c bo v trong
h thng (my tnh ca ngi dng, cc server)
+ Management Console: y l cng c qun tr , ngi qun
tr c th kt ni vo Primary Server cu hnh v qun l
cc my trong h thng. Cc chc nng qun l t xa c
th c: Update cc definition, scan engine, scan virus, thit
An ton thng tin s

lp cu hnh scan virus cho cc my trong h thng, thit
lp cnh bo, ghi nht k v bo co,
Phng chng virus cho cc my trm: phng chng virus cho cc
my trm trong h thng mng doanh nghip cn s dng gii php
antivirus cho cc my trm trn mi trng mng LAN c thit k theo
m hnh client/server. Cc sn phm loi ny c nhng c im sau:
Hot ng theo m hinh Client-Server
H tr nhiu phng php trin khai chng trnh antivirus cho
cc my trm
T ng cp nht virus definition, scan engine. Cc bn cp nht
c ti v my ch, sau cc my trm truy cp vo
update, iu ny gip tit kim bng thng internet
Ngi qun tr c th iu khin t xa qut virus, cp nht virus
definition cho cc my trm
t lch qut, cp nht t ng
II. V - RN KHA AVRA SMALLBSSNESS SE
M HNH TRIN KHAI

YU CU SERVER
H iu hnh: Windows 2000 Server, Windows Server 2003,
Windows Server 2008, Windows Small Business Server, Windows Server
2003 x64 edition
YU CU CLIENT
An ton thng tin s

H iu hnh: Windows XP Professional, Windows XP Professional
x64 edition, Windows Vista 32 Bit, Windows Vista 64 Bit, Windows 7
CC BC THC HIN
II.1.1 Ci t Avira SmallBussiness Suite:
Kch hot file ci t Avira SmallBussiness Suite, sau chn
Continue
Ti mn hnh Welcome to the InstallShield Wizard for Avira
SmallBussiness Suite, chn Next
Ti mn hnh License Agreement, check vo ty chn I accept
the terms of the license agreement, sau chn Next
Ti mn hnh Select License Key, chn Browse ch n Key
tng ng, sau chn Next

Ti mn hnh Choose Destination Location, chn Next

Ti mn hnh Select Features, chn Next
An ton thng tin s

Ti mn hnh Administrative UserAccount, nhp vo Username
v password qun tr

Ti mn hnh Ready to Install, chn Install

Ti mn hnh InstallShield Wizard Complete, chn Finish
II.1.2 Qun tr Avira SmallBusiness Suite:
Vo Start Programs Avira Avira Security Management
Center Avira Security Management Center Frontend
An ton thng tin s

To mi mt nhm: Chn Security Environment Click phi
chut New Group

Hp thoi Create new group xut hin, nhp vo tn group cn
khi to, sau chn OK
An ton thng tin s

Thm mt Computer vo nhm: Click phi chut ln nhm cn
thm computer, chn New Computer

Hp thoi Add new computer xut hin, nhp vo Display name
v Hostname/IP, sau chn OK
An ton thng tin s

Ci t Avira AntiVir Professional 10 cho computer: Click chut
phi vo computer cn ci t Avira AntiVir Professional 10,
chn Installation Avira AntiVir Professional 10 (Windows), EN
Install

Hp thoi Administrator Account xut hin, nhp vo thng tin
chng thc vi computer ny
An ton thng tin s

Ti hp thoi Install, chn cc components ci t, sau
chn OK

Khi Avira AntiVir Professional 10 ci xong:
An ton thng tin s

- Trn Avira Security Management Center Frontend:

- Trn my WS-001

Thc hin cc thao tc Start scan, Stop scan, Start update,
install/uninstall modules, enable/disable modules

An ton thng tin s

CHNG 7
CCH HC XY NG
H HNG SPS
I. H thng pht hin xm nhp IDS
c im chc nng v hot ng :
L h thng theo di v pht hin t nhp.
Bng cch theo di cc hot ng din ra trn mng hay
trn mt my tnh v so snh vi nhng thng tin bit,
IDS c th pht hin cc hnh ng thm nhp hay tn
cng, khi s pht tn hiu bo ng v ghi log lm ti
liu cho vic khc phc sau ny.
Vic cp nht cc du hiu tn cng l cng vic kh nht
trong k thut IDS. Du hiu tn cng c th xy dng t
cc c im nh IP option, mt mu (pattern) ca d liu
di chuyn trn mng hay tn s lp i lp li mt c im
ca phng php tn cng no ...
C hai loi IDS c th dng trong vic tng cng tnh bo
mt. System IDS ci t hot ng trn cc server v
network IDS (NIDS) hot ng pht hin t nhp trn
mng. System IDS thng hiu qu hn NIDS tuy nhin
NIDS s hiu qu trong cc trng hp nh tn cng vo
nhiu server cng mt lc hay cc t qut port ca attacker
m system IDS khng th pht hin.
IDS khng ch l bin php phng th th ng. Mt s h
thng IDS c kh nng ng ph nh kt hp vi firewall
chn IP no . IDS c th cu hnh b sung cc du
hiu tn cng. Mt vi NIDS c th cu hnh ch
learning mode, khi NIDS s ngh hoc t ng iu
chnh cc cu hnh cho ph hp vi mng qua qu trnh
theo di v tng hp lu thng.
An ton thng tin s

System IDS c ci t trn cc server (trn mt my tnh nht
nh) trong khi NIDS ci t sao cho c th theo di ton b mng.
im yu bo mt :
im yu ca NIDS l c th b qu ti. Khi lu lng truyn
thng trn mng ln, NIDS khng th no kim tra tng
packet mt. Khi kh nng b st packet s xy ra v
l iu m attacker mong mun.
Cc im cn khi trin khai NIDS :
m bo NIDS ph hp vi kch thc mng. Nu NIDS
khng p ng ni chng ta nn thay NIDS mi hoc chia
nh mng c th theo di vi nhiu NIDS.
Khi cu hnh NIDS t xa tt nht nn thc hin t mt my
tnh nm khc subnet.
Thc hin ghi log ln mt my tnh khc nm khc subnet
vi NIDS tng tnh bo mt.
II. H thng ngn nga xm nhp PS
Hai kiu IPS c bit trn th trng hin nay l da vo my
ch v ni tuyn (da vo mng). Cc h thng da vo my ch l
cc phn mm ngn nga xm nhp c vit mc trc tip vo
trong cc ng dng hay ci t trc tip trn cc my ch ng dng. Bi
vit ny ch tp trung vo bo mt ni tuyn. Bo mt ni tuyn tng
t nh trong kin trc tng la di tr kp hay mt cng chng vi rt
c t ngc chiu t cc ng dng c bo v v p dng cc
An ton thng tin s

dch v ngn nga xm nhp cho nhiu ng dng xui chiu ca cc
IPS.
Theo ng ngha ca khi nim ny, ta c th nh ngha nh
sauMt H thng Ngn nga Xm nhp ni tuyn (inline) l bt k mt
thit b phn cng hay phn mm no c kh nng pht hin v ngn
nga cc cuc tn cng quen bit. Thm ch n gin hn, Ngn
nga Xm nhp ch cp n vic pht hin v sau ngn chn
nhng cuc tn cng chuyn bit ng dng bit. Thut ng H thng
Ngn nga Xm nhp (Intrusion Prevention System) bn thn c s
dng hp nht c hai khi nim H thng Pht hin (detection
system) v H thng Ngn nga (prevention system) di mt cu
trc.
Pht hin v ngn nga
Nhn b ngoi, cc gii php pht hin xm nhp v ngn nga xm
nhp xut hin theo kiu cnh tranh nhau. Rt cuc, chng chia s mt
danh sch cc chc nng ging nhau nh kim tra gi tin, phn tch c
trng thi, rp li cc on, rp li cc TCP-segment, kim tra gi tin su,
xc nhn tnh hp l giao thc v thch ng ch k. Mt IPS hot ng
ging nh mt ngi bo v gc cng cho mt khu dn c, cho php v
t chi truy nhp da trn c s cc u nhim v tp quy tc ni quy no
. Mt IDS (h thng pht hin xm nhp) lm vic ging nh mt xe
tun tra bn trong khu dn c, gim st cc hot ng v tm ra nhng
tnh hung bt bnh thng. D mc an ninh ti cng vo khu dn c
mnh n mc no, xe tun tra vn tip tc hot ng trong mt h
thng gim st v s cn bng ca chnh n.
Pht hin xm nhp
Mc ch ca pht hin xm nhp l cung cp s gim st, kim
tra, tnh php l v bo co v cc hot ng ca mng. N hot ng
trn cc gi tin c cho php thng qua mt thit b kim sot truy
nhp. Do nhng hn ch v tin cy v nhng e do bn trong, Ngn
nga Xm nhp phi cho php mt s vng xm (gray area) tn cng
trnh cc trng hp bo ng gi. Mt khc, nhng gii php IDS
c nhi tr thng minh c s dng nhiu k thut khc nhau nhn
bit nhng cuc xm nhp, nhng khai thc, lm dng bt chnh v cc
cuc tn cng tim tng. Mt IDS c th thc hin cc hot ng m
khng lm nh hng n cc kin trc tnh ton v kt ni mng.

An ton thng tin s

Bn cht b ng ca IDS nm ch cung cp sc mnh ch o
phn tch thng minh cc lu lng gi tin. Nhng v tr IDS ny c th
nhn ra :
Cc cuc tn cng quen bit theo ng ch k (signature)
v cc quy tc.
Nhng bin thin trong lu lng v phng hng s
dng nhng quy tc v phn tch thng k phc tp.
Nhng bin i mu lu lng truyn thng c s dng
phn tch lung.
Pht hin hot ng bt bnh thng c s dng phn tch
lch ng c s (baseline deviation analysis).
Pht hin hot ng ng nghi nh phn tch lung, cc k
thut thng k v pht hin s bt bnh thng.
Ngn nga xm nhp
Nh c cp trc y, cc gii php Ngn nga Xm nhp
nhm mc ch bo v ti nguyn, d liu v mng. Chng s lm gim
bt nhng mi e do tn cng bng vic loi b nhng lu lng mng
c hi hay c c trong khi vn cho php cc hot ng hp php tip
tc. Mc ch y l mt h thng hon ho khng c nhng bo
ng gi no lm gim nng sut ngi dng cui v khng c nhng t
chi sai no to ra ri ro qu mc bn trong mi trng. C l mt vai tr
ct yu hn s l cn thit tin tng, thc hin theo cch mong
mun di bt k iu kin no. iu ny c ngha cc gii php Ngn
nga Xm nhp c t vo ng v tr phc v vi:
Nhng ng dng khng mong mun v nhng cuc tn
cng Trojan horse nhm vo cc mng v cc ng dng
c nhn, qua vic s dng cc nguyn tc xc nh v cc
danh sch iu khin truy nhp (access control lists).
Cc gi tin tn cng ging nh nhng gi tin t LAND v
WinNuke qua vic s dng cc b lc gi tc cao.
S lm dng giao thc v nhng hnh ng lng trnh
nhng thao tc giao thc mng ging nh Fragroute v
nhng kho st ln TCP (TCP overlap exploits) thng qua
s rp li thng minh.
Cc tn cng t chi dch v (DOS/DDOS) nh lt cc gi
tin SYN v ICMP bi vic s dng cc thut ton lc da
trn c s ngng.
An ton thng tin s

S lm dng cc ng dng v nhng thao tc giao thc
cc cuc tn cng bit v cha bit chng li HTTP,
FTP, DNS, SMTP .v.v. qua vic s dng nhng quy tc
giao thc ng dng v ch k.
Nhng cuc tn cng qu ti hay lm dng ng dng bng
vic s dng cc hu hn tiu th ti nguyn da trn c
s ngng.
Tt c cc cuc tn cng v trng thi d b tn cng cho
php chng tnh c xy ra u c chng minh bng ti
liu. Ngoi ra, nhng khc thng trong cc giao thc
truyn thng t mng qua lp ng dng khng c ch cho
bt c loi lu lng hp php no, lm cho cc li tr
thnh t chn lc trong ng cnh xc nh.
Tnh trng ca cng ngh IPS
Trng thi ca cng ngh IPS l cha chn mui nu bn xem xt
gc sn phm ca tng nh cung cp n l vi tt c cc tnh nng
pht hin, gim st, ngn nga, cp nht v bo co trn mi s truyn
ti cho truy nhp vo trong v ra ngoi qua mt im nghn (choke-point)
mng c bit. Gn y, cc doanh nghip tiu tn hng triu la
vo cc sn phm gip h bo v an ton mng ca h. Cc sn
phm IPS mi ni ca ngy nay c tp trung ch yu dnh ring cho
Port 80 v nh vy chng hin khng thay th cc h thng hin ti.
Thay vo chng lm tng thm gi tr ca nhng h thng ny.
Mt gii php IPS a giao thc bao hm tt c s phi c pht trin v
chng t trc khi nhng h thng nh vy c coi nh nhng thay
th thc t cho cc h thng trin khai.
Cc mc tiu di hn
Trong tng lai, mt gii php cng an ninh ni tuyn (inline) phi
t c cc mc tiu ny :
Kh nng pht hin v ngn chn tn cng da trn c s
s dng lgic v vt l ca nhiu cng ngh p buc. Rng
hn, iu ny cn bao gm c kh nng ngn nga c hai
dng tn cng bit v cha bit c s dng cc bin
php phng th ng dng (Application Defenses).
Kh nng cng nhau hot ng vi c s h tng an ninh
c trin khai cho nhng mc ch h tr tp hp d liu,
An ton thng tin s

bng chng in t, gim st theo di v phc tng iu
chnh khi cn.
Kh nng khng ph v nhng hot ng kinh doanh do
thiu tnh sn sng, hiu nng km, nhng khng nh sai
hay khng c kh nng hot ng cng nhau vi cc c s
h tng chng thc quy nh.
Kh nng h tr cc chuyn gia an ninh CNTT trong vic
chuyn giao k hoch qun l ri ro ca t chc ca h bao
gm chi ph cho thc hin, hot ng v nhng kt qu lm
vic t cc cnh bo v bo co t h thng.
Nhng thch thc t c mc ch
Hin thi khng c cc nghin cu ca i tc th ba c th chp
nhn c tnh hiu qu ca IPS nh l mt gii php. S qung co
thi phng xung quanh Ngn nga Xm nhp ang lm ln ln gia
nhng g cng ngh ny c th cung cp v nhng g n ha hn.
Cch tip cn nhiu lp cho an ninh CNTT tip tc c gi tr trong
khi cng nghip pht trin. N khng c v l s di tr ra xa khi phng
th chiu su phn lp ng nh n c t chc.
Nhiu gii php IPS s i hi nhng yu cu ging IDS iu
chnh, gim st v bo co.
An ton thng tin s

Mc Lc
CHNG 1 .............................................................................................. 1
G TH TNG QUAN AN NINH MNG .......................................... 1
I. IU KHIN TRUY CP .................................................................................... 1
MAC (MANDATORY ACCESS CONTROL) ..................................................................... 1
DAC (DISCRETIONARY ACCESS CONTROL) .................................................................. 2
RBAC (ROLE-BASED ACCESS CONTROL) ...................................................................... 2
II. XC THC ...................................................................................................... 2
USERNAME/PASSWORD .......................................................................................... 2
KERBEROS ............................................................................................................ 3
CHAP ................................................................................................................. 4
CHNG CH (CERTIFICATES) ..................................................................................... 5
MUTUAL AUTHENTICATION ...................................................................................... 6
BIOSMETRICS ........................................................................................................ 6
MULTI-FACTOR ...................................................................................................... 8
III. KIM TON (AUDITING) .................................................................................. 9
AUDITING SYSTEM .................................................................................................. 9
CHNG 2 ............................................................................................ 11
CC HNH THC ................................................................................... 11
TN CNG MNG PH BIN .............................................................. 11
I. MINH HA KHI QUT MT KCH BN TN CNG .................................................... 11
II. TN CNG CH NG....................................................................................... 12
DOS .................................................................................................................. 12
DDOS ............................................................................................................... 13
BUFFER OVERFLOWS ............................................................................................ 14
SYN ATTACKS ..................................................................................................... 14
SPOOFING .......................................................................................................... 16
MAN IN THE MIDDLE ATTACKS ............................................................................... 17
RELAY ATTACKS ................................................................................................... 18
DUMPSTER DIVING ............................................................................................... 18
SOCIAL ENGINEERING ........................................................................................... 18
III. TN CNG TH NG ...................................................................................... 18
An ton thng tin s

D TM L HNG(VULNERABILITY SCANNING) ........................................................... 18
GII THIU MT S CNG C D TM L HNG: ........................................................ 19
NGHE LN(SNIFFING) ............................................................................................ 21
PASSWORD ATTACKS ............................................................................................ 25
MALICIOUS CODE ATTACK ...................................................................................... 25
CHNG 3 ............................................................................................ 27
THT HA THC WEBSITE ....................................................... 27
I. BO MT WEB.............................................................................................. 27
BO MT TRN WEB SERVER................................................................................. 27
BO MT TRN WEB CLIENT ................................................................................. 29
GIAO THC SSL V HTTPS ................................................................................... 30
CC L HNG BO MT LIN QUAN N WEB V CCH PHNG CHNG ......................... 46
CHNG 4 ............................................................................................ 48
CC THT HA THC L HNG MNG KHNG DY ........... 48
I. BO MT TRN H THNG MNG KHNG DY ........................................... 48
GII THIU ......................................................................................................... 48
CC CHUN BO MT TRN H THNG MNG KHNG DY ........................................... 48
CHNG 5 ............................................................................................ 50
CC THT S DNG TOAN OM ..................................... 50
I. K TUT N TROJAN: .............................................................................. 50
I.1 KI NI TROJAN: ................................................................................ 50
I.2 M N TIN AI ............................................................................... 50
II. CC K THUT XY DNG WORM: ............................................................. 58
II.1 KI NI WORM: ................................................................................. 58
II.2 C W L LAN T TN: ....................................................... 58
CHNG 6 ............................................................................................ 60
CC PHNG PHP ............................................................................ 60
PHNG CHNG .................................................................................... 60
I. GII THIU ................................................................................................... 60
CC NGUY .................................................................................................. 60
An ton thng tin s

LA CHN GII PHP ...................................................................................... 60
II. V D - TRIN KHAI AVIRA SMALLBUSSINESS SUITE .................................... 62
M HNH TRIN KHAI ...................................................................................... 62
YU CU SERVER ............................................................................................. 62
YU CU CLIENT .............................................................................................. 62
CC BC THC HIN .................................................................................... 63
II.1.1 CI T AVIRA SMALLBUSSINESS SUITE: .................................... 63
II.1.2 QUN TR AVIRA SMALLBUSINESS SUITE: .................................... 64
CHNG 7 ............................................................................................ 70
CCH THC DNG ...................................................................... 70
H THNG DS/PS ............................................................................... 70
I. H THNG PHT HIN XM NHP IDS ................................................................ 70
II. H TN NN NA N IPS................................................................ 71
PHT HIN NN NA .................................................................................... 72
PHT HIN XM NHP ........................................................................................... 72
NN NA XM NHP ........................................................................................ 73
TNH TRNG CA CNG NGH IPS ........................................................................... 74
CC MC TIU DI HN ......................................................................................... 74
NHNG THCH TH T C M .......................................................... 75
MC LC ............................................................................................... 76

Tai Lieu-An Toan Thong Tin So

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tai Lieu-An Toan Thong Tin So

Uploaded by

Copyright:

Available Formats

An ton thng tin s

Trung Tm Tin Hc - HKHTN Trang 1

You might also like